Ubuntu

“qt4-x11” 4:4.7.4-0ubuntu8.3 source package in The Oneiric Ocelot

Publishing history

4:4.7.4-0ubuntu8.3
PUBLISHED: Oneiric pocket Updates in component main and section libs
  • Published on 2013-02-14
  • Copied from ubuntu oneiric in Private PPA for Ubuntu Security Team by Ubuntu Archive Robot
4:4.7.4-0ubuntu8.3
PUBLISHED: Oneiric pocket Security in component main and section libs
  • Published on 2013-02-14
  • Copied from ubuntu oneiric in Private PPA for Ubuntu Security Team by Marc Deslauriers

Builds

Changelog

qt4-x11 (4:4.7.4-0ubuntu8.3) oneiric-security; urgency=low

  * SECURITY UPDATE: information disclosure via MITM redirect
    - debian/patches/CVE-2012-5624.patch: don't redirect to file URLs in
      src/declarative/qml/qdeclarativexmlhttprequest.cpp.
    - CVE-2012-5624
  * SECURITY UPDATE: incorrect errors with certificate verification
    - debian/patches/CVE-2012-6093.patch: use openssl access functions to
      properly handle layout changes in
      src/network/ssl/qsslsocket_openssl.cpp,
      src/network/ssl/qsslsocket_openssl_symbols.cpp,
      src/network/ssl/qsslsocket_openssl_symbols_p.h.
    - CVE-2012-6093
  * SECURITY UPDATE: shared memory segments incorrect permissions
    - debian/patches/CVE-2013-0254.patch: set appropriate permissions in
      src/corelib/kernel/qsharedmemory_unix.cpp,
      src/corelib/kernel/qsystemsemaphore_unix.cpp,
      src/gui/image/qnativeimage.cpp,
      src/gui/image/qpixmap_x11.cpp,
      tools/qvfb/qvfbshmem.cpp.
    - CVE-2013-0254
 -- Marc Deslauriers <email address hidden>   Wed, 06 Feb 2013 08:24:39 -0500