Ubuntu

“qt4-x11” 4:4.8.3+dfsg-0ubuntu3.1 source package in The Quantal Quetzal

Publishing history

4:4.8.3+dfsg-0ubuntu3.1
SUPERSEDED: Quantal pocket Updates in component main and section libs
  • Removed from disk on 2013-12-18.
  • Removal requested on 2013-12-18.
  • Superseded on 2013-12-17 by qt4-x11 - 4:4.8.3+dfsg-0ubuntu3.2
  • Published on 2013-02-14
  • Copied from ubuntu quantal in Private PPA for Ubuntu Security Team by Ubuntu Archive Robot
4:4.8.3+dfsg-0ubuntu3.1
SUPERSEDED: Quantal pocket Security in component main and section libs
  • Removed from disk on 2013-12-18.
  • Removal requested on 2013-12-18.
  • Superseded on 2013-12-17 by qt4-x11 - 4:4.8.3+dfsg-0ubuntu3.2
  • Published on 2013-02-14
  • Copied from ubuntu quantal in Private PPA for Ubuntu Security Team by Marc Deslauriers

Builds

Changelog

qt4-x11 (4:4.8.3+dfsg-0ubuntu3.1) quantal-security; urgency=low

  * SECURITY UPDATE: information disclosure via MITM redirect
    - debian/patches/CVE-2012-5624.patch: don't redirect to file URLs in
      src/declarative/qml/qdeclarativexmlhttprequest.cpp.
    - CVE-2012-5624
  * SECURITY UPDATE: incorrect errors with certificate verification
    - debian/patches/CVE-2012-6093.patch: use openssl access functions to
      properly handle layout changes in
      src/network/ssl/qsslsocket_openssl.cpp,
      src/network/ssl/qsslsocket_openssl_symbols.cpp,
      src/network/ssl/qsslsocket_openssl_symbols_p.h.
    - CVE-2012-6093
  * SECURITY UPDATE: shared memory segments incorrect permissions
    - debian/patches/CVE-2013-0254.patch: set appropriate permissions in
      src/corelib/kernel/qsharedmemory_unix.cpp,
      src/corelib/kernel/qsystemsemaphore_unix.cpp,
      src/gui/image/qnativeimage.cpp,
      src/gui/image/qpixmap_x11.cpp,
      src/plugins/platforms/xcb/qxcbwindowsurface.cpp,
      src/plugins/platforms/xlib/qxlibwindowsurface.cpp,
      tools/qvfb/qvfbshmem.cpp.
    - CVE-2013-0254
 -- Marc Deslauriers <email address hidden>   Wed, 06 Feb 2013 08:11:17 -0500