[ubuntu/precise-security] qt4-x11 4:4.8.1-0ubuntu4.4 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Thu Feb 14 16:17:16 UTC 2013
qt4-x11 (4:4.8.1-0ubuntu4.4) precise-security; urgency=low
* SECURITY UPDATE: information disclosure via MITM redirect
- debian/patches/CVE-2012-5624.patch: don't redirect to file URLs in
src/declarative/qml/qdeclarativexmlhttprequest.cpp.
- CVE-2012-5624
* SECURITY UPDATE: incorrect errors with certificate verification
- debian/patches/CVE-2012-6093.patch: use openssl access functions to
properly handle layout changes in
src/network/ssl/qsslsocket_openssl.cpp,
src/network/ssl/qsslsocket_openssl_symbols.cpp,
src/network/ssl/qsslsocket_openssl_symbols_p.h.
- CVE-2012-6093
* SECURITY UPDATE: shared memory segments incorrect permissions
- debian/patches/CVE-2013-0254.patch: set appropriate permissions in
src/corelib/kernel/qsharedmemory_unix.cpp,
src/corelib/kernel/qsystemsemaphore_unix.cpp,
src/gui/image/qnativeimage.cpp,
src/gui/image/qpixmap_x11.cpp,
src/plugins/platforms/xcb/qxcbwindowsurface.cpp,
src/plugins/platforms/xlib/qxlibwindowsurface.cpp,
tools/qvfb/qvfbshmem.cpp.
- CVE-2013-0254
Date: 2013-02-06 18:25:13.334842+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Maintainer: Kubuntu Members <kubuntu-devel at lists.ubuntu.com>
https://launchpad.net/ubuntu/precise/+source/qt4-x11/4:4.8.1-0ubuntu4.4
-------------- next part --------------
Sorry, changesfile not available.
More information about the Precise-changes
mailing list