187465 2007-08-02 06:52 0000 x11-libs/qt-3: possible remote code execution (CVE-2007-3388) 2007-08-30 18:48:01 0000 1 1 1 Unclassified Gentoo Security Vulnerabilities unspecified All Linux RESOLVED DUPLICATE https://rhn.redhat.com/errata/RHSA-2007-0721.html P2 normal --- 1 meax@huicht.org security@gentoo.org alpha@gentoo.org amd64@gentoo.org ia64@gentoo.org mips@gentoo.org ppc64@gentoo.org ppc@gentoo.org qt@gentoo.org sparc@gentoo.org x86@gentoo.org meax@huicht.org 2007-08-02 06:52:04 0000 "... Several format string flaws were found in Qt error message handling. If an application linked against Qt created an error message from user supplied data in a certain way, it could lead to a denial of service or possibly allow the execution of arbitrary code. (CVE-2007-3388) ..." from https://rhn.redhat.com/errata/RHSA-2007-0721.html Trolltech advisory: http://trolltech.com/company/newsroom/announcements/press.2007-07-27.7503755960 patch: http://dist.trolltech.com/developer/download/170529.diff thanks. carlo@gentoo.org 2007-08-02 16:47:26 0000 To quote Dirk Müller from the KDE packager list: In case you've missed it: I've added a patch for Qt4 as well to qt-copy. While TT claims that none of those are exploitable, I disagree and believe that some of them are indeed possible to exploit (though only in uninteresting ways as far as I investigated). so qt-3.3.8-r3 and qt-4.3.0-r1 are in cvs now. Please go for it arch teams. caleb@gentoo.org 2007-08-02 16:52:08 0000 I thought there was already an open bug on this... Anyway, arch teams note that the patch only modifies some debugging output statments via qWarning calls, so this should have absolutely no impact on stability whatsoever. carlo@gentoo.org 2007-08-02 17:13:52 0000 (In reply to comment #2) > I thought there was already an open bug on this... There is - once again restricted!? The issue was on the packager list on monday and in the public for at least 30 hours, so I thought you did not have the time and went ahead. :) caleb@gentoo.org 2007-08-02 17:16:27 0000 you're right, I didn't, so it's no problem. :) I just seem to remember it being a dupe. py@gentoo.org 2007-08-02 18:19:44 0000 *** This bug has been marked as a duplicate of bug 185446 ***