Bug 14628 - qt-dcgui security flaw
Bug#: 14628 Product:  Gentoo Linux Version: 1.4_rc2 Platform: All
OS/Version: All Status: RESOLVED Severity: major Priority: P2
Resolution: FIXED Assigned To: security@gentoo.org Reported By: biggms_1701@hotmail.com
Component: Applications
URL:  http://dc.ketelhot.de/news.php
Summary: qt-dcgui security flaw
Keywords:  
Status Whiteboard: 
Opened: 2003-01-27 11:28 0000
Description:   Opened: 2003-01-27 11:28 0000 
As reported by the developers of qt-dcgui all versions before 0.2.2 have a 
security flaw that allows users to download unshared files.  The fix is to 
update to 0.2.2 or above.  Versions below 0.2.2 should be removed from portage.

------- Comment #1 From Joachim Blaabjerg 2003-01-27 14:22:57 0000 ------- 
I've committed 0.2.3 of dclib and qt-dcgui now. Aliz, are you going to write a
GLSA 
on this one?

------- Comment #2 From SpanKY 2003-01-28 00:43:26 0000 ------- 
you forgot to add the digest and patch files for dclib-2.3 ... ive added them
now though ...

------- Comment #3 From Joachim Blaabjerg 2003-01-28 05:29:05 0000 ------- 
Ah, sorry. Being a gcc3 user, that just flew right by my testing.

------- Comment #4 From Daniel Ahlberg (RETIRED) 2003-02-05 04:28:47 0000 ------- 
glsa sent