Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 361401 - <dev-qt/qtcore-4.6.3-r1: blacklist fake SSL certificates patch
Summary: <dev-qt/qtcore-4.6.3-r1: blacklist fake SSL certificates patch
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
Whiteboard: B4 [glsa]
Depends on:
Reported: 2011-03-31 01:19 UTC by Tomás Touceda (RETIRED)
Modified: 2013-11-22 11:10 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Tomás Touceda (RETIRED) gentoo-dev 2011-03-31 01:19:05 UTC
Qt's upstream has released a patch to solve the problem with the fake SSL certificates.

x11-libs/qt-core-4.6.3-r1 needs a fast stabilization since all applications using SSL from qt stable won't notice this problem.
Comment 1 Tim Sammut (RETIRED) gentoo-dev 2011-04-02 04:07:27 UTC
(In reply to comment #0)
> Qt's upstream has released a patch to solve the problem with the fake SSL
> certificates.

Thank you for the heads up.

Arches, please test and mark stable:
Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 sparc x86"
Comment 2 Christoph Mende (RETIRED) gentoo-dev 2011-04-02 08:43:33 UTC
amd64 stable
Comment 3 Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2011-04-02 20:32:04 UTC
x86 stable
Comment 4 Brent Baude (RETIRED) gentoo-dev 2011-04-04 15:43:52 UTC
ppc done
Comment 5 Jeroen Roovers (RETIRED) gentoo-dev 2011-04-04 18:48:12 UTC
Stable for HPPA.
Comment 6 Markus Meier gentoo-dev 2011-04-05 05:25:28 UTC
arm stable
Comment 7 Raúl Porcel (RETIRED) gentoo-dev 2011-04-09 13:53:02 UTC
alpha/ia64/sparc stable
Comment 8 Kacper Kowalik (Xarthisius) (RETIRED) gentoo-dev 2011-04-11 17:06:44 UTC
ppc64 stable, last arch done
Comment 9 Tim Sammut (RETIRED) gentoo-dev 2011-04-11 18:42:02 UTC
Thanks, everyone. GLSA Vote: yes.
Comment 10 Stefan Behte (RETIRED) gentoo-dev Security 2011-10-08 22:24:17 UTC
Vote: YES. Added to pending GLSA request.
Comment 11 GLSAMaker/CVETool Bot gentoo-dev 2013-11-22 11:10:22 UTC
This issue was resolved and addressed in
 GLSA 201311-14 at
by GLSA coordinator Sergey Popov (pinkbyte).