[ MDKSA-2007:151 ] - Updated qt3 packages fix multiple vulnerabilities

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: [ MDKSA-2007:151 ] - Updated qt3 packages fix multiple vulnerabilities
From: security@xxxxxxxxxxxx
Date: Wed, 01 Aug 2007 15:56:11 -0600
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
Reply-to: xsecurity@xxxxxxxxxxxx
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2007:151
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : qt3
 Date    : August 1, 2007
 Affected: 2007.0, 2007.1, Corporate 3.0, Corporate 4.0
 _______________________________________________________________________
 
 Problem Description:
 
 A number of format string flaws have been discovered in how Qt handled
 error messages by Dirk Mueller and Tracey Parry of Portcullis Computer
 Security.  If an application linked against Qt created an error
 message from user-supplied data in a certain way, it could possibly
 lead to the execution of arbitrary code or a denial of service.
 
 This update provides packages which are patched to prevent these
 issues.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3388
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2007.0:
 ce0be0c7f6a6e866476fbfd2e21ae98c  
2007.0/i586/libdesignercore1-3.3.6-18.3mdv2007.0.i586.rpm
 d1a44381c8f93f1b7c339f6984f7e89f  
2007.0/i586/libeditor1-3.3.6-18.3mdv2007.0.i586.rpm
 7b5d2c3dade2761d2cfda191b9b64007  
2007.0/i586/libqassistantclient1-3.3.6-18.3mdv2007.0.i586.rpm
 ef5c47cca08d8c61f49cc8f5079c9530  
2007.0/i586/libqt3-3.3.6-18.3mdv2007.0.i586.rpm
 1351e443eb632ae1353361960674df09  
2007.0/i586/libqt3-devel-3.3.6-18.3mdv2007.0.i586.rpm
 cdb6e25c831c6a80621fd1e2786a706a  
2007.0/i586/libqt3-mysql-3.3.6-18.3mdv2007.0.i586.rpm
 a4a03c9d3b4fb5b8bf7bbb698085b8f9  
2007.0/i586/libqt3-odbc-3.3.6-18.3mdv2007.0.i586.rpm
 7853e420094557482fb5258e14c8caa3  
2007.0/i586/libqt3-psql-3.3.6-18.3mdv2007.0.i586.rpm
 9260fc52f792e4eb3ae17edeeedad3f9  
2007.0/i586/libqt3-sqlite-3.3.6-18.3mdv2007.0.i586.rpm
 ad12f0dc6c5b6007c0fa326b2d853930  
2007.0/i586/libqt3-static-devel-3.3.6-18.3mdv2007.0.i586.rpm
 c109e982693cb1698287a80c493b3961  
2007.0/i586/qt3-common-3.3.6-18.3mdv2007.0.i586.rpm
 cfad56aa1c0ee5fd67d1e6c8090d1b6d  
2007.0/i586/qt3-doc-3.3.6-18.3mdv2007.0.i586.rpm
 0eccadc116d3918e43eb74600d60ad4f  
2007.0/i586/qt3-example-3.3.6-18.3mdv2007.0.i586.rpm
 2499a2bf3f69f77a4942a18068331ec4  
2007.0/i586/qt3-tutorial-3.3.6-18.3mdv2007.0.i586.rpm 
 91aad72a3e393be4f71eacc89a304a4b  2007.0/SRPMS/qt3-3.3.6-18.3mdv2007.0.src.rpm

 Mandriva Linux 2007.0/X86_64:
 457642358c8514efdf92558fc047edef  
2007.0/x86_64/lib64designercore1-3.3.6-18.3mdv2007.0.x86_64.rpm
 1f6eeb9a0669e741ab3a5990edf25cc6  
2007.0/x86_64/lib64editor1-3.3.6-18.3mdv2007.0.x86_64.rpm
 5e29145fdca5ab04e94f3c205a8703d0  
2007.0/x86_64/lib64qassistantclient1-3.3.6-18.3mdv2007.0.x86_64.rpm
 3e0231d5db209fbc5d991ba52c1b915a  
2007.0/x86_64/lib64qt3-3.3.6-18.3mdv2007.0.x86_64.rpm
 2fd65d9bf31ccacd31c28d30a1a4f107  
2007.0/x86_64/lib64qt3-devel-3.3.6-18.3mdv2007.0.x86_64.rpm
 aa14be509decd6fa57b367b97eb60adc  
2007.0/x86_64/lib64qt3-mysql-3.3.6-18.3mdv2007.0.x86_64.rpm
 e6ee67759c5781ed5968c9684fd812f4  
2007.0/x86_64/lib64qt3-odbc-3.3.6-18.3mdv2007.0.x86_64.rpm
 7a4c368159c8ffaeb1af1b84740afaf5  
2007.0/x86_64/lib64qt3-psql-3.3.6-18.3mdv2007.0.x86_64.rpm
 06d81033389e0295233b5798b5cdd8cb  
2007.0/x86_64/lib64qt3-sqlite-3.3.6-18.3mdv2007.0.x86_64.rpm
 18ce8b51725aaf658fe01f5e4ae8ac4f  
2007.0/x86_64/lib64qt3-static-devel-3.3.6-18.3mdv2007.0.x86_64.rpm
 6df81bd244102ae58fb02fe82959dacc  
2007.0/x86_64/qt3-common-3.3.6-18.3mdv2007.0.x86_64.rpm
 640ffac5c35d861992d78c35588d307c  
2007.0/x86_64/qt3-doc-3.3.6-18.3mdv2007.0.x86_64.rpm
 381fe2a406bde1148e70f806eec93dc6  
2007.0/x86_64/qt3-example-3.3.6-18.3mdv2007.0.x86_64.rpm
 a9cc3c67b4567a291c92289287d72109  
2007.0/x86_64/qt3-tutorial-3.3.6-18.3mdv2007.0.x86_64.rpm 
 91aad72a3e393be4f71eacc89a304a4b  2007.0/SRPMS/qt3-3.3.6-18.3mdv2007.0.src.rpm

 Mandriva Linux 2007.1:
 f231e74f4430c2af2d98ceea4d8a10d6  
2007.1/i586/libdesignercore1-3.3.8-4.1mdv2007.1.i586.rpm
 a4ef440b08c6bdd01c623d45ef8bab58  
2007.1/i586/libeditor1-3.3.8-4.1mdv2007.1.i586.rpm
 eaa9762ebeef32cac2c05e98322e7ac4  
2007.1/i586/libqassistantclient1-3.3.8-4.1mdv2007.1.i586.rpm
 1daa2c536a539407c5d223365402609f  
2007.1/i586/libqt3-3.3.8-4.1mdv2007.1.i586.rpm
 a9e19c1bba726c8bfe292f794c037857  
2007.1/i586/libqt3-devel-3.3.8-4.1mdv2007.1.i586.rpm
 1a8907d6fd1b748bed29e14d968296fb  
2007.1/i586/libqt3-mysql-3.3.8-4.1mdv2007.1.i586.rpm
 a8cd79d1d0da5dd44720c37c305fd38d  
2007.1/i586/libqt3-odbc-3.3.8-4.1mdv2007.1.i586.rpm
 3728a43c435707c1cddc5d36da39ec40  
2007.1/i586/libqt3-psql-3.3.8-4.1mdv2007.1.i586.rpm
 7d6804a498f307e21a3c16de14733451  
2007.1/i586/libqt3-sqlite-3.3.8-4.1mdv2007.1.i586.rpm
 3c60a4e503adec67a80ad3b85a94f28c  
2007.1/i586/libqt3-static-devel-3.3.8-4.1mdv2007.1.i586.rpm
 b0cbefd80eb6ad6491455b5890fbd15d  
2007.1/i586/qt3-common-3.3.8-4.1mdv2007.1.i586.rpm
 e4151b1dd7fef834fe9ddfbf261a8663  
2007.1/i586/qt3-doc-3.3.8-4.1mdv2007.1.i586.rpm
 745512805d0b5d9dac89fdae8809c69e  
2007.1/i586/qt3-example-3.3.8-4.1mdv2007.1.i586.rpm
 04b08ed74120fba9407c776cdefd43ef  
2007.1/i586/qt3-tutorial-3.3.8-4.1mdv2007.1.i586.rpm 
 35b2281563c76e4702848971a8eb6adf  2007.1/SRPMS/qt3-3.3.8-4.1mdv2007.1.src.rpm

 Mandriva Linux 2007.1/X86_64:
 0f5eccb73f8d9ccd8ee2e15299500339  
2007.1/x86_64/lib64designercore1-3.3.8-4.1mdv2007.1.x86_64.rpm
 8b615c6a4dc8bf00ba5e501384d62497  
2007.1/x86_64/lib64editor1-3.3.8-4.1mdv2007.1.x86_64.rpm
 5fbb343226162f67558eac9681a1d3a7  
2007.1/x86_64/lib64qassistantclient1-3.3.8-4.1mdv2007.1.x86_64.rpm
 05658b8692701ff40fee19038823970f  
2007.1/x86_64/lib64qt3-3.3.8-4.1mdv2007.1.x86_64.rpm
 2a500d7589d2cb2a7339bdc85e309bfd  
2007.1/x86_64/lib64qt3-devel-3.3.8-4.1mdv2007.1.x86_64.rpm
 b8090f42b7224877ba1acdcc84438c7c  
2007.1/x86_64/lib64qt3-mysql-3.3.8-4.1mdv2007.1.x86_64.rpm
 5ee78ae3040a4a8820384cf719ecf671  
2007.1/x86_64/lib64qt3-odbc-3.3.8-4.1mdv2007.1.x86_64.rpm
 14241ab4fe05e87665820740ceb0fe7c  
2007.1/x86_64/lib64qt3-psql-3.3.8-4.1mdv2007.1.x86_64.rpm
 fa57b309216faa3e74b22461c11d7bb4  
2007.1/x86_64/lib64qt3-sqlite-3.3.8-4.1mdv2007.1.x86_64.rpm
 b4879b2f4f9ba825d3c0e03300f5770a  
2007.1/x86_64/lib64qt3-static-devel-3.3.8-4.1mdv2007.1.x86_64.rpm
 2567048cc93c595e9ba92831ab50f236  
2007.1/x86_64/qt3-common-3.3.8-4.1mdv2007.1.x86_64.rpm
 bc4dde47830027874ceed09a612f3b60  
2007.1/x86_64/qt3-doc-3.3.8-4.1mdv2007.1.x86_64.rpm
 00963b8232ad87bf525a44999b3b5fc8  
2007.1/x86_64/qt3-example-3.3.8-4.1mdv2007.1.x86_64.rpm
 95f6570b6d8f8c65c100b1967cc77e75  
2007.1/x86_64/qt3-tutorial-3.3.8-4.1mdv2007.1.x86_64.rpm 
 35b2281563c76e4702848971a8eb6adf  2007.1/SRPMS/qt3-3.3.8-4.1mdv2007.1.src.rpm

 Corporate 3.0:
 1f7758f27c9c137754c3c8215e84c25a  
corporate/3.0/i586/libqt3-3.2.3-19.10.C30mdk.i586.rpm
 6a903a7962492bd6c6e1bc257ab63660  
corporate/3.0/i586/libqt3-devel-3.2.3-19.10.C30mdk.i586.rpm
 bf1d05273e423e3d212aa56433c05a59  
corporate/3.0/i586/libqt3-mysql-3.2.3-19.10.C30mdk.i586.rpm
 47611eaf3ffcce4646b02da86194085a  
corporate/3.0/i586/libqt3-odbc-3.2.3-19.10.C30mdk.i586.rpm
 b5aefe3cca08c409409e6856afc81cc9  
corporate/3.0/i586/libqt3-psql-3.2.3-19.10.C30mdk.i586.rpm
 d45e4a0f29a78e2438f9e35f2b20aff1  
corporate/3.0/i586/qt3-common-3.2.3-19.10.C30mdk.i586.rpm
 e8fb9ce91f15584b68f5e0595eb9eb2d  
corporate/3.0/i586/qt3-example-3.2.3-19.10.C30mdk.i586.rpm 
 066138bdd08ddacb04e374d0f0e2b629  
corporate/3.0/SRPMS/qt3-3.2.3-19.10.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 3dbe8ab3bcf717dc8c26d1866cbaf910  
corporate/3.0/x86_64/lib64qt3-3.2.3-19.10.C30mdk.x86_64.rpm
 1007fd1df9c8da4540dcd8f9a4a7c242  
corporate/3.0/x86_64/lib64qt3-devel-3.2.3-19.10.C30mdk.x86_64.rpm
 c5b948b0d327cb8e425c17e32a53cef7  
corporate/3.0/x86_64/lib64qt3-mysql-3.2.3-19.10.C30mdk.x86_64.rpm
 94606657665adcf18caf209154723b5a  
corporate/3.0/x86_64/lib64qt3-odbc-3.2.3-19.10.C30mdk.x86_64.rpm
 2afa63aafcd40d2fb7407332d8c4f740  
corporate/3.0/x86_64/lib64qt3-psql-3.2.3-19.10.C30mdk.x86_64.rpm
 a5c11a462da1cc91950ee516c5d12c8e  
corporate/3.0/x86_64/qt3-common-3.2.3-19.10.C30mdk.x86_64.rpm
 cf250128fcb3b2fd479a7d93a06ef4ef  
corporate/3.0/x86_64/qt3-example-3.2.3-19.10.C30mdk.x86_64.rpm 
 066138bdd08ddacb04e374d0f0e2b629  
corporate/3.0/SRPMS/qt3-3.2.3-19.10.C30mdk.src.rpm

 Corporate 4.0:
 5785e1d82182fe9cd58cc6fa2a1bed9f  
corporate/4.0/i586/libdesignercore1-3.3.6-1.4.20060mlcs4.i586.rpm
 0b362e1e68c178ec9724d23161b944d1  
corporate/4.0/i586/libeditor1-3.3.6-1.4.20060mlcs4.i586.rpm
 491b686f4260d6bc0a01dbaf0993dadf  
corporate/4.0/i586/libqassistantclient1-3.3.6-1.4.20060mlcs4.i586.rpm
 52d1f4ed88e76298dc2fed78f5ae369f  
corporate/4.0/i586/libqt3-3.3.6-1.4.20060mlcs4.i586.rpm
 6f064b92df7038c3808c8aee32e54e8b  
corporate/4.0/i586/libqt3-devel-3.3.6-1.4.20060mlcs4.i586.rpm
 63b08845ca757bd283955aad38ba263d  
corporate/4.0/i586/libqt3-mysql-3.3.6-1.4.20060mlcs4.i586.rpm
 19ae9f75833a9dac2aba655e5d341ae7  
corporate/4.0/i586/libqt3-odbc-3.3.6-1.4.20060mlcs4.i586.rpm
 8e245edddf113347e2ede4663f3369e6  
corporate/4.0/i586/libqt3-psql-3.3.6-1.4.20060mlcs4.i586.rpm
 e4b61a1a6cd1bcf5a230d1f86b7fc431  
corporate/4.0/i586/libqt3-sqlite-3.3.6-1.4.20060mlcs4.i586.rpm
 409ea3057318a5ab1cb180631df49807  
corporate/4.0/i586/libqt3-static-devel-3.3.6-1.4.20060mlcs4.i586.rpm
 b58a7ea2af37c318bd131ca981e03fec  
corporate/4.0/i586/qt3-common-3.3.6-1.4.20060mlcs4.i586.rpm
 1f318bd8e121220c80b7a1d5bc37c6de  
corporate/4.0/i586/qt3-doc-3.3.6-1.4.20060mlcs4.i586.rpm
 5c7134a448ed342756e1c7a31ec9d16a  
corporate/4.0/i586/qt3-example-3.3.6-1.4.20060mlcs4.i586.rpm
 ede113df279e7f30256c1884d0e7a045  
corporate/4.0/i586/qt3-tutorial-3.3.6-1.4.20060mlcs4.i586.rpm 
 1c624f6ef074be3be0ef1809f980b672  
corporate/4.0/SRPMS/qt3-3.3.6-1.4.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 085733e867577d48884ba41eb55d992d  
corporate/4.0/x86_64/lib64designercore1-3.3.6-1.4.20060mlcs4.x86_64.rpm
 57d03fc3d53110b64a19b0093c5cc6bb  
corporate/4.0/x86_64/lib64editor1-3.3.6-1.4.20060mlcs4.x86_64.rpm
 b6662f742d74a63a91afbd69dd6f0ad3  
corporate/4.0/x86_64/lib64qassistantclient1-3.3.6-1.4.20060mlcs4.x86_64.rpm
 7bb37136dae3066d8e9c3a0cbe9a5061  
corporate/4.0/x86_64/lib64qt3-3.3.6-1.4.20060mlcs4.x86_64.rpm
 adb51caf14d5447741d4fc2a0632c722  
corporate/4.0/x86_64/lib64qt3-devel-3.3.6-1.4.20060mlcs4.x86_64.rpm
 2bd0c78e38250190a985abacc71406a8  
corporate/4.0/x86_64/lib64qt3-mysql-3.3.6-1.4.20060mlcs4.x86_64.rpm
 33ea7ac074afee9fe41d598b1d97e37c  
corporate/4.0/x86_64/lib64qt3-odbc-3.3.6-1.4.20060mlcs4.x86_64.rpm
 659324555edd0e0bf30a4ca3bbd9ed14  
corporate/4.0/x86_64/lib64qt3-psql-3.3.6-1.4.20060mlcs4.x86_64.rpm
 55e4fa13fc3dc171f3d57d120ed5ca17  
corporate/4.0/x86_64/lib64qt3-sqlite-3.3.6-1.4.20060mlcs4.x86_64.rpm
 0fc343147af499022f61f2fbab5f7d03  
corporate/4.0/x86_64/lib64qt3-static-devel-3.3.6-1.4.20060mlcs4.x86_64.rpm
 1e3892f62ba3b6d69def7ef9e3bbbe24  
corporate/4.0/x86_64/qt3-common-3.3.6-1.4.20060mlcs4.x86_64.rpm
 7afeabcc5424b2f30fbff0e57e384421  
corporate/4.0/x86_64/qt3-doc-3.3.6-1.4.20060mlcs4.x86_64.rpm
 c91eccce209509a7dc5155866a9d63cb  
corporate/4.0/x86_64/qt3-example-3.3.6-1.4.20060mlcs4.x86_64.rpm
 f6d6744eb8ac82c728458bca0b22834f  
corporate/4.0/x86_64/qt3-tutorial-3.3.6-1.4.20060mlcs4.x86_64.rpm 
 1c624f6ef074be3be0ef1809f980b672  
corporate/4.0/SRPMS/qt3-3.3.6-1.4.20060mlcs4.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFGsNXWmqjQ0CJFipgRAlFoAJ415aGJHr7UsILJ30TbecAKVm0OyACfSwf9
x6TncnS8p9nwC+bj83S1GRI=
=nYwu
-----END PGP SIGNATURE-----
Prev by Date: [USN-494-1] Gimp vulnerability
Next by Date: CVE-2007-3384: XSS in Tomcat cookies example
Previous by thread: [USN-494-1] Gimp vulnerability
Next by thread: CVE-2007-3384: XSS in Tomcat cookies example
Index(es):
- Date
- Thread