Oval Definition:oval:com.redhat.rhsa:def:20070883
Revision Date:2007-09-13Version:635
Title:RHSA-2007:0883: qt security update (Important)
Description:Qt is a software toolkit that simplifies the task of writing and maintaining GUI (Graphical User Interface) applications for the X Window System.

  • A flaw was found in the way Qt expanded certain UTF8 characters. It was possible to prevent a Qt-based application from properly sanitizing user supplied input. This could, for example, result in a cross-site scripting attack against the Konqueror web browser. (CVE-2007-0242)

  • A buffer overflow flaw was found in the way Qt expanded malformed Unicode strings. If an application linked against Qt parsed a malicious Unicode string, it could lead to a denial of service or possibly allow the execution of arbitrary code. (CVE-2007-4137)

    Users of Qt should upgrade to these updated packages, which contain a backported patch to correct these issues.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2007-0242
    CVE-2007-4137
    RHSA-2007:0883
    RHSA-2007:0883-02
    RHSA-2007:0883-02
    Platform(s):Red Hat Enterprise Linux 3
    Red Hat Enterprise Linux 4
    Red Hat Enterprise Linux 5
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 3 is installed
  • AND
  • qt-devel is earlier than 1:3.1.2-17.RHEL3
  • AND qt-devel is signed with Red Hat master key
  • qt-designer is earlier than 1:3.1.2-17.RHEL3
  • AND qt-designer is signed with Red Hat master key
  • qt-ODBC is earlier than 1:3.1.2-17.RHEL3
  • AND qt-ODBC is signed with Red Hat master key
  • qt is earlier than 1:3.1.2-17.RHEL3
  • AND qt is signed with Red Hat master key
  • qt-config is earlier than 1:3.1.2-17.RHEL3
  • AND qt-config is signed with Red Hat master key
  • qt-MySQL is earlier than 1:3.1.2-17.RHEL3
  • AND qt-MySQL is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • qt-MySQL is earlier than 1:3.3.3-13.RHEL4
  • AND qt-MySQL is signed with Red Hat master key
  • qt-ODBC is earlier than 1:3.3.3-13.RHEL4
  • AND qt-ODBC is signed with Red Hat master key
  • qt-designer is earlier than 1:3.3.3-13.RHEL4
  • AND qt-designer is signed with Red Hat master key
  • qt-config is earlier than 1:3.3.3-13.RHEL4
  • AND qt-config is signed with Red Hat master key
  • qt is earlier than 1:3.3.3-13.RHEL4
  • AND qt is signed with Red Hat master key
  • qt-PostgreSQL is earlier than 1:3.3.3-13.RHEL4
  • AND qt-PostgreSQL is signed with Red Hat master key
  • qt-devel is earlier than 1:3.3.3-13.RHEL4
  • AND qt-devel is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • qt-designer is earlier than 1:3.3.6-23.el5
  • AND qt-designer is signed with Red Hat redhatrelease key
  • qt-ODBC is earlier than 1:3.3.6-23.el5
  • AND qt-ODBC is signed with Red Hat redhatrelease key
  • qt-MySQL is earlier than 1:3.3.6-23.el5
  • AND qt-MySQL is signed with Red Hat redhatrelease key
  • qt-devel-docs is earlier than 1:3.3.6-23.el5
  • AND qt-devel-docs is signed with Red Hat redhatrelease key
  • qt-config is earlier than 1:3.3.6-23.el5
  • AND qt-config is signed with Red Hat redhatrelease key
  • qt is earlier than 1:3.3.6-23.el5
  • AND qt is signed with Red Hat redhatrelease key
  • qt-devel is earlier than 1:3.3.6-23.el5
  • AND qt-devel is signed with Red Hat redhatrelease key
  • qt-PostgreSQL is earlier than 1:3.3.6-23.el5
  • AND qt-PostgreSQL is signed with Red Hat redhatrelease key
    • Definition Synopsis
  • Release Information
  • Red Hat Enterprise Linux 3 is installed
  • AND
  • qt is earlier than 1:3.1.2-17.RHEL3
  • AND qt is signed with Red Hat master key
  • qt-MySQL is earlier than 1:3.1.2-17.RHEL3
  • AND qt-MySQL is signed with Red Hat master key
  • qt-ODBC is earlier than 1:3.1.2-17.RHEL3
  • AND qt-ODBC is signed with Red Hat master key
  • qt-PostgreSQL is earlier than 1:3.1.2-17.RHEL3
  • AND qt-PostgreSQL is signed with Red Hat master key
  • qt-config is earlier than 1:3.1.2-17.RHEL3
  • AND qt-config is signed with Red Hat master key
  • qt-designer is earlier than 1:3.1.2-17.RHEL3
  • AND qt-designer is signed with Red Hat master key
  • qt-devel is earlier than 1:3.1.2-17.RHEL3
  • AND qt-devel is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • qt is earlier than 1:3.3.3-13.RHEL4
  • AND qt is signed with Red Hat master key
  • qt-MySQL is earlier than 1:3.3.3-13.RHEL4
  • AND qt-MySQL is signed with Red Hat master key
  • qt-ODBC is earlier than 1:3.3.3-13.RHEL4
  • AND qt-ODBC is signed with Red Hat master key
  • qt-PostgreSQL is earlier than 1:3.3.3-13.RHEL4
  • AND qt-PostgreSQL is signed with Red Hat master key
  • qt-config is earlier than 1:3.3.3-13.RHEL4
  • AND qt-config is signed with Red Hat master key
  • qt-designer is earlier than 1:3.3.3-13.RHEL4
  • AND qt-designer is signed with Red Hat master key
  • qt-devel is earlier than 1:3.3.3-13.RHEL4
  • AND qt-devel is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • qt is earlier than 1:3.3.6-23.el5
  • AND qt is signed with Red Hat redhatrelease key
  • qt-MySQL is earlier than 1:3.3.6-23.el5
  • AND qt-MySQL is signed with Red Hat redhatrelease key
  • qt-ODBC is earlier than 1:3.3.6-23.el5
  • AND qt-ODBC is signed with Red Hat redhatrelease key
  • qt-PostgreSQL is earlier than 1:3.3.6-23.el5
  • AND qt-PostgreSQL is signed with Red Hat redhatrelease key
  • qt-config is earlier than 1:3.3.6-23.el5
  • AND qt-config is signed with Red Hat redhatrelease key
  • qt-designer is earlier than 1:3.3.6-23.el5
  • AND qt-designer is signed with Red Hat redhatrelease key
  • qt-devel is earlier than 1:3.3.6-23.el5
  • AND qt-devel is signed with Red Hat redhatrelease key
  • qt-devel-docs is earlier than 1:3.3.6-23.el5
  • AND qt-devel-docs is signed with Red Hat redhatrelease key
    • Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • qt is earlier than 1:3.3.3-13.RHEL4
  • AND qt is signed with Red Hat redhatrelease2 key
  • qt-MySQL is earlier than 1:3.3.3-13.RHEL4
  • AND qt-MySQL is signed with Red Hat redhatrelease2 key
  • qt-ODBC is earlier than 1:3.3.3-13.RHEL4
  • AND qt-ODBC is signed with Red Hat redhatrelease2 key
  • qt-PostgreSQL is earlier than 1:3.3.3-13.RHEL4
  • AND qt-PostgreSQL is signed with Red Hat redhatrelease2 key
  • qt-config is earlier than 1:3.3.3-13.RHEL4
  • AND qt-config is signed with Red Hat redhatrelease2 key
  • qt-designer is earlier than 1:3.3.3-13.RHEL4
  • AND qt-designer is signed with Red Hat redhatrelease2 key
  • qt-devel is earlier than 1:3.3.3-13.RHEL4
  • AND qt-devel is signed with Red Hat redhatrelease2 key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • qt is earlier than 1:3.3.6-23.el5
  • AND qt is signed with Red Hat redhatrelease2 key
  • qt-MySQL is earlier than 1:3.3.6-23.el5
  • AND qt-MySQL is signed with Red Hat redhatrelease2 key
  • qt-ODBC is earlier than 1:3.3.6-23.el5
  • AND qt-ODBC is signed with Red Hat redhatrelease2 key
  • qt-PostgreSQL is earlier than 1:3.3.6-23.el5
  • AND qt-PostgreSQL is signed with Red Hat redhatrelease2 key
  • qt-config is earlier than 1:3.3.6-23.el5
  • AND qt-config is signed with Red Hat redhatrelease2 key
  • qt-designer is earlier than 1:3.3.6-23.el5
  • AND qt-designer is signed with Red Hat redhatrelease2 key
  • qt-devel is earlier than 1:3.3.6-23.el5
  • AND qt-devel is signed with Red Hat redhatrelease2 key
  • qt-devel-docs is earlier than 1:3.3.6-23.el5
  • AND qt-devel-docs is signed with Red Hat redhatrelease2 key
    • BACK