[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 117-1] qt4-x11 security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : qt4-x11
Version        : 4:4.6.3-4+squeeze2
CVE ID         : CVE-2011-3193 CVE-2011-3194

CVE-2011-3193

    Check for buffer overflow in Lookup_MarkMarkPos that may cause crash
    in this function with certain fonts.

CVE-2011-3194

    Fix tiff reader to handle TIFFTAG_SAMPLESPERPIXEL for grayscale
    images. The reader uses QImage::Format_Indexed8, but since the samples
    per pixel value this should be (non-existent) QImage::Format_Indexed16,
    causing memory corruption. The fix falls back to the "normal" way of
    reading tiff images.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQJ8BAEBCgBmBQJUlvTAXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHcsgP/1eax4TmcTVmQa2Ws4Sg/q3b
7Sck5DRJMpQyX/xzci7gdKRmFo78y8qEmYzhcBJS97nNKSk08A1nL6BGWQB7ZK3n
ZYc7jOSbfTtvRbZXaKHCA+0qvY53b2lndQmeHoq+qPRBw1JDlx09iWfB5UmwutGX
TbrJBTFtkBcPhFnd8e1Y9gMhArUAap9Jbg+SbKCb++U/KCs6BSjMUssalIZ4A7lX
J0myCX7x5pY0yzHzkIuGB+rooTybTUOh6O31K0BZP1BQisHOAcMz84Z1A46wE8mh
C0dAAHQUDm/alTd0hoaFTgu3FCb1hjELycmNAW708capRvih5aiP6C0OHi789d+8
okM0iSY54mVKUMsCJ70O0DQKMA8/YIsyMcHfefuk+w3S3AtGwmUUIvV/uNgMkxAT
Xmm/k1D2nVXH22QjdDEziH3aEGBJLlny2ssTWsStVsREipNktc18t+wroA/QQNdr
/J8NuljZD0D1dnFs4rpuPI/K/MoEqExDRTsvU3CzlTImznejLiSoCNnRjImc8JAd
DSMdSTB7BTvVrpWjimdvwbZmhEKDOq6YnUqhJqF+ZFkOaffISjq+BNQ/I5DJRGa1
t+EnaGpekGfqgM4eN4Pa/n8G56WHSakWX5noG4ST5Q8QxmE5Cy7Xy5rgvmwN91Ax
7OWmVQFpKnNuZmeVXo2u
=c9Us
-----END PGP SIGNATURE-----


Reply to: