lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-id: <E1IGMAt-0003Fg-GZ@artemis.annvix.ca>
Date: Wed, 01 Aug 2007 15:56:11 -0600
From: security@...driva.com
To: bugtraq@...urityfocus.com
Subject: [ MDKSA-2007:151 ] - Updated qt3 packages fix multiple vulnerabilities


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2007:151
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : qt3
 Date    : August 1, 2007
 Affected: 2007.0, 2007.1, Corporate 3.0, Corporate 4.0
 _______________________________________________________________________
 
 Problem Description:
 
 A number of format string flaws have been discovered in how Qt handled
 error messages by Dirk Mueller and Tracey Parry of Portcullis Computer
 Security.  If an application linked against Qt created an error
 message from user-supplied data in a certain way, it could possibly
 lead to the execution of arbitrary code or a denial of service.
 
 This update provides packages which are patched to prevent these
 issues.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3388
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2007.0:
 ce0be0c7f6a6e866476fbfd2e21ae98c  2007.0/i586/libdesignercore1-3.3.6-18.3mdv2007.0.i586.rpm
 d1a44381c8f93f1b7c339f6984f7e89f  2007.0/i586/libeditor1-3.3.6-18.3mdv2007.0.i586.rpm
 7b5d2c3dade2761d2cfda191b9b64007  2007.0/i586/libqassistantclient1-3.3.6-18.3mdv2007.0.i586.rpm
 ef5c47cca08d8c61f49cc8f5079c9530  2007.0/i586/libqt3-3.3.6-18.3mdv2007.0.i586.rpm
 1351e443eb632ae1353361960674df09  2007.0/i586/libqt3-devel-3.3.6-18.3mdv2007.0.i586.rpm
 cdb6e25c831c6a80621fd1e2786a706a  2007.0/i586/libqt3-mysql-3.3.6-18.3mdv2007.0.i586.rpm
 a4a03c9d3b4fb5b8bf7bbb698085b8f9  2007.0/i586/libqt3-odbc-3.3.6-18.3mdv2007.0.i586.rpm
 7853e420094557482fb5258e14c8caa3  2007.0/i586/libqt3-psql-3.3.6-18.3mdv2007.0.i586.rpm
 9260fc52f792e4eb3ae17edeeedad3f9  2007.0/i586/libqt3-sqlite-3.3.6-18.3mdv2007.0.i586.rpm
 ad12f0dc6c5b6007c0fa326b2d853930  2007.0/i586/libqt3-static-devel-3.3.6-18.3mdv2007.0.i586.rpm
 c109e982693cb1698287a80c493b3961  2007.0/i586/qt3-common-3.3.6-18.3mdv2007.0.i586.rpm
 cfad56aa1c0ee5fd67d1e6c8090d1b6d  2007.0/i586/qt3-doc-3.3.6-18.3mdv2007.0.i586.rpm
 0eccadc116d3918e43eb74600d60ad4f  2007.0/i586/qt3-example-3.3.6-18.3mdv2007.0.i586.rpm
 2499a2bf3f69f77a4942a18068331ec4  2007.0/i586/qt3-tutorial-3.3.6-18.3mdv2007.0.i586.rpm 
 91aad72a3e393be4f71eacc89a304a4b  2007.0/SRPMS/qt3-3.3.6-18.3mdv2007.0.src.rpm

 Mandriva Linux 2007.0/X86_64:
 457642358c8514efdf92558fc047edef  2007.0/x86_64/lib64designercore1-3.3.6-18.3mdv2007.0.x86_64.rpm
 1f6eeb9a0669e741ab3a5990edf25cc6  2007.0/x86_64/lib64editor1-3.3.6-18.3mdv2007.0.x86_64.rpm
 5e29145fdca5ab04e94f3c205a8703d0  2007.0/x86_64/lib64qassistantclient1-3.3.6-18.3mdv2007.0.x86_64.rpm
 3e0231d5db209fbc5d991ba52c1b915a  2007.0/x86_64/lib64qt3-3.3.6-18.3mdv2007.0.x86_64.rpm
 2fd65d9bf31ccacd31c28d30a1a4f107  2007.0/x86_64/lib64qt3-devel-3.3.6-18.3mdv2007.0.x86_64.rpm
 aa14be509decd6fa57b367b97eb60adc  2007.0/x86_64/lib64qt3-mysql-3.3.6-18.3mdv2007.0.x86_64.rpm
 e6ee67759c5781ed5968c9684fd812f4  2007.0/x86_64/lib64qt3-odbc-3.3.6-18.3mdv2007.0.x86_64.rpm
 7a4c368159c8ffaeb1af1b84740afaf5  2007.0/x86_64/lib64qt3-psql-3.3.6-18.3mdv2007.0.x86_64.rpm
 06d81033389e0295233b5798b5cdd8cb  2007.0/x86_64/lib64qt3-sqlite-3.3.6-18.3mdv2007.0.x86_64.rpm
 18ce8b51725aaf658fe01f5e4ae8ac4f  2007.0/x86_64/lib64qt3-static-devel-3.3.6-18.3mdv2007.0.x86_64.rpm
 6df81bd244102ae58fb02fe82959dacc  2007.0/x86_64/qt3-common-3.3.6-18.3mdv2007.0.x86_64.rpm
 640ffac5c35d861992d78c35588d307c  2007.0/x86_64/qt3-doc-3.3.6-18.3mdv2007.0.x86_64.rpm
 381fe2a406bde1148e70f806eec93dc6  2007.0/x86_64/qt3-example-3.3.6-18.3mdv2007.0.x86_64.rpm
 a9cc3c67b4567a291c92289287d72109  2007.0/x86_64/qt3-tutorial-3.3.6-18.3mdv2007.0.x86_64.rpm 
 91aad72a3e393be4f71eacc89a304a4b  2007.0/SRPMS/qt3-3.3.6-18.3mdv2007.0.src.rpm

 Mandriva Linux 2007.1:
 f231e74f4430c2af2d98ceea4d8a10d6  2007.1/i586/libdesignercore1-3.3.8-4.1mdv2007.1.i586.rpm
 a4ef440b08c6bdd01c623d45ef8bab58  2007.1/i586/libeditor1-3.3.8-4.1mdv2007.1.i586.rpm
 eaa9762ebeef32cac2c05e98322e7ac4  2007.1/i586/libqassistantclient1-3.3.8-4.1mdv2007.1.i586.rpm
 1daa2c536a539407c5d223365402609f  2007.1/i586/libqt3-3.3.8-4.1mdv2007.1.i586.rpm
 a9e19c1bba726c8bfe292f794c037857  2007.1/i586/libqt3-devel-3.3.8-4.1mdv2007.1.i586.rpm
 1a8907d6fd1b748bed29e14d968296fb  2007.1/i586/libqt3-mysql-3.3.8-4.1mdv2007.1.i586.rpm
 a8cd79d1d0da5dd44720c37c305fd38d  2007.1/i586/libqt3-odbc-3.3.8-4.1mdv2007.1.i586.rpm
 3728a43c435707c1cddc5d36da39ec40  2007.1/i586/libqt3-psql-3.3.8-4.1mdv2007.1.i586.rpm
 7d6804a498f307e21a3c16de14733451  2007.1/i586/libqt3-sqlite-3.3.8-4.1mdv2007.1.i586.rpm
 3c60a4e503adec67a80ad3b85a94f28c  2007.1/i586/libqt3-static-devel-3.3.8-4.1mdv2007.1.i586.rpm
 b0cbefd80eb6ad6491455b5890fbd15d  2007.1/i586/qt3-common-3.3.8-4.1mdv2007.1.i586.rpm
 e4151b1dd7fef834fe9ddfbf261a8663  2007.1/i586/qt3-doc-3.3.8-4.1mdv2007.1.i586.rpm
 745512805d0b5d9dac89fdae8809c69e  2007.1/i586/qt3-example-3.3.8-4.1mdv2007.1.i586.rpm
 04b08ed74120fba9407c776cdefd43ef  2007.1/i586/qt3-tutorial-3.3.8-4.1mdv2007.1.i586.rpm 
 35b2281563c76e4702848971a8eb6adf  2007.1/SRPMS/qt3-3.3.8-4.1mdv2007.1.src.rpm

 Mandriva Linux 2007.1/X86_64:
 0f5eccb73f8d9ccd8ee2e15299500339  2007.1/x86_64/lib64designercore1-3.3.8-4.1mdv2007.1.x86_64.rpm
 8b615c6a4dc8bf00ba5e501384d62497  2007.1/x86_64/lib64editor1-3.3.8-4.1mdv2007.1.x86_64.rpm
 5fbb343226162f67558eac9681a1d3a7  2007.1/x86_64/lib64qassistantclient1-3.3.8-4.1mdv2007.1.x86_64.rpm
 05658b8692701ff40fee19038823970f  2007.1/x86_64/lib64qt3-3.3.8-4.1mdv2007.1.x86_64.rpm
 2a500d7589d2cb2a7339bdc85e309bfd  2007.1/x86_64/lib64qt3-devel-3.3.8-4.1mdv2007.1.x86_64.rpm
 b8090f42b7224877ba1acdcc84438c7c  2007.1/x86_64/lib64qt3-mysql-3.3.8-4.1mdv2007.1.x86_64.rpm
 5ee78ae3040a4a8820384cf719ecf671  2007.1/x86_64/lib64qt3-odbc-3.3.8-4.1mdv2007.1.x86_64.rpm
 14241ab4fe05e87665820740ceb0fe7c  2007.1/x86_64/lib64qt3-psql-3.3.8-4.1mdv2007.1.x86_64.rpm
 fa57b309216faa3e74b22461c11d7bb4  2007.1/x86_64/lib64qt3-sqlite-3.3.8-4.1mdv2007.1.x86_64.rpm
 b4879b2f4f9ba825d3c0e03300f5770a  2007.1/x86_64/lib64qt3-static-devel-3.3.8-4.1mdv2007.1.x86_64.rpm
 2567048cc93c595e9ba92831ab50f236  2007.1/x86_64/qt3-common-3.3.8-4.1mdv2007.1.x86_64.rpm
 bc4dde47830027874ceed09a612f3b60  2007.1/x86_64/qt3-doc-3.3.8-4.1mdv2007.1.x86_64.rpm
 00963b8232ad87bf525a44999b3b5fc8  2007.1/x86_64/qt3-example-3.3.8-4.1mdv2007.1.x86_64.rpm
 95f6570b6d8f8c65c100b1967cc77e75  2007.1/x86_64/qt3-tutorial-3.3.8-4.1mdv2007.1.x86_64.rpm 
 35b2281563c76e4702848971a8eb6adf  2007.1/SRPMS/qt3-3.3.8-4.1mdv2007.1.src.rpm

 Corporate 3.0:
 1f7758f27c9c137754c3c8215e84c25a  corporate/3.0/i586/libqt3-3.2.3-19.10.C30mdk.i586.rpm
 6a903a7962492bd6c6e1bc257ab63660  corporate/3.0/i586/libqt3-devel-3.2.3-19.10.C30mdk.i586.rpm
 bf1d05273e423e3d212aa56433c05a59  corporate/3.0/i586/libqt3-mysql-3.2.3-19.10.C30mdk.i586.rpm
 47611eaf3ffcce4646b02da86194085a  corporate/3.0/i586/libqt3-odbc-3.2.3-19.10.C30mdk.i586.rpm
 b5aefe3cca08c409409e6856afc81cc9  corporate/3.0/i586/libqt3-psql-3.2.3-19.10.C30mdk.i586.rpm
 d45e4a0f29a78e2438f9e35f2b20aff1  corporate/3.0/i586/qt3-common-3.2.3-19.10.C30mdk.i586.rpm
 e8fb9ce91f15584b68f5e0595eb9eb2d  corporate/3.0/i586/qt3-example-3.2.3-19.10.C30mdk.i586.rpm 
 066138bdd08ddacb04e374d0f0e2b629  corporate/3.0/SRPMS/qt3-3.2.3-19.10.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 3dbe8ab3bcf717dc8c26d1866cbaf910  corporate/3.0/x86_64/lib64qt3-3.2.3-19.10.C30mdk.x86_64.rpm
 1007fd1df9c8da4540dcd8f9a4a7c242  corporate/3.0/x86_64/lib64qt3-devel-3.2.3-19.10.C30mdk.x86_64.rpm
 c5b948b0d327cb8e425c17e32a53cef7  corporate/3.0/x86_64/lib64qt3-mysql-3.2.3-19.10.C30mdk.x86_64.rpm
 94606657665adcf18caf209154723b5a  corporate/3.0/x86_64/lib64qt3-odbc-3.2.3-19.10.C30mdk.x86_64.rpm
 2afa63aafcd40d2fb7407332d8c4f740  corporate/3.0/x86_64/lib64qt3-psql-3.2.3-19.10.C30mdk.x86_64.rpm
 a5c11a462da1cc91950ee516c5d12c8e  corporate/3.0/x86_64/qt3-common-3.2.3-19.10.C30mdk.x86_64.rpm
 cf250128fcb3b2fd479a7d93a06ef4ef  corporate/3.0/x86_64/qt3-example-3.2.3-19.10.C30mdk.x86_64.rpm 
 066138bdd08ddacb04e374d0f0e2b629  corporate/3.0/SRPMS/qt3-3.2.3-19.10.C30mdk.src.rpm

 Corporate 4.0:
 5785e1d82182fe9cd58cc6fa2a1bed9f  corporate/4.0/i586/libdesignercore1-3.3.6-1.4.20060mlcs4.i586.rpm
 0b362e1e68c178ec9724d23161b944d1  corporate/4.0/i586/libeditor1-3.3.6-1.4.20060mlcs4.i586.rpm
 491b686f4260d6bc0a01dbaf0993dadf  corporate/4.0/i586/libqassistantclient1-3.3.6-1.4.20060mlcs4.i586.rpm
 52d1f4ed88e76298dc2fed78f5ae369f  corporate/4.0/i586/libqt3-3.3.6-1.4.20060mlcs4.i586.rpm
 6f064b92df7038c3808c8aee32e54e8b  corporate/4.0/i586/libqt3-devel-3.3.6-1.4.20060mlcs4.i586.rpm
 63b08845ca757bd283955aad38ba263d  corporate/4.0/i586/libqt3-mysql-3.3.6-1.4.20060mlcs4.i586.rpm
 19ae9f75833a9dac2aba655e5d341ae7  corporate/4.0/i586/libqt3-odbc-3.3.6-1.4.20060mlcs4.i586.rpm
 8e245edddf113347e2ede4663f3369e6  corporate/4.0/i586/libqt3-psql-3.3.6-1.4.20060mlcs4.i586.rpm
 e4b61a1a6cd1bcf5a230d1f86b7fc431  corporate/4.0/i586/libqt3-sqlite-3.3.6-1.4.20060mlcs4.i586.rpm
 409ea3057318a5ab1cb180631df49807  corporate/4.0/i586/libqt3-static-devel-3.3.6-1.4.20060mlcs4.i586.rpm
 b58a7ea2af37c318bd131ca981e03fec  corporate/4.0/i586/qt3-common-3.3.6-1.4.20060mlcs4.i586.rpm
 1f318bd8e121220c80b7a1d5bc37c6de  corporate/4.0/i586/qt3-doc-3.3.6-1.4.20060mlcs4.i586.rpm
 5c7134a448ed342756e1c7a31ec9d16a  corporate/4.0/i586/qt3-example-3.3.6-1.4.20060mlcs4.i586.rpm
 ede113df279e7f30256c1884d0e7a045  corporate/4.0/i586/qt3-tutorial-3.3.6-1.4.20060mlcs4.i586.rpm 
 1c624f6ef074be3be0ef1809f980b672  corporate/4.0/SRPMS/qt3-3.3.6-1.4.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 085733e867577d48884ba41eb55d992d  corporate/4.0/x86_64/lib64designercore1-3.3.6-1.4.20060mlcs4.x86_64.rpm
 57d03fc3d53110b64a19b0093c5cc6bb  corporate/4.0/x86_64/lib64editor1-3.3.6-1.4.20060mlcs4.x86_64.rpm
 b6662f742d74a63a91afbd69dd6f0ad3  corporate/4.0/x86_64/lib64qassistantclient1-3.3.6-1.4.20060mlcs4.x86_64.rpm
 7bb37136dae3066d8e9c3a0cbe9a5061  corporate/4.0/x86_64/lib64qt3-3.3.6-1.4.20060mlcs4.x86_64.rpm
 adb51caf14d5447741d4fc2a0632c722  corporate/4.0/x86_64/lib64qt3-devel-3.3.6-1.4.20060mlcs4.x86_64.rpm
 2bd0c78e38250190a985abacc71406a8  corporate/4.0/x86_64/lib64qt3-mysql-3.3.6-1.4.20060mlcs4.x86_64.rpm
 33ea7ac074afee9fe41d598b1d97e37c  corporate/4.0/x86_64/lib64qt3-odbc-3.3.6-1.4.20060mlcs4.x86_64.rpm
 659324555edd0e0bf30a4ca3bbd9ed14  corporate/4.0/x86_64/lib64qt3-psql-3.3.6-1.4.20060mlcs4.x86_64.rpm
 55e4fa13fc3dc171f3d57d120ed5ca17  corporate/4.0/x86_64/lib64qt3-sqlite-3.3.6-1.4.20060mlcs4.x86_64.rpm
 0fc343147af499022f61f2fbab5f7d03  corporate/4.0/x86_64/lib64qt3-static-devel-3.3.6-1.4.20060mlcs4.x86_64.rpm
 1e3892f62ba3b6d69def7ef9e3bbbe24  corporate/4.0/x86_64/qt3-common-3.3.6-1.4.20060mlcs4.x86_64.rpm
 7afeabcc5424b2f30fbff0e57e384421  corporate/4.0/x86_64/qt3-doc-3.3.6-1.4.20060mlcs4.x86_64.rpm
 c91eccce209509a7dc5155866a9d63cb  corporate/4.0/x86_64/qt3-example-3.3.6-1.4.20060mlcs4.x86_64.rpm
 f6d6744eb8ac82c728458bca0b22834f  corporate/4.0/x86_64/qt3-tutorial-3.3.6-1.4.20060mlcs4.x86_64.rpm 
 1c624f6ef074be3be0ef1809f980b672  corporate/4.0/SRPMS/qt3-3.3.6-1.4.20060mlcs4.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFGsNXWmqjQ0CJFipgRAlFoAJ415aGJHr7UsILJ30TbecAKVm0OyACfSwf9
x6TncnS8p9nwC+bj83S1GRI=
=nYwu
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ