lp://staging/ubuntu/dapper-security/qt-x11-free

Created by James Westby and last modified
Get this branch:
bzr branch lp://staging/ubuntu/dapper-security/qt-x11-free
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

27. By Kees Cook

* SECURITY UPDATE: unterminated UTF8 strings could lead to 2 byte
  overflow that may allow arbitrary code execution.
* Add debian/patches/kubuntu_20_utf8_2_byte_overflow: upstream fixes.
* References
  CVE-2007-4137

26. By Jonathan Riddell

* SECURITY UPDATE: remote execution when parsing vulnerability
* Format string bugs were found in several Qt warning messages.
  Applications using Qt for processing certain data types could
  trigger them if the data caused Qt to print warnings. The bugs
  potentially allow to execute arbitrary code via specially crafted
  files.
* Added kubuntu_08_CVE-2007-3387.dpatch from http://www.trolltech.com/developer/download/170529.diff
    sql/qdatatable.cpp
    sql/qsqldatabase.cpp
    sql/qsqlindex.cpp
    sql/qsqlrecord.cpp
    tools/qglobal.cpp
    widgets/qtextedit.cpp
    xml/qsvgdevice.cpp
  Perform better checks when parsing SQL, QTextEdit HTML, SVG XML and qSystemWarning
* References
  http://trolltech.com/company/newsroom/announcements/press.2007-07-27.7503755960
  CVE-2007-3388

25. By Kees Cook

* SECURITY UPDATE: invalid UTF8 parsing could lead to overflows.
* Add kubuntu_07_utf8-fix.dpatch: upstream fixes.
* References
  CVE-2007-0242

24. By Jonathan Riddell

* SECURITY UPDATE: integer overflow flaw
* An integer overflow flaw was discovered in the way Qt 3.x and 4.x handles
  pixmap images. This issue can occur when transforming
  specially prepared images from untrusted sources.
* Add kubuntu_05_CVE-2006-4811-qt3_pixmap.dpatch fix
* References:
 - CVE-2006-4811
 - http://www.trolltech.com/company/newsroom/announcements/press.2006-10-19.5434451733

23. By Adam Conrad

Rebuild against the new libmysqlclient15off with correct symbols.

22. By Jonathan Riddell

[ Jonathan Riddell ]
* Install etc/qt3/qtrc in libqt3-mt.install

[ Anthony Mercatante ]
* Updated qtrc to fit to the default kubuntu look

21. By Jonathan Riddell

Sync with Debian

20. By Martin Pitt

Build against libsqlite3; the vast majority of packages uses 3, and we
want to get rid of 0.

19. By Jonathan Riddell

* Add patch kubuntu_05_fix_immodule_and_xim.dpatch which include some patches
  from http://ktown.kde.org/~dirk/im/ . Fixes various problems such as log
  out crash because of im-module.
* Patch by Hou ZhengPeng <email address hidden>

18. By Martin Pitt

Build against libmysqlclient15.

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp://staging/ubuntu/lucid/qt-x11-free
This branch contains Public information 
Everyone can see this information.

Subscribers