qt-3.3.6-23.1AXS3

エラータID: AXBA:2008-211:01

リリース日: 
2008/09/28 Sunday - 14:48
題名: 
qt-3.3.6-23.1AXS3
影響のあるチャネル: 
Asianux Server 3 for x86
Asianux Server 3 for x86_64
Severity: 
N/A
解決策: 

パッケージをアップデートしてください。

CVE: 
CVE-2007-0242
The UTF-8 decoder in codecs/qutfcodec.cpp in Qt 3.3.8 and 4.2.3 does not reject long UTF-8 sequences as required by the standard, which allows remote attackers to conduct cross-site scripting (XSS) and directory traversal attacks via long sequences that decode to dangerous metacharacters.
CVE-2007-4137
Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable.
CVE-2007-3388
Multiple format string vulnerabilities in (1) qtextedit.cpp, (2) qdatatable.cpp, (3) qsqldatabase.cpp, (4) qsqlindex.cpp, (5) qsqlrecord.cpp, (6) qglobal.cpp, and (7) qsvgdevice.cpp in QTextEdit in Trolltech Qt 3 before 3.3.8 20070727 allow remote attackers to execute arbitrary code via format string specifiers in text used to compose an error message.




追加情報: 

From Asianux Server 3 SP1 updated packages.

ダウンロード: 

SRPMS
  1. qt-3.3.6-23.1AXS3.src.rpm
    MD5: 84e494230f1e71780bbae4e9bbfb8a60
    SHA-256: 98cc85a6276cd0ab3abcbd33856db9d8ddb83bbe4a1f024eb216fada2a0a8c43
    Size: 14.08 MB

Asianux Server 3 for x86
  1. qt-3.3.6-23.1AXS3.i386.rpm
    MD5: e86d67836163648a241fdba20aa2eacc
    SHA-256: fe2bfb776f2d480571f6dae03689ecf1e6118d466fb9c87da2a8bd59b3dcc71d
    Size: 3.59 MB
  2. qt-config-3.3.6-23.1AXS3.i386.rpm
    MD5: a51dde588eab4f28af428ef17bea038a
    SHA-256: 1eafb8f1bfc45e2bbff4dae625172a8dcb9f59f26d50911d49fcc78774516c8c
    Size: 110.48 kB
  3. qt-devel-3.3.6-23.1AXS3.i386.rpm
    MD5: 58ad37252b9bbbc20f1560a3b04bb432
    SHA-256: a454827c3dc2da8a7346cd8e27c28feab26881881a748861d45602b3183df09c
    Size: 11.08 MB
  4. qt-MySQL-3.3.6-23.1AXS3.i386.rpm
    MD5: e1f7d998871163d1ce673cd4661421a1
    SHA-256: 658ab43300d26716cb806032e856c5d8bd81e12b6dfdefeac4b0e4a3caea8733
    Size: 55.34 kB
  5. qt-ODBC-3.3.6-23.1AXS3.i386.rpm
    MD5: c028a9f6f93fe8cabba01b041810175b
    SHA-256: a2a8e909b7056ccac54e3eda41bdb1fca4f03a712e2f91fe5f4fe225194f527d
    Size: 77.99 kB
  6. qt-PostgreSQL-3.3.6-23.1AXS3.i386.rpm
    MD5: 3f9847e791eff49ed97a53fc40b78c98
    SHA-256: fb87ec5281e44674201f52cf40796ada56cd6bbaafa9cb0a5cb39175403d5303
    Size: 64.08 kB

Asianux Server 3 for x86_64
  1. qt-3.3.6-23.1AXS3.x86_64.rpm
    MD5: ab554963f0620ed03be3de1d625fbe23
    SHA-256: fff0279b7c5365884a57a92a3e90ab5ad4659690d685ffcdfbb3e9319ec19805
    Size: 3.60 MB
  2. qt-config-3.3.6-23.1AXS3.x86_64.rpm
    MD5: d3c08e11dd655ea710ca0ffbccc17fb0
    SHA-256: dd51c4d6f45e34681407ef3908a14ed1ce8c7d5fece29c3d70bc77722890507d
    Size: 112.71 kB
  3. qt-devel-3.3.6-23.1AXS3.x86_64.rpm
    MD5: 6039dfc66434a78a80d93ffa6c8c29cd
    SHA-256: 8ec3b370add7cb83be6c6da1d16c8f324463c11f001b9d806446fc0e3c8bec33
    Size: 11.21 MB
  4. qt-MySQL-3.3.6-23.1AXS3.x86_64.rpm
    MD5: 4d1e9cf4d1711f601463d235f76eebb3
    SHA-256: 6aa3fe6d83ea0b30650eb8053bcfc0f0a2bb4f8172c112f047df102cf7a5bf94
    Size: 55.76 kB
  5. qt-ODBC-3.3.6-23.1AXS3.x86_64.rpm
    MD5: a5ed2c9054dd862429c347497dde204e
    SHA-256: 1b5008a5268613cb6b762f0434d6b3bb48c0c805ec5a88341a438e3dc1a770c8
    Size: 78.31 kB
  6. qt-PostgreSQL-3.3.6-23.1AXS3.x86_64.rpm
    MD5: 92841de552c6779c4e2e05be817aa998
    SHA-256: b3c15370a23005a10c2a18307c32a94ab3161401fa3af0d0a83e5211ce768263
    Size: 64.21 kB