USN-495-1: Qt vulnerability

03 August 2007

Qt vulnerability



Several format string vulnerabilities have been discovered in Qt
warning messages. By causing an application to process specially
crafted input data which triggered Qt warnings, this could be
exploited to execute arbitrary code with the privilege of the user
running the application.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 7.04
  • libqt3-mt - 3:3.3.8really3.3.7-0ubuntu5.1
Ubuntu 6.10
  • libqt3-mt - 3:3.3.6-3ubuntu3.2
Ubuntu 6.06
  • libqt3-mt - 3:3.3.6-1ubuntu6.3

After a standard system upgrade you should restart your KDE session to
to effect the necessary changes.