Advisories MDKSA-2007:075: Updated qt4 packages to address utf8 decoder bug

By paul
April 4, 2007 in Mandriva Security Advisories

Share

Recommended Posts

Posted April 4, 2007

Andreas Nolden discover a bug in qt4, where the UTF8 decoder does

not reject overlong sequences, which can cause "/../" injection or

(in the case of konqueror) a "" tag injection.

Updated packages have been patched to address this issue.

This topic is now closed to further replies.

×

×