paul Posted April 11, 2007 Report Share Posted April 11, 2007 Andreas Nolden discover a bug in qt4, where the UTF8 decoder does not reject overlong sequences, which can cause '/../' injection or (in the case of konqueror) a '' tag injection. Updated packages have been patched to address this issue. Update: Packages for Mandriva Linux 2007.1 are now available. Link to comment Share on other sites More sharing options...
Recommended Posts