Advisories MDKSA-2007:075-1: Updated qt4 packages to address utf8 decoder bug

By paul
April 11, 2007 in Mandriva Security Advisories

Share

Recommended Posts

Posted April 11, 2007

Andreas Nolden discover a bug in qt4, where the UTF8 decoder does

not reject overlong sequences, which can cause '/../' injection or

(in the case of konqueror) a '' tag injection.

Updated packages have been patched to address this issue.

Update:

Packages for Mandriva Linux 2007.1 are now available.

This topic is now closed to further replies.

×

×