| Description: | Summary:
The remote host is missing an update for the 'qt' package(s) announced via the SSA:2006-298-01 advisory.
Vulnerability Insight:
New qt packages are available for Slackware 10.0, 10.1, 10.2, and 11.0
to fix a possible security issue.
More details about this issue may be found in the Common
Vulnerabilities and Exposures (CVE) database:
[link moved to references]
Trolltech has put out a press release which may be found here:
[link moved to references]
Here are the details from the Slackware 11.0 ChangeLog:
+--------------------------+
patches/packages/qt-3.3.7-i486-1_slack11.0.tgz: Upgraded to qt-x11-free-3.3.7.
This fixes an issue with Qt's handling of pixmap images that causes Qt linked
applications to crash if a specially crafted malicious image is loaded.
Inspection of the code in question makes it seem unlikely that this could
lead to more serious implications (such as arbitrary code execution), but it
is recommended that users upgrade to the new Qt package.
For more information, see:
[links moved to references]
(* Security fix *)
+--------------------------+
Affected Software/OS:
'qt' package(s) on Slackware 10.0, Slackware 10.1, Slackware 10.2, Slackware 11.0.
Solution:
Please install the updated package(s).
CVSS Score:
6.8
CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
