Package: kdelibs Version: 4:3.5.5a.dfsg.1-7 Severity: grave Tags: security Justification: user security hole > > this is a notice about a significant bug in the Qt (3.x and 4.x) UTF 8 > decoder, that in certain cases can lead to security vulnerabilies. It causes > XSS errors at least in Konqueror, though any KDE application that deals with > urls or paths from untrusted locations can be affected. > > The issue is that the UTF8 decoder incorrectly does not reject overlong > sequences, which can cause "/../" injection or (in the case of konqueror) > a "<script>" tag injection. > > The patch was embargoed, but it leaked recently into the qt snapshots and > was > also imported into qt-copy, so you can consider it public now. Originally > Trolltech planned to disclose this with an Qt 3.3.9 release, but it seems > they changed their mind. >
(this has been reported in bugs: 417390 and 417391). > I'm also attaching a fix against KJS, which has a similar issue, but we > don't know of a way to exploit this one. Please add both patches. This issued has been addressed in the upload 4:3.5.5a.dfsg.1-8 Ana -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]