Bug#699870: CVE-2013-0254] Qt Project Security Advisory: System V shared memory segments created world-writeable

Package: qt4-x11 Severity: important Tags: security patch Justification: user security hole Hi Qt/KDE Maintainers, This vulnerability had been reported against qt4-x11: http://permalink.gmane.org/gmane.comp.lib.qt.devel/9759 The patch for 4.8 (which is in testing and sid) is available.

Bug#538403: CVE-2009-1724: Cross-site scripting (XSS) vulnerability in WebKit

Package: qt4-x11 Version: 4:4.5.2-1 Severity: grave Tags: security Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for qt4-x11. CVE-2009-1724[0]: | Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari | before 4.0.2 allows remote attackers to inject arbit

Bug#538350: CVE-2009-1725: WebKit in Apple Safari before 4.0.2 does not properly handle numeric ...

Package: kdelibs Version: 4:3.5.10.dfsg.1-2 Severity: grave Tags: security patch Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for webkit. CVE-2009-1725[0]: | WebKit in Apple Safari before 4.0.2 does not properly handle numeric | character references, which allows re

Bug#538349: CVE-2009-1725: WebKit in Apple Safari before 4.0.2 does not properly handle numeric ...

Package: kde4libs Version: 4:4.2.96-1 Severity: grave Tags: security patch Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for webkit. CVE-2009-1725[0]: | WebKit in Apple Safari before 4.0.2 does not properly handle numeric | character references, which allows remote a

Bug#538347: CVE-2009-1725: WebKit in Apple Safari before 4.0.2 does not properly handle numeric ...

Package: qt4-x11 Version: 4:4.5.2-1 Severity: grave Tags: security patch Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for webkit. CVE-2009-1725[0]: | WebKit in Apple Safari before 4.0.2 does not properly handle numeric | character references, which allows remote att

Bug#532718: libqt4-webkit: CVE-2009-0945

Oppss... I forgot, you can find a PoC here http://bugs.gentoo.org/271863 -- To UNSUBSCRIBE, email to debian-qt-kde-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#532718: libqt4-webkit: CVE-2009-0945: Array index error in the insertItemBefore method in WebKit

Package: libqt4-webkit Version: 4.5.1-2 Severity: grave Tags: security Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for libqt4-webkit. CVE-2009-0945[0]: | Array index error in the insertItemBefore method in WebKit, as used in | Safari before 3.2.3 and 4 Public Beta,

Bug#292002: "Decrypt::makeFileKey2()" Buffer Overflow

Package: kpdf Version: 3.x Severity: grave Tags: security patch TITLE: KOffice "Decrypt::makeFileKey2()" Buffer Overflow SECUNIA ADVISORY ID: SA13934 VERIFY ADVISORY: http://secunia.com/advisories/13934/ CRITICAL: Highly critical IMPACT: System access WHERE: >From remote SOFTWARE: KOffice 1.

Bug#291994: "Decrypt::makeFileKey2()" Buffer Overflow

Package: kpdf Version: 3.x Severity: grave Tags: security sarge sid patch The version in woody is not affected by this problem. TITLE: KDE kpdf "Decrypt::makeFileKey2()" Buffer Overflow SECUNIA ADVISORY ID: SA13916 VERIFY ADVISORY: http://secunia.com/advisories/13916/ CRITICAL: Highly critical