Package: qt4-x11
Severity: important
Tags: security patch
Justification: user security hole
Hi Qt/KDE Maintainers,
This vulnerability had been reported against qt4-x11:
http://permalink.gmane.org/gmane.comp.lib.qt.devel/9759
The patch for 4.8 (which is in testing and sid) is available.
Package: qt4-x11
Version: 4:4.5.2-1
Severity: grave
Tags: security
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for qt4-x11.
CVE-2009-1724[0]:
| Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari
| before 4.0.2 allows remote attackers to inject arbit
Package: kdelibs
Version: 4:3.5.10.dfsg.1-2
Severity: grave
Tags: security patch
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for webkit.
CVE-2009-1725[0]:
| WebKit in Apple Safari before 4.0.2 does not properly handle numeric
| character references, which allows re
Package: kde4libs
Version: 4:4.2.96-1
Severity: grave
Tags: security patch
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for webkit.
CVE-2009-1725[0]:
| WebKit in Apple Safari before 4.0.2 does not properly handle numeric
| character references, which allows remote a
Package: qt4-x11
Version: 4:4.5.2-1
Severity: grave
Tags: security patch
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for webkit.
CVE-2009-1725[0]:
| WebKit in Apple Safari before 4.0.2 does not properly handle numeric
| character references, which allows remote att
Oppss... I forgot, you can find a PoC here http://bugs.gentoo.org/271863
--
To UNSUBSCRIBE, email to debian-qt-kde-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Package: libqt4-webkit
Version: 4.5.1-2
Severity: grave
Tags: security
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for libqt4-webkit.
CVE-2009-0945[0]:
| Array index error in the insertItemBefore method in WebKit, as used in
| Safari before 3.2.3 and 4 Public Beta,
Package: kpdf
Version: 3.x
Severity: grave
Tags: security patch
TITLE:
KOffice "Decrypt::makeFileKey2()" Buffer Overflow
SECUNIA ADVISORY ID:
SA13934
VERIFY ADVISORY:
http://secunia.com/advisories/13934/
CRITICAL:
Highly critical
IMPACT:
System access
WHERE:
>From remote
SOFTWARE:
KOffice 1.
Package: kpdf
Version: 3.x
Severity: grave
Tags: security sarge sid patch
The version in woody is not affected by this problem.
TITLE:
KDE kpdf "Decrypt::makeFileKey2()" Buffer Overflow
SECUNIA ADVISORY ID:
SA13916
VERIFY ADVISORY:
http://secunia.com/advisories/13916/
CRITICAL:
Highly critical
9 matches
Mail list logo