(RHSA-2007:0721) Moderate: qt security update

2007-07-31T04:00:00
ID RHSA-2007:0721
Type redhat
Reporter RedHat
Modified 2017-09-08T11:53:41

Description

Qt is a software toolkit that simplifies the task of writing and maintaining GUI (Graphical User Interface) applications for the X Window System.

Several format string flaws were found in Qt error message handling. If an application linked against Qt created an error message from user supplied data in a certain way, it could lead to a denial of service or possibly allow the execution of arbitrary code. (CVE-2007-3388)

Users of Qt should upgrade to these updated packages, which contain a backported patch to correct these issues.

Red Hat would like to acknowledge Tim Brown of Portcullis Computer Security and Dirk Mueller for these issues.