[SECURITY] Fedora 11 Update: qt-4.5.2-2.fc11

updates at fedoraproject.org updates at fedoraproject.org
Thu Aug 20 21:00:54 UTC 2009 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2009-8800
2009-08-20 20:33:43
--------------------------------------------------------------------------------

Name        : qt
Product     : Fedora 11
Version     : 4.5.2
Release     : 2.fc11
URL         : http://www.qtsoftware.com/
Summary     : Qt toolkit
Description :
Qt is a software toolkit for developing applications.

This package contains base tools, like string, xml, and network
handling.

--------------------------------------------------------------------------------
Update Information:

Qt's WebKit code did not properly handle numeric character references, which
could allow remote attackers to cause a denial of service (memory corruption and
application crash) via a crafted HTML document.     Also included is:   * a fix
for lib symlinks changing erroneously on upgrades  * a fix for Copy and paste
issues  * added support for more x keycodes
--------------------------------------------------------------------------------
ChangeLog:

* Tue Aug 18 2009 Than Ngo <than at redhat.com> - 4.5.2-2
- security fix for CVE-2009-1725
* Tue Aug 18 2009 Rex Dieter <rdieter at fedoraproject.org> 4.5.2-1.2
- kde-qt: 287-qmenu-respect-minwidth
- kde-qt: 0288-more-x-keycodes (#475247)
* Wed Aug  5 2009 Rex Dieter <rdieter at fedoraproject.org> 4.5.2-1.1
- use linker scripts for _debug targets (#510246)
- apply upstream patch to fix issue in Copy and paste
- optimize (icon-mostly) scriptlets
- -x11: Requires(post,postun): /sbin/ldconfig
* Thu Jul  2 2009 Than Ngo <than at redhat.com> - 4.5.2-1
- 4.5.2
* Sat May 30 2009 Rex Dieter <rdieter at fedoraproject.org> - 4.5.1-13
- -doc: Obsoletes: qt-doc < 1:4.5.1-4 (workaround bug #502401)
* Sat May 23 2009 Rex Dieter <rdieter at fedoraproject.org> - 4.5.1-12
- +phonon_internal macro to toggle packaging of qt's phonon (default off)
* Fri May 22 2009 Rex Dieter <rdieter at fedoraproject.org> - 4.5.1-11
- qt-copy-patches-20090522
* Wed May 20 2009 Rex Dieter <rdieter at fedoraproject.org> - 4.5.1-10.2
- full (non-bootstrap) build
* Wed May 20 2009 Rex Dieter <rdieter at fedoraproject.org> - 4.5.1-10.1
- allow for minimal bootstrap build (*cough* arm *cough*)
* Wed May  6 2009 Rex Dieter <rdieter at fedoraproject.org> - 4.5.1-10
- improved kde4_plugins patch, skip expensive/unneeded canonicalPath
* Wed May  6 2009 Rex Dieter <rdieter at fedoraproject.org> - 4.5.1-9
- include kde4 plugin path by default (#498809)
* Mon May  4 2009 Rex Dieter <rdieter at fedoraproject.org> - 4.5.1-8
- fix invalid assumptions about mysql_config --libs (bug #440673)
- fix %files breakage from 4.5.1-5
* Wed Apr 29 2009 Rex Dieter <rdieter at fedoraproject.org> - 4.5.1-7
- -devel: Provides: qt4-devel%{?_isa} ...
* Mon Apr 27 2009 Than Ngo <than at redhat.com> - 4.5.1-6
- drop useless hunk of qt-x11-opensource-src-4.5.1-enable_ft_lcdfilter.patch
* Mon Apr 27 2009 Rex Dieter <rdieter at fedoraproject.org> - 4.5.1-5
- -devel: Provides: *-static for libQtUiTools.a
* Fri Apr 24 2009 Rex Dieter <rdieter at fedoraproject.org> - 4.5.1-4
- qt-doc noarch
- qt-demos, qt-examples (split from -doc)
- (cosmetic) re-order subpkgs in alphabetical order
- drop unused profile.d bits
* Fri Apr 24 2009 Rex Dieter <rdieter at fedoraproject.org> - 4.5.1-3
- enable FT_LCD_FILTER (uses freetype subpixel filters if available at runtime)
* Fri Apr 24 2009 Than Ngo <than at redhat.com> - 4.5.1-2
- apply upstream patch to fix the svg rendering regression
* Thu Apr 23 2009 Than Ngo <than at redhat.com> - 4.5.1-1
- 4.5.1
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #513813 - CVE-2009-1725: KHTML: improper handling of numeric character references (ACE, DoS)
        https://bugzilla.redhat.com/show_bug.cgi?id=513813
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update qt' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the package-announce mailing list