[SECURITY] Fedora 13 Update: qt-4.6.2-8.fc13

updates at fedoraproject.org updates at fedoraproject.org
Tue Mar 23 02:24:27 UTC 2010


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-4521
2010-03-15 23:39:43
--------------------------------------------------------------------------------

Name        : qt
Product     : Fedora 13
Version     : 4.6.2
Release     : 8.fc13
URL         : http://www.qtsoftware.com/
Summary     : Qt toolkit
Description :
Qt is a software toolkit for developing applications.

This package contains base tools, like string, xml, and network
handling.

--------------------------------------------------------------------------------
Update Information:

This update fixes several WebKit security issues:  * CVE-2010-0046: CSS format()
argument memory corruption  * CVE-2010-0049: Use of free()d line boxes in mixed
LTR/RTL text  * CVE-2010-0050: Crash at HTMLParser after handling misnested
style tags  * CVE-2010-0051 (CVE-2010-0651): Remote information disclosure  *
CVE-2010-0052: Cached page can result in accessing a destroyed HTMLInputElement
* CVE-2010-0054: Use of stale HTMLImageElement pointer    This update includes
bugfixes:  * fixes the build on SPARC64 and possibly some other non-x86 64-bit
platforms,  * makes tablet detection work with the new wacom drivers,  * makes
the QtMultimedia low-level sound API work (by enabling the ALSA backend),    and
new features:  * adds Provides for qt-assistant-adp and qt-assistant-adp-devel
in preparation for an upcoming package split.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 17 2010 Jaroslav Reznik <jreznik at redhat.com> - 4.6.2-8
- WebKit security update:
  CVE-2010-0046, CVE-2010-0049, CVE-2010-0050, CVE-2010-0051,
  CVE-2010-0052, CVE-2010-0054
* Sat Mar 13 2010 Kevin Kofler <Kevin at tigcc.ticalc.org> - 4.6.2-7
- BR alsa-lib-devel (for QtMultimedia)
* Sat Mar 13 2010 Kevin Kofler <Kevin at tigcc.ticalc.org> - 4.6.2-6
- Provides: qt-assistant-adp(-devel)
* Fri Mar  5 2010 Than Ngo <than at redhat.com> - 4.6.2-5
- Make tablet detection work with new wacom drivers (#569132)
* Mon Mar  1 2010 Rex Dieter <rdieter at fedoraproject.org> - 4.6.2-4
- fix 64bit platform logic, use linux-g++-64 everywhere except x86_64 (#569542)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #570349 - CVE-2010-0046, CVE-2010-0047, CVE-2010-0048, CVE-2010-0049, CVE-2010-0050, CVE-2010-0052, CVE-2010-0053, CVE-2010-0054 qt, webkitgtk: multiple security vulnerabilities in WebKit
        https://bugzilla.redhat.com/show_bug.cgi?id=570349
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update qt' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


More information about the package-announce mailing list