Bug#699870: [CVE-2013-0254] Qt Project Security Advisory: System V shared memory segments created world-writeable

To: Luciano Bello <luciano@debian.org>, 699870@bugs.debian.org
Subject: Bug#699870: [CVE-2013-0254] Qt Project Security Advisory: System V shared memory segments created world-writeable
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Sun, 18 Aug 2013 21:50:19 +0200
Message-id: <[🔎] 20130818195019.GA25877@eldamar.local>
Reply-to: Salvatore Bonaccorso <carnil@debian.org>, 699870@bugs.debian.org
In-reply-to: <201302060318.07526.luciano@debian.org>
References: <201302060318.07526.luciano@debian.org>

Hi Qt/KDE Maintainers,

On Wed, Feb 06, 2013 at 03:18:07AM +0100, Luciano Bello wrote:
> Package: qt4-x11
> Severity: important
> Tags: security patch
> Justification: user security hole
> 
> Hi Qt/KDE Maintainers,
>      This vulnerability had been reported against qt4-x11:
>  http://permalink.gmane.org/gmane.comp.lib.qt.devel/9759
>      The patch for 4.8 (which is in testing and sid) is available. For 4.6 looks 
> quite easy to port. Can build and test a patch for stable in order to release a 
> DSA?

Did you had a chance to look at this already? The patch for 4.7 is at
[1].

 [1] http://qt.gitorious.org/qt/qt/commit/57756e72adf2081137b97f0e689dd16c770d10b1

Regards,
Salvatore

Reply to:

Prev by Date: Processed: unarchiving 699870 ...
Next by Date: Processed: Re: Bug#699870: [CVE-2013-0254] Qt Project Security Advisory: System V shared memory segments created world-writeable
Previous by thread: Processed: unarchiving 699870 ...
Next by thread: Bug#699870: [CVE-2013-0254] Qt Project Security Advisory: System V shared memory segments created world-writeable
Index(es):
- Date
- Thread