Multiple Qt Image Handling Heap Overflow Vulnerabilities Solution:
SuSE has released advisory SUSE-SA:2004:035 mainly to address the vulnerability described in BID 11281. However, in the addendum of this advisory, it is reported that fixes for the issues described in this BID for the Opera browser are now available on the SuSE update FTP server for download. Customers are advised to see the referenced advisory for further information regarding obtaining and applying appropriate updates.
Red Hat has released advisory RHSA-2004:478-13 and fixes to address these and other issues on Red Hat Linux Enterprise platforms. Customers who are affected by these issues are advised to apply the appropriate updates. Customers subscribed to the Red Hat Network may apply the appropriate fixes using the Red Hat Update Agent (up2date). Please see referenced advisory for additional information.
Mandrake has released advisory MDKSA-2004:085 to address this issue. Please see the attached advisory for further details on obtaining and applying fixes.
These issues have been addressed in Qt 3.3.3. It should be noted that applications that are statically compiled with the affected library will need to be recompiled against an updated version.
SUSE has released an advisory (SUSE-SA:2004:027) to address these issues. Please see the referenced advisory for more information.
RedHat has released an advisory (RHSA-2004:414-19) along with fixes to address these issues. Please see the referenced advisory for further information.
Gentoo Linux has released an advisory (GLSA 200408-20) along with fixes to address these issues. Please see the referenced advisory for further information. Users of affected packages are urged to execute the following commands with superuser privileges:
emerge sync
emerge -pv ">=x11-libs/qt-3.3.3"
emerge ">=x11-libs/qt-3.3.3"
RedHat has released two advisories (FEDORA-2004-270, FEDORA-2004-271) to address these issues in Fedora Core 1 and Fedora Core 2. Please see the referenced advisories for more information.
Slackware has released an advisory (SSA:2004-236-01) to address these issues. Please see the referenced advisory for more information.
Debian has released an advisory (DSA 542-1) to address these issues. Please see the referenced advisory for more information.
Turbolinux has released an advisory (TLSA-2004-21) to address these issues. Please see the referenced advisory for more information.
Sun has released Sun Alert ID:57637 dealing with these issues. Sun advises users to updated the affected packages using the select the Online Update from the launch bar:
Launch >> Applications >> System Tools >> Online Update
For more information please see the referenced Sun web advisory.
Conectiva Linux has released an advisory (CLA-2004:866) along with fixes dealing with this issue. Please see the referenced advisory for more information.
Red Hat has released an advisory (RHSA-2004:479-05) to address these and other issues in Red Hat Enterprise Linux. Please see the referenced advisory for more information.
Avaya has released an advisory indication vulnerable packages. Avaya has suggested that upgrades will be available to address these issue. Please see the advisory at the following location for more information:
http://support.avaya.com/japple/css/japple?temp.groupID=128450&temp.selectedFamily=128451&temp.selectedProduct=154235&temp.selectedBucket=126655&temp.feedbackState=askForFeedback&temp.documentID=203389&PAGE=avaya.css.CSSLvl1Detail&executeTransaction=avaya.css.UsageUpdate()
Fedora Legacy has released advisory FLSA-2005:2314 dealing with this and other issues for the Fedora Core 1 and RedHat Linux packages. Please see the referenced advisory for more information.
The Fedora Legacy project has released advisory FLSA:152763 to address this issue in RedHat Linux 7.3, and 9. Please see the referenced advisory for further information.
Trolltech Qt 2.3.1
Trolltech Qt 3.0
Trolltech Qt 3.0.3
Trolltech Qt 3.0.5
Trolltech Qt 3.1
Trolltech Qt 3.1.1
Trolltech Qt 3.1.2
Trolltech Qt 3.2.1
Trolltech Qt 3.2.3
Trolltech Qt 3.3 .0
Trolltech Qt 3.3.1
Trolltech Qt 3.3.2
