Ubuntu Security Notice USN-513-1
18th September, 2007
qt-x11-free vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 7.04
- Ubuntu 6.10
- Ubuntu 6.06 LTS
Software description
- qt-x11-free
Details
Dirk Mueller discovered that UTF8 strings could be made to cause a small
buffer overflow. A remote attacker could exploit this by sending specially
crafted strings to applications that use the Qt3 library for UTF8 processing,
potentially leading to arbitrary code execution with user privileges, or a
denial of service.
Update instructions
The problem can be corrected by updating your system to the following package version:
- Ubuntu 7.04:
- libqt3-mt 3:3.3.8really3.3.7-0ubuntu5.2
- Ubuntu 6.10:
- libqt3-mt 3:3.3.6-3ubuntu3.3
- Ubuntu 6.06 LTS:
- libqt3-mt 3:3.3.6-1ubuntu6.4
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
After a standard system upgrade you need to restart your session to
effect the necessary changes.