검색

이 콘텐츠는 선택한 언어로 제공되지 않습니다.

4.261. qt

download PDF
Updated qt packages that fix two security issues are now available for Red Hat Enterprise Linux 6 FasTrack.
The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) associated with each description below.
Qt is a software toolkit that simplifies the task of writing and maintaining GUI (Graphical User Interface) applications for the X Window System. HarfBuzz is an OpenType text shaping engine.

Security Fixes

CVE-2011-3193
A buffer overflow flaw was found in the harfbuzz module in Qt. If a user loaded a specially-crafted font file with an application linked against Qt, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application.
CVE-2011-3194
A buffer overflow flaw was found in the way Qt handled certain gray-scale image files. If a user loaded a specially-crafted gray-scale image file with an application linked against Qt, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application.
Users of Qt should upgrade to these updated packages, which contain backported patches to correct these issues. All running applications linked against Qt libraries must be restarted for this update to take effect.
Updated qt packages that resolve several issues are now available for Red Hat Enterprise Linux 6.
Qt is a software toolkit that simplifies the task of writing and maintaining GUI (Graphical User Interface) applications for the X Window System.

Bug Fixes

BZ#562132
While using the Lohit font in the Malayalam script, the ra-kar character combination (0D4D + 0D30 in Unicode) was rendered incorrectly. This issue has been fixed and this combination is now rendered correctly.
BZ#679759
Example binary files in the qt-examples package were missing execute permissions, which meant that normal users could not run them. This has been fixed: file permissions have been corrected and the example files now can be executed properly.
BZ#680088
Due to an issue in the qt buildroot, the complexpong example was incorrectly removed for the PowerPC architecture qt-examples package, which caused that missing files were reported when the qt-examples file list was verified. This issue has been fixed: the complexpong example is now correctly included for all supported architectures.
BZ#716694
Previously, the /etc/rpm/macros.qt4 file was part of the qt-x11 package, which was incorrect. This issue has been corrected: the file has been moved into the qt-devel package.
All users of qt are advised to upgrade to these updated packages, which resolve these issues.
Red Hat logoGithubRedditYoutubeTwitter

자세한 정보

평가판, 구매 및 판매

커뮤니티

Red Hat 문서 정보

Red Hat을 사용하는 고객은 신뢰할 수 있는 콘텐츠가 포함된 제품과 서비스를 통해 혁신하고 목표를 달성할 수 있습니다.

보다 포괄적 수용을 위한 오픈 소스 용어 교체

Red Hat은 코드, 문서, 웹 속성에서 문제가 있는 언어를 교체하기 위해 최선을 다하고 있습니다. 자세한 내용은 다음을 참조하세요.Red Hat 블로그.

Red Hat 소개

Red Hat은 기업이 핵심 데이터 센터에서 네트워크 에지에 이르기까지 플랫폼과 환경 전반에서 더 쉽게 작업할 수 있도록 강화된 솔루션을 제공합니다.

© 2024 Red Hat, Inc.