此内容没有您所选择的语言版本。

4.261. qt


Updated qt packages that fix two security issues are now available for Red Hat Enterprise Linux 6 FasTrack.
The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) associated with each description below.
Qt is a software toolkit that simplifies the task of writing and maintaining GUI (Graphical User Interface) applications for the X Window System. HarfBuzz is an OpenType text shaping engine.

Security Fixes

CVE-2011-3193
A buffer overflow flaw was found in the harfbuzz module in Qt. If a user loaded a specially-crafted font file with an application linked against Qt, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application.
CVE-2011-3194
A buffer overflow flaw was found in the way Qt handled certain gray-scale image files. If a user loaded a specially-crafted gray-scale image file with an application linked against Qt, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application.
Users of Qt should upgrade to these updated packages, which contain backported patches to correct these issues. All running applications linked against Qt libraries must be restarted for this update to take effect.
Updated qt packages that resolve several issues are now available for Red Hat Enterprise Linux 6.
Qt is a software toolkit that simplifies the task of writing and maintaining GUI (Graphical User Interface) applications for the X Window System.

Bug Fixes

BZ#562132
While using the Lohit font in the Malayalam script, the ra-kar character combination (0D4D + 0D30 in Unicode) was rendered incorrectly. This issue has been fixed and this combination is now rendered correctly.
BZ#679759
Example binary files in the qt-examples package were missing execute permissions, which meant that normal users could not run them. This has been fixed: file permissions have been corrected and the example files now can be executed properly.
BZ#680088
Due to an issue in the qt buildroot, the complexpong example was incorrectly removed for the PowerPC architecture qt-examples package, which caused that missing files were reported when the qt-examples file list was verified. This issue has been fixed: the complexpong example is now correctly included for all supported architectures.
BZ#716694
Previously, the /etc/rpm/macros.qt4 file was part of the qt-x11 package, which was incorrect. This issue has been corrected: the file has been moved into the qt-devel package.
All users of qt are advised to upgrade to these updated packages, which resolve these issues.
Red Hat logoGithubRedditYoutubeTwitter

学习

尝试、购买和销售

社区

关于红帽文档

通过我们的产品和服务,以及可以信赖的内容,帮助红帽用户创新并实现他们的目标。

让开源更具包容性

红帽致力于替换我们的代码、文档和 Web 属性中存在问题的语言。欲了解更多详情,请参阅红帽博客.

關於紅帽

我们提供强化的解决方案,使企业能够更轻松地跨平台和环境(从核心数据中心到网络边缘)工作。

© 2024 Red Hat, Inc.