oss-sec mailing list archives
Re: CVE request: libqt4: two memory issues
From: Tomas Hoger <thoger () redhat com>
Date: Wed, 24 Aug 2011 14:49:44 +0200
On Mon, 22 Aug 2011 10:43:23 +0200 Matthias Weckbecker wrote:
A) buffer overflow (looks only like an off-by-one from a very quick look) http://qt.gitorious.org/qt/qt/commit/9ae6f2f9a57f0c3096d5785913e437953fa6775c
The fix is for 3rdparty/harfbuzz, any reason to prefer calling it Qt, rather than harfbuzz / pango issue. The code even seems to be based on some FreeType code, though it's not obvious if FreeType was affected by that. Is that more than over-read?
B) buffer overflow on greyscale images with multiple samples per pixel https://bugzilla.novell.com/show_bug.cgi?id=637275 http://qt.gitorious.org/qt/qt/commit/cb6380beb81ab9571c547270c144988781fed465
The bug is not public. -- Tomas Hoger / Red Hat Security Response Team
Current thread:
- CVE request: libqt4: two memory issues Matthias Weckbecker (Aug 22)
- Re: CVE request: libqt4: two memory issues Tomas Hoger (Aug 24)
- Re: CVE request: libqt4: two memory issues Josh Bressers (Aug 24)
- Re: CVE request: libqt4: two memory issues Tomas Hoger (Aug 24)