oss-sec mailing list archives

Re: CVE request: libqt4: two memory issues

From: Tomas Hoger <thoger () redhat com>
Date: Wed, 24 Aug 2011 14:49:44 +0200

On Mon, 22 Aug 2011 10:43:23 +0200 Matthias Weckbecker wrote:

A) buffer overflow (looks only like an off-by-one from a very quick
look)
http://qt.gitorious.org/qt/qt/commit/9ae6f2f9a57f0c3096d5785913e437953fa6775c


The fix is for 3rdparty/harfbuzz, any reason to prefer calling it Qt,
rather than harfbuzz / pango issue.  The code even seems to be based on
some FreeType code, though it's not obvious if FreeType was affected by
that.  Is that more than over-read?

B) buffer overflow on greyscale images with multiple samples per pixel
https://bugzilla.novell.com/show_bug.cgi?id=637275
http://qt.gitorious.org/qt/qt/commit/cb6380beb81ab9571c547270c144988781fed465


The bug is not public.

-- 
Tomas Hoger / Red Hat Security Response Team

Current thread:

CVE request: libqt4: two memory issues Matthias Weckbecker (Aug 22)
- Re: CVE request: libqt4: two memory issues Tomas Hoger (Aug 24)
- Re: CVE request: libqt4: two memory issues Josh Bressers (Aug 24)
  - Re: CVE request: libqt4: two memory issues Tomas Hoger (Aug 24)