Gentoo Linux Security Advisory 201311-14 - Multiple vulnerabilities have been discovered in QtCore and QtGui, possibly resulting in execution of arbitrary code, Denial of Service, or man-in-the-middle attacks. Versions less than 4.8.4-r2 are affected.
48adb5e90b61766cc2b61bf6a9f67ae045e98144649b3e6a9b77199924122d98
Red Hat Security Advisory 2013-0669-01 - Qt is a software toolkit that simplifies the task of writing and maintaining GUI applications for the X Window System. It was discovered that the QSharedMemory class implementation of the Qt toolkit created shared memory segments with insecure permissions. A local attacker could use this flaw to read or alter the contents of a particular shared memory segment, possibly leading to their ability to obtain sensitive information or influence the behavior of a process that is using the shared memory segment.
0e67715652896aa6a5c89b1f944208d96234e81835c89b6e02a33a791946f822
Ubuntu Security Notice 1723-1 - Richard J. Moore and Peter Hartmann discovered that Qt allowed redirecting requests from http to file schemes. If an attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information. This issue only affected Ubuntu 11.10, Ubuntu 12.04 LTS, and Ubuntu 12.10. Stephen Cheng discovered that Qt may report incorrect errors when ssl certificate verification fails. Various other issues were also addressed.
4605f641fa86a28f32d2a30ade5206711c95382ac77712e820d92294787e541b