Debian Security Advisory DSA 1426-1 (qt-x11-free)

The remote host is missing an update to qt-x11-free announced via advisory DSA 1426-1.

Several local/remote vulnerabilities have been discovered in the Qt GUI Library. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-3388 Tim Brown and Dirk Müller discovered several format string vulnerabilities in the handling of error messages, which might lead to the execution of arbitrary code. CVE-2007-4137 Dirk Müller discovered an off-by-one buffer overflow in the Unicode handling, which might lead to the execution of arbitrary code. For the old stable distribution (sarge), these problems have been fixed in version 3:3.3.4-3sarge3. Packages for m68k will be provided later. For the stable distribution (etch), these problems have been fixed in version 3:3.3.7-4etch1. For the unstable distribution (sid), these problems have been fixed in version 3:3.3.7-8. We recommend that you upgrade your qt-x11-free packages.

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201426-1