Debian Security Advisory DSA 542-1 (qt-copy)

The remote host is missing an update to qt-copy announced via advisory DSA 542-1.

Several vulnerabilities were discovered in recent versions of Qt, a commonly used graphic widget set, used in KDE for example. The first problem allows an attacker to execute arbitrary code, while the other two only seem to pose a denial of service danger. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities: CVE-2004-0691: Chris Evans has discovered a heap-based overflow when handling 8-bit RLE encoded BMP files. CVE-2004-0692: Marcus Meissner has discovered a crash condition in the XPM handling code, which is not yet fixed in Qt 3.3. CVE-2004-0693: Marcus Meissner has discovered a crash condition in the GIF handling code, which is not yet fixed in Qt 3.3. For the stable distribution (woody) this problem has been fixed in version 3.0.3-20020329-1woody2. For the unstable distribution (sid) this problem has been fixed in version 3.3.3-4 of qt-x11-free. We recommend that you upgrade your qt packages.

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20542-1