From Mageia wiki
Jump to: navigation, search

MGASA-2013-0053

Date: February 16th, 2013
Affected releases: 2
Media: Core


Description:
Updated qt4 packages fix security vulnerabilities:

A security vulnerability has been discovered in the SSL/TLS protocol, which
affects connections using compression. The protocol, as used by Qt before
4.8.4, can encrypt compressed data without properly obfuscating the length
of the unencrypted data, which allows man-in-the-middle attackers to obtain
plaintext HTTP headers by observing length differences during a series of
guesses in which a string in an HTTP request potentially matches an unknown
string in an HTTP header, aka a "CRIME" attack (CVE-2012-4929).

The XMLHttpRequest object in Qt is intended to offer similar behaviour to
that in web browsers, though it intentionally does not enforce the same-
orign policy. It has been determined that the implementation in Qt will
allow redirection from http to file schemes which may allow an attacker
performing a man-in-the-middle attack to cause QML applications to leak
sensitive information (CVE-2012-5624).

A security flaw was found in the way QSslSocket implementation of the Qt,
a software toolkit for applications development, performed certificate
verification callbacks, when Qt libraries were used with different OpenSSL
version than the one, they were compiled against. In such scenario, this
would result in a connection error, but with the SSL error list to contain
QSslError:NoError instead of proper reason of the error. This might result
in a confusing error being presented to the end users, possibly encouraging
them to ignore the SSL errors for the site the connection was initiated
against (CVE-2012-6093).

Two intermediate CA certificates were mis-issued by the TURKTRUST
certificate authority. If a remote attacker were able to perform a
man-in-the-middle attack, this flaw could be exploited to view sensitive
information (CVE-2013-0743).

The QSharedMemory class in Qt 5.0.0, 4.8.x before 4.8.5, 4.7.x before 4.7.6,
and other versions including 4.4.0 uses weak permissions (world-readable
and world-writable) for shared memory segments, which allows local users
to read sensitive information or modify critical program data, as
demonstrated by reading a pixmap being sent to an X server (CVE-2013-0254).

This update provides Qt4 4.8.4, which disables SSL/TLS compression by
default to mitigate CVE-2012-4929 and makes the rules for redirects a bit
stricter to mitigate CVE-2012-5624.

Patches from upstream have been included to fix CVE-2013-0254 by forcing
all System V shared memory segments to be created with user-only permissions,
fix CVE-2012-6093 by using the correct public API in openssl, and fix
CVE-2013-0743 by blacklisting the invalid certificates.


Updated Packages:
i586:
libqt3support4-4.8.4-1.1.mga2.i586.rpm
libqt4-devel-4.8.4-1.1.mga2.i586.rpm
libqtclucene4-4.8.4-1.1.mga2.i586.rpm
libqtcore4-4.8.4-1.1.mga2.i586.rpm
libqtdbus4-4.8.4-1.1.mga2.i586.rpm
libqtdeclarative4-4.8.4-1.1.mga2.i586.rpm
libqtdesigner4-4.8.4-1.1.mga2.i586.rpm
libqtgui4-4.8.4-1.1.mga2.i586.rpm
libqthelp4-4.8.4-1.1.mga2.i586.rpm
libqtmultimedia4-4.8.4-1.1.mga2.i586.rpm
libqtnetwork4-4.8.4-1.1.mga2.i586.rpm
libqtopengl4-4.8.4-1.1.mga2.i586.rpm
libqtscript4-4.8.4-1.1.mga2.i586.rpm
libqtscripttools4-4.8.4-1.1.mga2.i586.rpm
libqtsql4-4.8.4-1.1.mga2.i586.rpm
libqtsvg4-4.8.4-1.1.mga2.i586.rpm
libqttest4-4.8.4-1.1.mga2.i586.rpm
libqtxml4-4.8.4-1.1.mga2.i586.rpm
libqtxmlpatterns4-4.8.4-1.1.mga2.i586.rpm
qt4-accessibility-plugin-4.8.4-1.1.mga2.i586.rpm
qt4-assistant-4.8.4-1.1.mga2.i586.rpm
qt4-common-4.8.4-1.1.mga2.i586.rpm
qt4-database-plugin-mysql-4.8.4-1.1.mga2.i586.rpm
qt4-database-plugin-pgsql-4.8.4-1.1.mga2.i586.rpm
qt4-database-plugin-sqlite-4.8.4-1.1.mga2.i586.rpm
qt4-database-plugin-tds-4.8.4-1.1.mga2.i586.rpm
qt4-demos-4.8.4-1.1.mga2.i586.rpm
qt4-designer-4.8.4-1.1.mga2.i586.rpm
qt4-designer-plugin-qt3support-4.8.4-1.1.mga2.i586.rpm
qt4-designer-plugin-webkit-4.8.4-1.1.mga2.i586.rpm
qt4-devel-private-4.8.4-1.1.mga2.noarch.rpm
qt4-doc-4.8.4-1.1.mga2.noarch.rpm
qt4-examples-4.8.4-1.1.mga2.i586.rpm
qt4-graphicssystems-plugin-4.8.4-1.1.mga2.i586.rpm
qt4-linguist-4.8.4-1.1.mga2.i586.rpm
qt4-qdoc3-4.8.4-1.1.mga2.i586.rpm
qt4-qmlviewer-4.8.4-1.1.mga2.i586.rpm
qt4-qtconfig-4.8.4-1.1.mga2.i586.rpm
qt4-qtdbus-4.8.4-1.1.mga2.i586.rpm
qt4-qvfb-4.8.4-1.1.mga2.i586.rpm
qt4-xmlpatterns-4.8.4-1.1.mga2.i586.rpm
qt4-debug-4.8.4-1.1.mga2.i586.rpm

x86_64:
lib64qt3support4-4.8.4-1.1.mga2.x86_64.rpm
lib64qt4-devel-4.8.4-1.1.mga2.x86_64.rpm
lib64qtclucene4-4.8.4-1.1.mga2.x86_64.rpm
lib64qtcore4-4.8.4-1.1.mga2.x86_64.rpm
lib64qtdbus4-4.8.4-1.1.mga2.x86_64.rpm
lib64qtdeclarative4-4.8.4-1.1.mga2.x86_64.rpm
lib64qtdesigner4-4.8.4-1.1.mga2.x86_64.rpm
lib64qtgui4-4.8.4-1.1.mga2.x86_64.rpm
lib64qthelp4-4.8.4-1.1.mga2.x86_64.rpm
lib64qtmultimedia4-4.8.4-1.1.mga2.x86_64.rpm
lib64qtnetwork4-4.8.4-1.1.mga2.x86_64.rpm
lib64qtopengl4-4.8.4-1.1.mga2.x86_64.rpm
lib64qtscript4-4.8.4-1.1.mga2.x86_64.rpm
lib64qtscripttools4-4.8.4-1.1.mga2.x86_64.rpm
lib64qtsql4-4.8.4-1.1.mga2.x86_64.rpm
lib64qtsvg4-4.8.4-1.1.mga2.x86_64.rpm
lib64qttest4-4.8.4-1.1.mga2.x86_64.rpm
lib64qtxml4-4.8.4-1.1.mga2.x86_64.rpm
lib64qtxmlpatterns4-4.8.4-1.1.mga2.x86_64.rpm
qt4-accessibility-plugin-4.8.4-1.1.mga2.x86_64.rpm
qt4-assistant-4.8.4-1.1.mga2.x86_64.rpm
qt4-common-4.8.4-1.1.mga2.x86_64.rpm
qt4-database-plugin-mysql-4.8.4-1.1.mga2.x86_64.rpm
qt4-database-plugin-pgsql-4.8.4-1.1.mga2.x86_64.rpm
qt4-database-plugin-sqlite-4.8.4-1.1.mga2.x86_64.rpm
qt4-database-plugin-tds-4.8.4-1.1.mga2.x86_64.rpm
qt4-demos-4.8.4-1.1.mga2.x86_64.rpm
qt4-designer-4.8.4-1.1.mga2.x86_64.rpm
qt4-designer-plugin-qt3support-4.8.4-1.1.mga2.x86_64.rpm
qt4-designer-plugin-webkit-4.8.4-1.1.mga2.x86_64.rpm
qt4-devel-private-4.8.4-1.1.mga2.noarch.rpm
qt4-doc-4.8.4-1.1.mga2.noarch.rpm
qt4-examples-4.8.4-1.1.mga2.x86_64.rpm
qt4-graphicssystems-plugin-4.8.4-1.1.mga2.x86_64.rpm
qt4-linguist-4.8.4-1.1.mga2.x86_64.rpm
qt4-qdoc3-4.8.4-1.1.mga2.x86_64.rpm
qt4-qmlviewer-4.8.4-1.1.mga2.x86_64.rpm
qt4-qtconfig-4.8.4-1.1.mga2.x86_64.rpm
qt4-qtdbus-4.8.4-1.1.mga2.x86_64.rpm
qt4-qvfb-4.8.4-1.1.mga2.x86_64.rpm
qt4-xmlpatterns-4.8.4-1.1.mga2.x86_64.rpm
qt4-debug-4.8.4-1.1.mga2.x86_64.rpm

SRPMS:
qt4-4.8.4-1.1.mga2.src.rpm


References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5624
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6093
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0254
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0743
http://qt.digia.com/Release-Notes/security-issue-september-2012/
http://lists.qt-project.org/pipermail/announce/2012-November/000014.html
http://qt.digia.com/Release-Notes/Release-Notes-Qt-484/
http://lists.qt-project.org/pipermail/announce/2013-January/000020.html
http://lists.qt-project.org/pipermail/announce/2013-January/000021.html
http://lists.qt-project.org/pipermail/announce/2013-February/000023.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089815.html
http://lists.opensuse.org/opensuse-updates/2012-10/msg00096.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-December/094633.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-January/096444.html
http://www.ubuntu.com/usn/USN-1687-1/
https://bugs.mageia.org/show_bug.cgi?id=7998

Retrieved from "https://wiki.mageia.org/mw-en/index.php?title=Support/Advisories/MGASA-2013-0053&oldid=14535"