Information on source package qt4-x11

Available versions

ReleaseVersion
wheezy4:4.8.2+dfsg-11
jessie4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u1
stretch4:4.8.7+dfsg-11
buster4:4.8.7+dfsg-11
sid4:4.8.7+dfsg-11

Open issues

BugwheezyjessiestretchbustersidDescription
CVE-2016-10040vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerablevulnerableStack-based buffer overflow in QXmlSimpleReader in Qt 4.8.5 allows ...
CVE-2015-1860vulnerable (no DSA)fixedfixedfixedfixedMultiple buffer overflows in gui/image/qgifhandler.cpp in the QtBase ...
CVE-2015-1859vulnerable (no DSA)fixedfixedfixedfixedMultiple buffer overflows in plugins/imageformats/ico/qicohandler.cpp ...
CVE-2015-1858vulnerable (no DSA)fixedfixedfixedfixedMultiple buffer overflows in gui/image/qbmphandler.cpp in the QtBase ...
CVE-2015-0295vulnerable (no DSA)fixedfixedfixedfixedThe BMP decoder in QtGui in QT before 5.5 does not properly calculate ...
CVE-2014-0190vulnerable (no DSA)fixedfixedfixedfixedThe GIF decoder in QtGui in Qt before 5.3 allows remote attackers to ...
CVE-2013-4549vulnerable (no DSA)fixedfixedfixedfixedQXmlSimpleReader in Qt before 5.2 allows context-dependent attackers ...

Open unimportant issues

BugwheezyjessiestretchbustersidDescription
TEMP-0568486-B6FCB6vulnerablevulnerablevulnerablevulnerablevulnerablebrowser javascript document.write denial-of-service
TEMP-0560108-565B70vulnerablevulnerablevulnerablevulnerablevulnerablebrowser-based css info disclosure
CVE-2009-3272vulnerablevulnerablevulnerablevulnerablevulnerableStack consumption vulnerability in WebKit.dll in WebKit in Apple ...
CVE-2009-3015vulnerablevulnerablevulnerablevulnerablevulnerableQtWeb 3.0 Builds 001 and 003 does not properly block javascript: and ...

Resolved issues

BugDescription
CVE-2013-0254The QSharedMemory class in Qt 5.0.0, 4.8.x before 4.8.5, 4.7.x before ...
CVE-2012-6093The QSslSocket::sslErrors function in Qt before 4.6.5, 4.7.x before ...
CVE-2012-5624The XMLHttpRequest object in Qt before 4.8.4 enables http redirection ...
CVE-2012-4929The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google ...
CVE-2011-3194Buffer overflow in the TIFF reader in gui/image/qtiffhandler.cpp in Qt ...
CVE-2011-3193Heap-based buffer overflow in the Lookup_MarkMarkPos function in the ...
CVE-2010-5076QSslSocket in Qt before 4.7.0-rc1 recognizes a wildcard IP address in ...
CVE-2010-3170Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird ...
CVE-2010-2621The QSslSocketBackendPrivate::transmit function in ...
CVE-2010-2490murmur DoS via malformed client query
CVE-2009-3933WebKit before r50173, as used in Google Chrome before 3.0.195.32, ...
CVE-2009-3384Multiple unspecified vulnerabilities in WebKit in Apple Safari before ...
CVE-2009-2841The HTMLMediaElement::loadResource function in ...
CVE-2009-2816The implementation of Cross-Origin Resource Sharing (CORS) in WebKit, ...
CVE-2009-2797The WebKit component in Safari in Apple iPhone OS before 3.1, and ...
CVE-2009-2700src/network/ssl/qsslcertificate.cpp in Nokia Trolltech Qt 4.x does not ...
CVE-2009-2200WebKit in Apple Safari before 4.0.3 does not properly restrict the URL ...
CVE-2009-2199Incomplete blacklist vulnerability in WebKit in Apple Safari before ...
CVE-2009-2195Buffer overflow in WebKit in Apple Safari before 4.0.3 allows remote ...
CVE-2009-1725WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, ...
CVE-2009-1724Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...
CVE-2009-1718WebKit in Apple Safari before 4.0 allows user-assisted remote ...
CVE-2009-1715Cross-site scripting (XSS) vulnerability in Web Inspector in WebKit in ...
CVE-2009-1714Cross-site scripting (XSS) vulnerability in Web Inspector in WebKit in ...
CVE-2009-1713The XSLT functionality in WebKit in Apple Safari before 4.0 does not ...
CVE-2009-1712WebKit in Apple Safari before 4.0 does not prevent remote loading of ...
CVE-2009-1711WebKit in Apple Safari before 4.0 does not properly initialize memory ...
CVE-2009-1710WebKit in Apple Safari before 4.0 allows remote attackers to spoof the ...
CVE-2009-1703WebKit in Apple Safari before 4.0 does not prevent references to file: ...
CVE-2009-1702Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...
CVE-2009-1701Use-after-free vulnerability in the JavaScript DOM implementation in ...
CVE-2009-1700The XSLT implementation in WebKit in Apple Safari before 4.0, iPhone ...
CVE-2009-1699The XSL stylesheet implementation in WebKit in Apple Safari before ...
CVE-2009-1698WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and ...
CVE-2009-1697CRLF injection vulnerability in WebKit in Apple Safari before 4.0, ...
CVE-2009-1696WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and ...
CVE-2009-1695Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...
CVE-2009-1694WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and ...
CVE-2009-1693WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and ...
CVE-2009-1692WebKit before r41741, as used in Apple iPhone OS 1.0 through 2.2.1, ...
CVE-2009-1691Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...
CVE-2009-1690Use-after-free vulnerability in WebKit, as used in Apple Safari before ...
CVE-2009-1689Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...
CVE-2009-1688Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...
CVE-2009-1687The JavaScript garbage collector in WebKit in Apple Safari before 4.0, ...
CVE-2009-1686WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and ...
CVE-2009-1685Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...
CVE-2009-1684Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...
CVE-2009-1681WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and ...
CVE-2009-0945Array index error in the insertItemBefore method in WebKit, as used in ...
CVE-2008-3632Use-after-free vulnerability in WebKit in Apple iPod touch 1.1 through ...
CVE-2008-2307Unspecified vulnerability in WebKit in Apple Safari before 3.1.2, as ...
CVE-2008-1026Integer overflow in the PCRE regular expression compiler ...
CVE-2008-1025Cross-site scripting (XSS) vulnerability in Apple WebKit, as used in ...
CVE-2008-0298KHTML WebKit as used in Apple Safari 2.x allows remote attackers to ...
CVE-2007-5965QSslSocket in Trolltech Qt 4.3.0 through 4.3.2 does not properly ...
CVE-2007-4137Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech ...
CVE-2007-3388Multiple format string vulnerabilities in (1) qtextedit.cpp, (2) ...
CVE-2007-0242The UTF-8 decoder in codecs/qutfcodec.cpp in Qt 3.3.8 and 4.2.3 does ...
CVE-2006-4811Integer overflow in Qt 3.3 before 3.3.7, 4.1 before 4.1.5, and 4.2 ...
CVE-2006-2783Mozilla Firefox and Thunderbird before 1.5.0.4 strip the Unicode ...

Security announcements

DSA / DLADescription
DLA-210-1qt4-x11 - security update
DLA-117-1qt4-x11 - security update
DSA-1988-1qt4-x11 - several vulnerabilities
DSA-1292-1qt4-x11

Search for package or bug name: Reporting problems