registry team mailing list archive

Thread
Date

[Bug 649991] Re: CVE-2010-3374: insecure library loading

To: registry@xxxxxxxxxxxxxxxxxxx
From: Felix Geyer <debfx-pkg@xxxxxxxx>
Date: Tue, 28 Sep 2010 16:39:25 -0000
Reply-to: Bug 649991 <649991@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

qtcreator (1.2.1-3ubuntu1.1) karmic-security; urgency=low

  * SECURITY UPDATE: insecure library loading (LP: #649991)
    - bin/qtcreator: don't add an empty element to LD_LIBRARY_PATH,
      based on patch from upstream.
    - http://qt.gitorious.org/qt-creator/qt-creator/commit/3c00715c8e90c57953ec4a8716110f6954e524e4
    - CVE-2010-3374

 -- Felix Geyer <debfx-pkg@xxxxxxxx>  Tue, 28 Sep 2010 18:30:43 +0200

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3374

** Patch added: "qtcreator_1.2.1-3ubuntu1.1.debdiff"
   https://bugs.edge.launchpad.net/ubuntu/+source/qtcreator/+bug/649991/+attachment/1649579/+files/qtcreator_1.2.1-3ubuntu1.1.debdiff

-- 
CVE-2010-3374: insecure library loading
https://bugs.launchpad.net/bugs/649991
You received this bug notification because you are a member of Registry
Administrators, which is the registrant for Debian.

References

[Bug 649991] [NEW] CVE-2010-3374: insecure library loading
From: Felix Geyer, 2010-09-28