ubuntu-sdk-bugs team mailing list archive
-
ubuntu-sdk-bugs team
-
Mailing list archive
-
Message #00312
[Bug 1259577] Re: Security: XML Entity Expansion Denial of Service
This bug was fixed in the package qt4-x11 - 4:4.8.3+dfsg-0ubuntu3.2
---------------
qt4-x11 (4:4.8.3+dfsg-0ubuntu3.2) quantal-security; urgency=low
* SECURITY UPDATE: [XML Entity Expansion Denial of Service] (LP: #1259577).
- Add CVE-2013-4549.diff
- add limit in src/xml/sax/qxml.cpp
- http://lists.qt-project.org/pipermail/announce/2013-December/000036.html
- CVE-2013-4549
-- Jonathan Riddell <jriddell@xxxxxxxxxx> Tue, 10 Dec 2013 22:44:01 +0000
** Changed in: qt4-x11 (Ubuntu Quantal)
Status: New => Fix Released
** Changed in: qt4-x11 (Ubuntu Raring)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
SDK bug tracking, which is subscribed to qtbase-opensource-src in
Ubuntu.
https://bugs.launchpad.net/bugs/1259577
Title:
Security: XML Entity Expansion Denial of Service
Status in “qt4-x11” package in Ubuntu:
Fix Released
Status in “qtbase-opensource-src” package in Ubuntu:
Fix Released
Status in “qt4-x11” source package in Precise:
Fix Released
Status in “qt4-x11” source package in Quantal:
Fix Released
Status in “qt4-x11” source package in Raring:
Fix Released
Status in “qtbase-opensource-src” source package in Raring:
Fix Released
Status in “qt4-x11” source package in Saucy:
Fix Released
Status in “qtbase-opensource-src” source package in Saucy:
Fix Released
Status in “qt4-x11” source package in Trusty:
Fix Released
Status in “qtbase-opensource-src” source package in Trusty:
Fix Released
Bug description:
http://lists.qt-
project.org/pipermail/announce/2013-December/000036.html
Qt Project Security Advisory
----------------------------
Title: XML Entity Expansion Denial of Service
Risk Rating: Low
CVE: CVE-2013-4549
Platforms: All
Modules: QtBase
Versions: All versions before 5.2
Author: Richard J. Moore <rich at kde.org>
Date: 5 December 2013
Overview
--------
QXmlSimpleReader in Qt versions prior to 5.2 supports expansion of internal
entities in XML documents without placing restrictions to ensure the document
does not cause excessive memory usage. If an application using this API
processes untrusted data then the application may use unexpected amounts of
memory if a malicious document is processed.
Details
-------
It is possible to construct XML documents using internal entities that consume
large amounts of memory and other resources to process, this is known as the
'Billion Laughs' attack. Qt versions prior to 5.2 did not offer protection
against this issue.
Impact
------
An application loading untrusted XML data may consume arbitrary amounts of
memory and CPU when attempting to parse a maliciously constructed document.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/qt4-x11/+bug/1259577/+subscriptions
References