Mandrake Linux Security Advisory : qt4 (MDKSA-2007:075-1)
Medium Nessus Plugin ID 37324
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionAndreas Nolden discover a bug in qt4, where the UTF8 decoder does not reject overlong sequences, which can cause '/../' injection or (in the case of konqueror) a '<script>' tag injection.
Updated packages have been patched to address this issue.
Packages for Mandriva Linux 2007.1 are now available.
SolutionUpdate the affected packages.