[Bug 191218] [NEW] [qt4] [CVE-2007-5965] error in handling certificate verification in SSL connections
hk47
bugtracker at slideomania.com
Tue Feb 12 10:54:50 UTC 2008
Public bug reported:
Binary package hint: libqt4-core
References:
MDVSA-2008:042 (http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:042)
SUSE-SR:2008:002 (http://www.novell.com/linux/security/advisories/suse_security_summary_report.html)
Quoting CVE-2007-5965:
"QSslSocket in Trolltech Qt 4.3.0 through 4.3.2 does not properly verify SSL certificates, which might make it easier for remote attackers to trick a user into accepting an invalid server certificate for a spoofed service, or trick a service into accepting an invalid client certificate for a user."
** Affects: qt4-x11 (Ubuntu)
Importance: Undecided
Status: New
** Visibility changed to: Public
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2007-5965
--
[qt4] [CVE-2007-5965] error in handling certificate verification in SSL connections
https://bugs.launchpad.net/bugs/191218
You received this bug notification because you are a member of Kubuntu
Team, which is a bug contact for qt4-x11 in ubuntu.
More information about the kubuntu-bugs
mailing list