Updated qt packages that correct an integer overflow flaw are now
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
Qt is a software toolkit that simplifies the task of writing and
maintaining GUI (Graphical User Interface) applications for the X Window
Several format string flaws were found in Qt error message handling. If an
application linked against Qt created an error message from user supplied
data in a certain way, it could lead to a denial of service or possibly
allow the execution of arbitrary code. (CVE-2007-3388)
Users of Qt should upgrade to these updated packages, which contain a
backported patch to correct these issues.
CentOS would like to acknowledge Tim Brown of Portcullis Computer
Security and Dirk Mueller for these issues.