Start Reserving Your Bandwith
Hey folks, please start reserving your bandwith, since Pat and the security team has started to patch things and they started with upgraded Qt and also qca-tls packages. A lot of things will start to emerge in the -current tree (for now, it's only in the -stable tree). Here are the first -stable changelog after Slackware 11.0 releases:
Wed Oct 25 15:45:46 CDT 2006
patches/packages/qca-tls-1.0-i486-3_slack11.0.tgz: Rebuilt to place the plugin in /usr/lib/qt-3.3.7/plugins/crypto/.
patches/packages/qt-3.3.7-i486-1_slack11.0.tgz: Upgraded to qt-x11-free-3.3.7.
This fixes an issue with Qt's handling of pixmap images that causes Qt linked applications to crash if a specially crafted malicious image is loaded.
Inspection of the code in question makes it seem unlikely that this could lead to more serious implications (such as arbitrary code execution), but it is recommended that users upgrade to the new Qt package.
For more information, see:
(* Security fix *)