U radu programskog paketa Qt, distribuiranog s operacijskim sustavom Fedora 14, uočen je sigurnosni propust. Zlonamjerni ga korisnik može iskoristiti za izvođenje DoS napada.

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-12145
2011-09-06 23:26:29
--------------------------------------------------------------------------------

Name        : qt
Product     : Fedora 14
Version     : 4.7.4
Release     : 2.fc14
URL         : http://www.qtsoftware.com/
Summary     : Qt toolkit
Description :
Qt is a software toolkit for developing applications.

This package contains base tools, like string, xml, and network
handling.

--------------------------------------------------------------------------------
Update Information:

Update Information:

QtGui
-----
 - [QTBUG-20214] QRentBook: LSK and RSK of booking page will change
   somethimes
 - [QTBUG-19656] Spectrum: the Mode menu disappears after the device is changed
from portrait to landscape.
 - [QTBUG-19260] Cursor cannot be placed between letters f and i - "fi"
   is interpreted as one character
 - [QTBUG-19157] Crash in QGLContextPrivate::bindTexture() when using
   QPainter::fillRect() with a brush having a size > max_texture_size
 - [QTBUG-19089] TextInput positionToRectangle doesn't return correct
   coordinates for the cursor in pre-edit mode
 - [QTBUG-19067] Font glyphs get clipped on the top
 - [QTBUG-18500] QTextBlock crash
 - [QTBUG-18303] Arabic multiline text is clipped on the right
 - [QTBUG-18185] QStaticText: Wrong kerning and baselines when rotating a
QGraphicsView
 - [QTBUG-17443] Feedreadercrash: when opening feed with unicode characters
 - [QTBUG-17244] QGraphicsLayout Layouting should be done in one go. Ugly
layouting visible otherwise
 - [QTBUG-17209] Bug-231 introduces an off-by-one error
 - [QTBUG-17117] Arabic reordering problem when 2 fonts are used
 - [QTBUG-11131] QAbstractScrollArea::setViewport() causes crash when used
   from within event handler method
 - [QTBUG-16422] Big coordinate values cause segfault on ARM when calling
   QGraphicsEllipseItem::contains
 - [QTBUG-18017] Regression: Text selection with shift-click stopped working
 - [QTBUG-18192] Crash when invoking blockBoundingRect over a QTextDocument
   documentLayout
 - [QTBUG-17505] Inflexible focus handling in QGraphicsScene
 - [QTBUG-17020] QPainter::drawText() fails to draw correct text in some
circumstances. Related to QTBUG-12950
 - [QTBUG-16401] QGraphicsScene returns focus incorrectly when QGraphicsView
   is focused
 - [QTBUG-17812] regression: qsortfilterproxymodel::reset doesn't invalidate
the model (Windows)
 - [QTBUG-17230] QPlainTextEdit corruption/crash after scrolling
 - [QTBUG-17536] qguistatemachine::cloneEvent doesn't clone
   GraphicsSceneWheel Events correctly
 - [QTBUG-17254] XPM files crash QImage (write)
 - [QTBUG-16292] QTreeView crash in indexRowSizeHint/itemHeight
 - [QTBUG-17390] Child widgets don't inherit their parent's input contexts
 - [QTBUG-15910] setstylesheet on a QComboBox causes a segmentation fault
 - [QTBUG-16652] Compilation of "4.7" branch fails:
   private/qdrawhelper_arm_simd_p.h: No such file or directory

QtNetwork
---------
 - [QTBUG-17464] SIGBUS in fetchAndAddOrdered from
   QlcdEngine::connectionStateSignalsSlot
 - [QTBUG-16022] QHttpNetworkConnectionChannel::expand discards data if
gzip-stream has missing end-of-stream marker
 - [QTBUG-17199] ICD Bearer management: Causes the main thread to hang when ran
on a different thread.

QtCore
------
 - [QTBUG-15421] QDirIterator returns hidden directories when it should only
return files and returns hidden files when it should only return directories

QtScript
--------
 - [QTBUG-17815] Missing APIShims in obsoleted QScriptValue constructor
 - [QTBUG-17788] Crash when calling collectGarbage() after requesting
   arguments object of native context

QtDBus
------
 - [QTBUG-14228] Ensure Qt 4.7 doesn't crash when a D-Bus message with file
descriptors is received

QtSql
-----
 - [QTBUG-14831] Dynamic sorting of a QSortFilterProxyModel on a
   QSqlTableModel with OnManualSubmit is broken (4.7 regression)

Declarative
-----------
 - [QTBUG-20159] No effect of setting color on a QStaticText or a
   QML element
 - [QTBUG-18428] Colored and underlined styled text are not underlined or
   completely coloured on device
 - [QTBUG-18362] wigglytext.qml does not behave correctly in qmlscene
 - [QTBUG-18266] More than one XmlListModel - Lists randomly show data from
wrong model
 - [QTBUG-15983] Cannot pass enum value as signal parameter from C++ to QML
 - [QTBUG-14974] ListView and GridView + contentY performance
 - [QTBUG-18412] Crash in sendPostedEvents() - QObject::isWidgetType()
   (issue with QDeclarativePixmapReply)
 - [QTBUG-15356] PathView doesn't update if preferredHighlightBegin and
preferredHighlightEnd changed
 - [QTBUG-17562] TextInput text in echo mode PasswordEchoOnEdit revealed on
refocus
 - [QTBUG-17775] Crash when using FolderListModel with a repeater
 - [QTBUG-17361] Nested pressDelays crashes application
 - [QTBUG-15705] QDeclarativeTextInput::mousePressEvent() doesn't call
QInputContext::mouseHandler()
 - [QTBUG-17501] Focus: Tap any of the Rounded-cornered rectangle, the context
menu doesn't disappear.
 - [QTBUG-17008] ListView + XmlListModel freeze application when change
language key combination
 - [QTBUG-17324] incorrect 'version is not installed' error when importing
   QML module
 - [QTBUG-16999] QML TextInput doesn't scroll if writing preedit at the end
   of the line
 - [QTBUG-13451] Support property versioning in QML
 - [QTBUG-16959] Crash when using Grid.TopToBottom flow with Repeater inside
Grid
 - [QTBUG-16522] QML ListView Should Support Dynamic Headers and Footers
 - [QTBUG-17114] QtQuick 1.1 alignment regression
 - [QTBUG-16283] TextEdit and TextInput need text selection modes
 - [QTBUG-16284] Disable drag and drop in TextEdit and TextInput

OpenVG
------
 - [QTBUG-18682] QImage convertToFormat does not work with certain image
formats when default (OpenVG) rendering engine used.

OpenGL
------
 - [QTBUG-17256] Change QGLPixmapData load functions to use the
   'convertInPlace' versions of QImage to save memory

Qt for Linux/X11
----------------
 - Declarative
    * [QTBUG-19914] Segfault in QDeclarativeBinding::createBinding triggered by
QMultimediaKit
 - gui
    * [QTBUG-16175] REG: Qt 4.7/Linux Qt Designer / Qt Creator show multiple
warnings: "Application asked to unregister timer 0x17000002 which is not
registered in this thread. Fix application."


Additionally, this update fixes offline HTML documentation
--------------------------------------------------------------------------------
ChangeLog:

* Fri Sep 16 2011 Lukas Tinkl <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 1:4.7.4-2
- respun upstream tarball to fix offline HTML docu
  (https://bugreports.qt.nokia.com/browse/QTBUG-21454)
* Thu Sep  1 2011 Rex Dieter <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1:4.7.4-1
- 4.7.4
* Sat Aug 27 2011 Than Ngo <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 1:4.7.3-9
- drop unused rhel conditional
* Sat Jul 23 2011 Rex Dieter <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1:4.7.3-8
- fix QMAKE_LIBDIR_QT, for missing QT_SHARED define (#725183)
* Thu Jul  7 2011 Rex Dieter <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1:4.7.3-7
- Adding qt-sql-ibase driver for qt (#719002)
- qvfb subpackage (#718416)
* Mon Jun 20 2011 Rex Dieter <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1:4.7.3-6
- fontconfig patch respin (#705348, QTBUG-19947)
* Mon Jun 20 2011 Rex Dieter <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1:4.7.3-5
- updated fontconfig patch (#705348, QTBUG-19947)
* Tue Jun  7 2011 Than Ngo <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 1:4.7.3-4
- bz#705348, Lohit fonts accidentally disable the bytecode interpreter for Qt
* Thu May 19 2011 Rex Dieter <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1:4.7.3-3
- omit %{_qt4_plugindir}/designer/libqwebview.so too
* Thu May 19 2011 Rex Dieter <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1:4.7.3-2
- omit bundled webkit on f16+ (in favor of separately packaged qtwebkit)
* Thu May  5 2011 Jaroslav Reznik <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1:4.7.3-1
- 4.7.3
* Thu Apr 21 2011 Rex Dieter <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1:4.7.2-9
- -webkit-devel: move qt_webkit_version.pri here
* Fri Apr  1 2011 Rex Dieter <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1:4.7.2-8
- -devel-private: qt-creator/QmlDesigner requires qt private headers (#657498)
* Fri Mar 25 2011 Rex Dieter <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1:4.7.2-7
- followup patch for QTBUG-18338, blacklist fraudulent SSL certifcates
* Fri Mar 25 2011 Rex Dieter <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1:4.7.2-6
- drop qt-designer-plugin-phonon
* Fri Mar 25 2011 Than Ngo <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 1:4.7.2-5
- apply patch to fix QTBUG-18338, blacklist fraudulent SSL certifcates
* Tue Mar 22 2011 Jaroslav Reznik <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1:4.7.2-4
- rebuild (mysql)
* Fri Mar 11 2011 Dan HorÄ