Bug#699870: [CVE-2013-0254] Qt Project Security Advisory: System V shared memory segments created world-writeable
Hi Lisandro
[Really apologies not having replied earlier]
On Sun, Aug 18, 2013 at 09:37:06PM -0300, Lisandro Damián Nicanor Pérez Meyer wrote:
> On Sunday 18 August 2013 22:11:39 Salvatore Bonaccorso wrote:
> > Control: tags -1 + patch
> >
> > Hi Qt/KDE Maintainers,
> >
> > Attached is a (yet at all untested) patch based on the commits for the
> > 4.7 branch [1].
> >
> > [1]
> > http://qt.gitorious.org/qt/qt/commit/57756e72adf2081137b97f0e689dd16c770d10
> > b1
>
> This is from the top of my head: IIRC, this got into Wheezy and I was working
> with a fix for Squeeze which also included some blacklisting stuff that was
> objected by a reason I don't quite remember now.
>
> Some time later, we released Wheezy.
>
> I currently don't have a Squeeze installation at hand nor the time to look at
> it. I don't know the if anyone of the rest of the team has some spare time to
> look into this.
... probably the following: Sune Vuorela pointed to #700530[1]. If the
above patches are applied, this introduces the problem mentioned on
kfreebsd-i386 and kfreebsd-amd64.
Regards,
Salvatore
Reply to: