A format string flaw has been found in the way QT's QTextEdit constructs error messages. This flaw does not affect QT4, or QT2. It is only present in QT3.
Created attachment 159351 [details] Proposed upstream patch This patch also fixes several additional format string flaws.
Credit for discovering this flaw should go to Tracey Parry of Portcullis Computer Security Ltd.
embargo set to 20070727 by Trolltech
This is now public: http://trolltech.com/company/newsroom/announcements/press.2007-07-27.7503755960
This issue was addressed in: Red Hat Enterprise Linux: http://rhn.redhat.com/errata/RHSA-2007-0721.html Fedora https://admin.fedoraproject.org/updates/F7/FEDORA-2007-2216