Trolltech releases security fix for Qt 4.3

Qt 4 versions 4.3.0, 4.3.1 and 4.3.2 have a potential vulnerability in QSslSocket, which might cause a certificate verification in SSL connections not to be performed.

View Related News

As a consequence, code using QSslSocket might be misled into thinking the certificate was verified correctly when it actually failed in one or more criteria. To solve the issue, apply the following patch. The current maintenance release of Qt (4.3.3) already has the patch included.

This vulnerability has been assigned CVE-2007-5965.-Trolltech

harminka's picture

Posted December 28th, 2007 by harminka

Your comments...

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <p> <br> <a> <em> <ul> <ol> <li> <strong> <blockquote>

More information about formatting options

6 + 4 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.