Synopsis :

These remote packages are missing security patches :
- libqt4-assistant
- libqt4-core
- libqt4-dbg
- libqt4-dbus
- libqt4-debug
- libqt4-designer
- libqt4-dev
- libqt4-dev-dbg
- libqt4-gui
- libqt4-help
- libqt4-network
- libqt4-opengl
- libqt4-opengl-dev
- libqt4-qt3support
- libqt4-script
- libqt4-scripttools
- libqt4-sql
- libqt4-sql-mysql
- libqt4-sql-odbc
- libqt4-sql-psql
- libqt4-sql-sqlite
- libqt4-sql-sqlite2
- libqt4-svg
- libqt4-test
- libqt4-webkit
- libqt4-webkit-dbg

[...]

Description :

It was discovered that Qt did not properly handle certificates with NULL
characters in the Subject Alternative Name field of X.509 certificates. An
attacker could exploit this to perform a man in the middle attack to view
sensitive information or alter encrypted communications. (CVE-2009-2700)

Solution :

Upgrade to :
- libqt4-assistant-4.5.0-0ubuntu4.2 (Ubuntu 9.04)
- libqt4-core-4.5.0-0ubuntu4.2 (Ubuntu 9.04)
- libqt4-dbg-4.5.0-0ubuntu4.2 (Ubuntu 9.04)
- libqt4-dbus-4.5.0-0ubuntu4.2 (Ubuntu 9.04)
- libqt4-debug-4.3.4-0ubuntu3.1 (Ubuntu 8.04)
- libqt4-designer-4.5.0-0ubuntu4.2 (Ubuntu 9.04)
- libqt4-dev-4.5.0-0ubuntu4.2 (Ubuntu 9.04)
- libqt4-dev-dbg-4.5.0-0ubuntu4.2 (Ubuntu 9.04)
- libqt4-gui-4.5.0-0ubuntu4.2 (Ubuntu 9.04)
- libqt4-help-4.5.0-0ubuntu4.2 (Ubuntu 9.04)
- libqt4-network-4.5.0-0ubuntu4.2 (Ub
[...]

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N)



only registered users with at least 25 hack challenge points can see links:
  click here in order to visit the hack challenges