Secure testing team - Sep 2009 - Bug#545793: CVE-2009-2700: QSslCertificate incorrect verification of SSL certificate with NUL in subjectAltName

Package: qt4-x11
Severity: grave
Tags: security patch

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for qt4-x11.

CVE-2009-2700[0]:
| src/network/ssl/qsslcertificate.cpp in Nokia Trolltech Qt 4.x does not
| properly handle a ''\0'' character in a domain name in the
Subject
| Alternative Name field of an X.509 certificate, which allows
| man-in-the-middle attackers to spoof arbitrary SSL servers via a
| crafted certificate issued by a legitimate Certification Authority, a
| related issue to CVE-2009-2408.

If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.

qt4-x11 in etch is not affected because QSsl* classes were introduced in Qt 4.3.

Please coordinate with the security team (team at security.debian.org) to
prepare packages for the stable releases.


For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2700
    http://security-tracker.debian.net/tracker/CVE-2009-2700
   
http://qt.gitorious.org/qt/qt/commit/41d27eac40cecbc0067be9622c9bc1c579582a47
   
http://qt.gitorious.org/qt/qt/commit/802d8c02eaa0aa9cd8d0c6cbd18cd814e6337bc6
   
http://qt.nokia.com/about/news/qt-patches-released-addressing-potential-security-flaw
    http://qt.nokia.com/developer/task-tracker/?method=entry&id=260103
    

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkqnXmEACgkQNxpp46476ap8WgCdElAAbxPdqIf95X1ajDxKao6o
4DQAnRK4V8qSADZecdlaIyVh7tq2AHnQ
=rgYk
-----END PGP SIGNATURE-----