- CVE-2011-3193
Check for buffer overflow in Lookup_MarkMarkPos that may cause crash
in this function with certain fonts.
- CVE-2011-3194
Fix tiff reader to handle TIFFTAG_SAMPLESPERPIXEL for grayscale
images. The reader uses QImage::Format_Indexed8, but since the samples
per pixel value this should be (non-existent) QImage::Format_Indexed16,
causing memory corruption. The fix falls back to the normal way of
reading tiff images.
For Debian 6 Squeeze, these issues have been fixed in qt4-x11 version 4:4.6.3-4+squeeze2