Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2015:0977-1

Опубликовано: 12 мая 2015
Источник: suse-cvrf

Описание

Security update for libqt4

The libqt4 library was updated to fix several security issues:

* CVE-2015-0295: Division by zero when processing malformed BMP files. (bsc#921999) * CVE-2015-1858: Segmentation fault in BMP Qt Image Format Handling. (bsc#927806) * CVE-2015-1859: Segmentation fault in ICO Qt Image Format Handling. (bsc#927807) * CVE-2015-1860: Segmentation fault in GIF Qt Image Format Handling. (bsc#927808)

Security Issues:

* CVE-2015-1858 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1858> * CVE-2015-1859 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1859> * CVE-2015-1860 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1860> * CVE-2015-0295 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0295>

Список пакетов

SUSE Linux Enterprise Desktop 11 SP3
libQtWebKit4-4.6.3-5.34.2
libQtWebKit4-32bit-4.6.3-5.34.2
libqt4-4.6.3-5.34.2
libqt4-32bit-4.6.3-5.34.2
libqt4-qt3support-4.6.3-5.34.2
libqt4-qt3support-32bit-4.6.3-5.34.2
libqt4-sql-4.6.3-5.34.2
libqt4-sql-32bit-4.6.3-5.34.2
libqt4-sql-mysql-4.6.3-5.34.2
libqt4-sql-mysql-32bit-4.6.3-5.34.2
libqt4-sql-postgresql-4.6.3-5.34.2
libqt4-sql-postgresql-32bit-4.6.3-5.34.2
libqt4-sql-sqlite-4.6.3-5.34.2
libqt4-sql-sqlite-32bit-4.6.3-5.34.2
libqt4-sql-unixODBC-4.6.3-5.34.2
libqt4-sql-unixODBC-32bit-4.6.3-5.34.2
libqt4-x11-4.6.3-5.34.2
libqt4-x11-32bit-4.6.3-5.34.2
SUSE Linux Enterprise Server 11 SP3
libQtWebKit4-4.6.3-5.34.2
libQtWebKit4-32bit-4.6.3-5.34.2
libQtWebKit4-x86-4.6.3-5.34.2
libqt4-4.6.3-5.34.2
libqt4-32bit-4.6.3-5.34.2
libqt4-qt3support-4.6.3-5.34.2
libqt4-qt3support-32bit-4.6.3-5.34.2
libqt4-qt3support-x86-4.6.3-5.34.2
libqt4-sql-4.6.3-5.34.2
libqt4-sql-32bit-4.6.3-5.34.2
libqt4-sql-mysql-4.6.3-5.34.2
libqt4-sql-sqlite-4.6.3-5.34.2
libqt4-sql-x86-4.6.3-5.34.2
libqt4-x11-4.6.3-5.34.2
libqt4-x11-32bit-4.6.3-5.34.2
libqt4-x11-x86-4.6.3-5.34.2
libqt4-x86-4.6.3-5.34.2
qt4-x11-tools-4.6.3-5.34.2
SUSE Linux Enterprise Server 11 SP3-TERADATA
libQtWebKit4-4.6.3-5.34.2
libQtWebKit4-32bit-4.6.3-5.34.2
libQtWebKit4-x86-4.6.3-5.34.2
libqt4-4.6.3-5.34.2
libqt4-32bit-4.6.3-5.34.2
libqt4-qt3support-4.6.3-5.34.2
libqt4-qt3support-32bit-4.6.3-5.34.2
libqt4-qt3support-x86-4.6.3-5.34.2
libqt4-sql-4.6.3-5.34.2
libqt4-sql-32bit-4.6.3-5.34.2
libqt4-sql-mysql-4.6.3-5.34.2
libqt4-sql-sqlite-4.6.3-5.34.2
libqt4-sql-x86-4.6.3-5.34.2
libqt4-x11-4.6.3-5.34.2
libqt4-x11-32bit-4.6.3-5.34.2
libqt4-x11-x86-4.6.3-5.34.2
libqt4-x86-4.6.3-5.34.2
qt4-x11-tools-4.6.3-5.34.2
SUSE Linux Enterprise Server for SAP Applications 11 SP3
libQtWebKit4-4.6.3-5.34.2
libQtWebKit4-32bit-4.6.3-5.34.2
libQtWebKit4-x86-4.6.3-5.34.2
libqt4-4.6.3-5.34.2
libqt4-32bit-4.6.3-5.34.2
libqt4-qt3support-4.6.3-5.34.2
libqt4-qt3support-32bit-4.6.3-5.34.2
libqt4-qt3support-x86-4.6.3-5.34.2
libqt4-sql-4.6.3-5.34.2
libqt4-sql-32bit-4.6.3-5.34.2
libqt4-sql-mysql-4.6.3-5.34.2
libqt4-sql-sqlite-4.6.3-5.34.2
libqt4-sql-x86-4.6.3-5.34.2
libqt4-x11-4.6.3-5.34.2
libqt4-x11-32bit-4.6.3-5.34.2
libqt4-x11-x86-4.6.3-5.34.2
libqt4-x86-4.6.3-5.34.2
qt4-x11-tools-4.6.3-5.34.2
SUSE Linux Enterprise Software Development Kit 11 SP3
libQtWebKit-devel-4.6.3-5.34.2
libQtWebKit4-32bit-4.6.3-5.34.2
libQtWebKit4-x86-4.6.3-5.34.2
libqt4-devel-4.6.3-5.34.2
libqt4-devel-doc-4.6.3-5.34.2
libqt4-devel-doc-data-4.6.3-5.34.2
libqt4-sql-mysql-32bit-4.6.3-5.34.2
libqt4-sql-mysql-x86-4.6.3-5.34.2
libqt4-sql-postgresql-4.6.3-5.34.2
libqt4-sql-postgresql-32bit-4.6.3-5.34.2
libqt4-sql-postgresql-x86-4.6.3-5.34.2
libqt4-sql-sqlite-32bit-4.6.3-5.34.2
libqt4-sql-sqlite-x86-4.6.3-5.34.2
libqt4-sql-unixODBC-4.6.3-5.34.2
libqt4-sql-unixODBC-32bit-4.6.3-5.34.2
libqt4-sql-unixODBC-x86-4.6.3-5.34.2

Ссылки

Описание

The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service (divide-by-zero and crash) via a crafted BMP file.

Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:libQtWebKit4-32bit-4.6.3-5.34.2
SUSE Linux Enterprise Desktop 11 SP3:libQtWebKit4-4.6.3-5.34.2
SUSE Linux Enterprise Desktop 11 SP3:libqt4-32bit-4.6.3-5.34.2
SUSE Linux Enterprise Desktop 11 SP3:libqt4-4.6.3-5.34.2
Ссылки

Описание

Multiple buffer overflows in gui/image/qbmphandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code via a crafted BMP image.

Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:libQtWebKit4-32bit-4.6.3-5.34.2
SUSE Linux Enterprise Desktop 11 SP3:libQtWebKit4-4.6.3-5.34.2
SUSE Linux Enterprise Desktop 11 SP3:libqt4-32bit-4.6.3-5.34.2
SUSE Linux Enterprise Desktop 11 SP3:libqt4-4.6.3-5.34.2
Ссылки

Описание

Multiple buffer overflows in plugins/imageformats/ico/qicohandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code via a crafted ICO image.

Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:libQtWebKit4-32bit-4.6.3-5.34.2
SUSE Linux Enterprise Desktop 11 SP3:libQtWebKit4-4.6.3-5.34.2
SUSE Linux Enterprise Desktop 11 SP3:libqt4-32bit-4.6.3-5.34.2
SUSE Linux Enterprise Desktop 11 SP3:libqt4-4.6.3-5.34.2
Ссылки

Описание

Multiple buffer overflows in gui/image/qgifhandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted GIF image.

Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:libQtWebKit4-32bit-4.6.3-5.34.2
SUSE Linux Enterprise Desktop 11 SP3:libQtWebKit4-4.6.3-5.34.2
SUSE Linux Enterprise Desktop 11 SP3:libqt4-32bit-4.6.3-5.34.2
SUSE Linux Enterprise Desktop 11 SP3:libqt4-4.6.3-5.34.2
Ссылки
Уязвимость SUSE-SU-2015:0977-1