Описание
Security update for libqt4
This update for libqt4 fixes the following issues:
LibQt4 was updated to 4.8.7 (bsc#1039291, CVE-2016-10040):
See http://download.qt.io/official_releases/qt/4.8/4.8.7/changes-4.8.7 for more details.
Also libQtWebkit4 was updated to 2.3.4 to match libqt4.
Also following bugs were fixed:
- Enable libqt4-devel-32bit (bsc#982826)
- Fixed bolder font in Qt4 apps (boo#956357)
Список пакетов
SUSE Linux Enterprise Desktop 12 SP3
libQtWebKit4-4.8.7+2.3.4-4.5.1
libQtWebKit4-32bit-4.8.7+2.3.4-4.5.1
libqca2-2.0.3-17.2.1
libqca2-32bit-2.0.3-17.2.1
libqt4-4.8.7-8.6.1
libqt4-32bit-4.8.7-8.6.1
libqt4-qt3support-4.8.7-8.6.1
libqt4-qt3support-32bit-4.8.7-8.6.1
libqt4-sql-4.8.7-8.6.1
libqt4-sql-32bit-4.8.7-8.6.1
libqt4-sql-mysql-4.8.7-8.6.1
libqt4-sql-mysql-32bit-4.8.7-8.6.1
libqt4-sql-postgresql-4.8.7-8.6.1
libqt4-sql-postgresql-32bit-4.8.7-8.6.1
libqt4-sql-sqlite-4.8.7-8.6.1
libqt4-sql-sqlite-32bit-4.8.7-8.6.1
libqt4-sql-unixODBC-4.8.7-8.6.1
libqt4-sql-unixODBC-32bit-4.8.7-8.6.1
libqt4-x11-4.8.7-8.6.1
libqt4-x11-32bit-4.8.7-8.6.1
qt4-qtscript-0.2.0-11.2.4
SUSE Linux Enterprise Server 12 SP3
libQtWebKit4-4.8.7+2.3.4-4.5.1
libQtWebKit4-32bit-4.8.7+2.3.4-4.5.1
libqca2-2.0.3-17.2.1
libqca2-32bit-2.0.3-17.2.1
libqt4-4.8.7-8.6.1
libqt4-32bit-4.8.7-8.6.1
libqt4-qt3support-4.8.7-8.6.1
libqt4-qt3support-32bit-4.8.7-8.6.1
libqt4-sql-4.8.7-8.6.1
libqt4-sql-32bit-4.8.7-8.6.1
libqt4-sql-mysql-4.8.7-8.6.1
libqt4-sql-sqlite-4.8.7-8.6.1
libqt4-x11-4.8.7-8.6.1
libqt4-x11-32bit-4.8.7-8.6.1
qt4-x11-tools-4.8.7-8.6.4
SUSE Linux Enterprise Server for SAP Applications 12 SP3
libQtWebKit4-4.8.7+2.3.4-4.5.1
libQtWebKit4-32bit-4.8.7+2.3.4-4.5.1
libqca2-2.0.3-17.2.1
libqca2-32bit-2.0.3-17.2.1
libqt4-4.8.7-8.6.1
libqt4-32bit-4.8.7-8.6.1
libqt4-qt3support-4.8.7-8.6.1
libqt4-qt3support-32bit-4.8.7-8.6.1
libqt4-sql-4.8.7-8.6.1
libqt4-sql-32bit-4.8.7-8.6.1
libqt4-sql-mysql-4.8.7-8.6.1
libqt4-sql-sqlite-4.8.7-8.6.1
libqt4-x11-4.8.7-8.6.1
libqt4-x11-32bit-4.8.7-8.6.1
qt4-x11-tools-4.8.7-8.6.4
SUSE Linux Enterprise Software Development Kit 12 SP3
libQtWebKit-devel-4.8.7+2.3.4-4.5.1
libqca2-devel-2.0.3-17.2.1
libqt4-devel-4.8.7-8.6.1
libqt4-devel-doc-4.8.7-8.6.4
libqt4-devel-doc-data-4.8.7-8.6.4
libqt4-linguist-4.8.7-8.6.1
libqt4-private-headers-devel-4.8.7-8.6.1
libqt4-sql-postgresql-4.8.7-8.6.1
libqt4-sql-postgresql-32bit-4.8.7-8.6.1
libqt4-sql-unixODBC-4.8.7-8.6.1
libqt4-sql-unixODBC-32bit-4.8.7-8.6.1
SUSE Linux Enterprise Workstation Extension 12 SP3
libqt4-sql-mysql-32bit-4.8.7-8.6.1
libqt4-sql-postgresql-4.8.7-8.6.1
libqt4-sql-postgresql-32bit-4.8.7-8.6.1
libqt4-sql-sqlite-32bit-4.8.7-8.6.1
libqt4-sql-unixODBC-4.8.7-8.6.1
libqt4-sql-unixODBC-32bit-4.8.7-8.6.1
qt4-qtscript-0.2.0-11.2.4
Ссылки
- Link for SUSE-SU-2018:1902-1
- E-Mail link for SUSE-SU-2018:1902-1
- SUSE Security Ratings
- SUSE Bug 1039291
- SUSE Bug 1042657
- SUSE Bug 956357
- SUSE Bug 964458
- SUSE Bug 982826
- SUSE CVE CVE-2016-10040 page
Описание
Stack-based buffer overflow in QXmlSimpleReader in Qt 4.8.5 allows remote attackers to cause a denial of service (application crash) via a xml file with multiple nested open tags.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP3:libQtWebKit4-32bit-4.8.7+2.3.4-4.5.1
SUSE Linux Enterprise Desktop 12 SP3:libQtWebKit4-4.8.7+2.3.4-4.5.1
SUSE Linux Enterprise Desktop 12 SP3:libqca2-2.0.3-17.2.1
SUSE Linux Enterprise Desktop 12 SP3:libqca2-32bit-2.0.3-17.2.1
Ссылки
- CVE-2016-10040
- SUSE Bug 1039291