Описание
Security update for libqt5-qtbase
This update for libqt5-qtbase fixes the following issues:
Security issues fixed:
- CVE-2018-15518: Fixed double free in QXmlStreamReader (bsc#1118595)
- CVE-2018-19873: Fixed Denial of Service on malformed BMP file in QBmpHandler (bsc#1118596)
Список пакетов
SUSE Linux Enterprise Server 12 SP1-LTSS
libQt5Core5-5.5.1-8.3.1
libQt5DBus5-5.5.1-8.3.1
libQt5Gui5-5.5.1-8.3.1
libQt5Network5-5.5.1-8.3.1
libQt5Widgets5-5.5.1-8.3.1
Ссылки
- Link for SUSE-SU-2018:4210-1
- E-Mail link for SUSE-SU-2018:4210-1
- SUSE Security Ratings
- SUSE Bug 1118595
- SUSE Bug 1118596
- SUSE CVE CVE-2018-15518 page
- SUSE CVE CVE-2018-19873 page
Описание
QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP1-LTSS:libQt5Core5-5.5.1-8.3.1
SUSE Linux Enterprise Server 12 SP1-LTSS:libQt5DBus5-5.5.1-8.3.1
SUSE Linux Enterprise Server 12 SP1-LTSS:libQt5Gui5-5.5.1-8.3.1
SUSE Linux Enterprise Server 12 SP1-LTSS:libQt5Network5-5.5.1-8.3.1
Ссылки
- CVE-2018-15518
- SUSE Bug 1118595
- SUSE Bug 1126909
Описание
An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP1-LTSS:libQt5Core5-5.5.1-8.3.1
SUSE Linux Enterprise Server 12 SP1-LTSS:libQt5DBus5-5.5.1-8.3.1
SUSE Linux Enterprise Server 12 SP1-LTSS:libQt5Gui5-5.5.1-8.3.1
SUSE Linux Enterprise Server 12 SP1-LTSS:libQt5Network5-5.5.1-8.3.1
Ссылки
- CVE-2018-19873
- SUSE Bug 1118596
- SUSE Bug 1126909