Описание
Security update for libqt5-qtbase
This update for libqt5-qtbase fixes the following issues:
Security issues fixed:
- CVE-2018-15518: Fixed double free in QXmlStreamReader (bsc#1118595)
- CVE-2018-19873: Fixed Denial of Service on malformed BMP file in QBmpHandler (bsc#1118596)
Список пакетов
SUSE Linux Enterprise Server 12-LTSS
libQt5Core5-5.3.1-4.7.2
libQt5DBus5-5.3.1-4.7.2
libQt5Gui5-5.3.1-4.7.2
libQt5Widgets5-5.3.1-4.7.2
Ссылки
- Link for SUSE-SU-2018:4294-1
- E-Mail link for SUSE-SU-2018:4294-1
- SUSE Security Ratings
- SUSE Bug 1118595
- SUSE Bug 1118596
- SUSE CVE CVE-2018-15518 page
- SUSE CVE CVE-2018-19873 page
Описание
QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document.
Затронутые продукты
SUSE Linux Enterprise Server 12-LTSS:libQt5Core5-5.3.1-4.7.2
SUSE Linux Enterprise Server 12-LTSS:libQt5DBus5-5.3.1-4.7.2
SUSE Linux Enterprise Server 12-LTSS:libQt5Gui5-5.3.1-4.7.2
SUSE Linux Enterprise Server 12-LTSS:libQt5Widgets5-5.3.1-4.7.2
Ссылки
- CVE-2018-15518
- SUSE Bug 1118595
- SUSE Bug 1126909
Описание
An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data.
Затронутые продукты
SUSE Linux Enterprise Server 12-LTSS:libQt5Core5-5.3.1-4.7.2
SUSE Linux Enterprise Server 12-LTSS:libQt5DBus5-5.3.1-4.7.2
SUSE Linux Enterprise Server 12-LTSS:libQt5Gui5-5.3.1-4.7.2
SUSE Linux Enterprise Server 12-LTSS:libQt5Widgets5-5.3.1-4.7.2
Ссылки
- CVE-2018-19873
- SUSE Bug 1118596
- SUSE Bug 1126909