Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2020:0318-1

Опубликовано: 04 фев. 2020
Источник: suse-cvrf

Описание

Security update for libqt5-qtbase

This update for libqt5-qtbase fixes the following issue:

Security issue fixed:

  • CVE-2020-0569: Fixed a potential local code execution by loading plugins from CWD (bsc#1161167).
  • CVE-2018-19870: Fixed an improper check in QImage allocation which could allow Denial of Service when opening crafted gif files (bsc#1118597).
  • CVE-2018-19872: Fixed an issue which could allow a division by zero leading to crash (bsc#1130246).

Other issue addressed:

  • Fixed an issue with rendering animated gifs (QTBUG-55141).

Список пакетов

SUSE Linux Enterprise Server 12 SP2-BCL
libQt5Concurrent5-5.6.1-17.13.1
libQt5Core5-5.6.1-17.13.1
libQt5DBus5-5.6.1-17.13.1
libQt5Gui5-5.6.1-17.13.1
libQt5Network5-5.6.1-17.13.1
libQt5OpenGL5-5.6.1-17.13.1
libQt5PrintSupport5-5.6.1-17.13.1
libQt5Sql5-5.6.1-17.13.1
libQt5Sql5-mysql-5.6.1-17.13.1
libQt5Sql5-postgresql-5.6.1-17.13.1
libQt5Sql5-sqlite-5.6.1-17.13.1
libQt5Sql5-unixODBC-5.6.1-17.13.1
libQt5Test5-5.6.1-17.13.1
libQt5Widgets5-5.6.1-17.13.1
libQt5Xml5-5.6.1-17.13.1
SUSE Linux Enterprise Server 12 SP2-LTSS
libQt5Concurrent5-5.6.1-17.13.1
libQt5Core5-5.6.1-17.13.1
libQt5DBus5-5.6.1-17.13.1
libQt5Gui5-5.6.1-17.13.1
libQt5Network5-5.6.1-17.13.1
libQt5OpenGL5-5.6.1-17.13.1
libQt5PrintSupport5-5.6.1-17.13.1
libQt5Sql5-5.6.1-17.13.1
libQt5Sql5-mysql-5.6.1-17.13.1
libQt5Sql5-postgresql-5.6.1-17.13.1
libQt5Sql5-sqlite-5.6.1-17.13.1
libQt5Sql5-unixODBC-5.6.1-17.13.1
libQt5Test5-5.6.1-17.13.1
libQt5Widgets5-5.6.1-17.13.1
libQt5Xml5-5.6.1-17.13.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2
libQt5Concurrent5-5.6.1-17.13.1
libQt5Core5-5.6.1-17.13.1
libQt5DBus5-5.6.1-17.13.1
libQt5Gui5-5.6.1-17.13.1
libQt5Network5-5.6.1-17.13.1
libQt5OpenGL5-5.6.1-17.13.1
libQt5PrintSupport5-5.6.1-17.13.1
libQt5Sql5-5.6.1-17.13.1
libQt5Sql5-mysql-5.6.1-17.13.1
libQt5Sql5-postgresql-5.6.1-17.13.1
libQt5Sql5-sqlite-5.6.1-17.13.1
libQt5Sql5-unixODBC-5.6.1-17.13.1
libQt5Test5-5.6.1-17.13.1
libQt5Widgets5-5.6.1-17.13.1
libQt5Xml5-5.6.1-17.13.1
SUSE OpenStack Cloud 7
libQt5Concurrent5-5.6.1-17.13.1
libQt5Core5-5.6.1-17.13.1
libQt5DBus5-5.6.1-17.13.1
libQt5Gui5-5.6.1-17.13.1
libQt5Network5-5.6.1-17.13.1
libQt5OpenGL5-5.6.1-17.13.1
libQt5PrintSupport5-5.6.1-17.13.1
libQt5Sql5-5.6.1-17.13.1
libQt5Sql5-mysql-5.6.1-17.13.1
libQt5Sql5-postgresql-5.6.1-17.13.1
libQt5Sql5-sqlite-5.6.1-17.13.1
libQt5Sql5-unixODBC-5.6.1-17.13.1
libQt5Test5-5.6.1-17.13.1
libQt5Widgets5-5.6.1-17.13.1
libQt5Xml5-5.6.1-17.13.1

Ссылки

Описание

An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in QGifHandler resulting in a segmentation fault.

Затронутые продукты
SUSE Linux Enterprise Server 12 SP2-BCL:libQt5Concurrent5-5.6.1-17.13.1
SUSE Linux Enterprise Server 12 SP2-BCL:libQt5Core5-5.6.1-17.13.1
SUSE Linux Enterprise Server 12 SP2-BCL:libQt5DBus5-5.6.1-17.13.1
SUSE Linux Enterprise Server 12 SP2-BCL:libQt5Gui5-5.6.1-17.13.1
Ссылки

Описание

An issue was discovered in Qt 5.11. A malformed PPM image causes a division by zero and a crash in qppmhandler.cpp.

Затронутые продукты
SUSE Linux Enterprise Server 12 SP2-BCL:libQt5Concurrent5-5.6.1-17.13.1
SUSE Linux Enterprise Server 12 SP2-BCL:libQt5Core5-5.6.1-17.13.1
SUSE Linux Enterprise Server 12 SP2-BCL:libQt5DBus5-5.6.1-17.13.1
SUSE Linux Enterprise Server 12 SP2-BCL:libQt5Gui5-5.6.1-17.13.1
Ссылки

Описание

Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service via local access.

Затронутые продукты
SUSE Linux Enterprise Server 12 SP2-BCL:libQt5Concurrent5-5.6.1-17.13.1
SUSE Linux Enterprise Server 12 SP2-BCL:libQt5Core5-5.6.1-17.13.1
SUSE Linux Enterprise Server 12 SP2-BCL:libQt5DBus5-5.6.1-17.13.1
SUSE Linux Enterprise Server 12 SP2-BCL:libQt5Gui5-5.6.1-17.13.1
Ссылки
Уязвимость SUSE-SU-2020:0318-1