Описание
Security update for libqt5-qtbase
This update for libqt5-qtbase fixes the following issue:
Security issues fixed:
- CVE-2020-0569: Fixed a potential local code execution by loading plugins from CWD (bsc#1161167).
- CVE-2018-19870: Fixed an improper check in QImage allocation which could allow Denial of Service when opening crafted gif files (bsc#1118597).
- CVE-2018-19872: Fixed an issue which could allow a division by zero leading to crash (bsc#1130246).
Other issue addressed:
- Fixed an issue with rendering animated gifs (QTBUG-55141).
Список пакетов
SUSE Linux Enterprise Server 12 SP1-LTSS
libQt5Core5-5.5.1-8.10.1
libQt5DBus5-5.5.1-8.10.1
libQt5Gui5-5.5.1-8.10.1
libQt5Network5-5.5.1-8.10.1
libQt5Widgets5-5.5.1-8.10.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
libQt5Core5-5.5.1-8.10.1
libQt5DBus5-5.5.1-8.10.1
libQt5Gui5-5.5.1-8.10.1
libQt5Network5-5.5.1-8.10.1
libQt5Widgets5-5.5.1-8.10.1
Ссылки
- Link for SUSE-SU-2020:0319-1
- E-Mail link for SUSE-SU-2020:0319-1
- SUSE Security Ratings
- SUSE Bug 1118597
- SUSE Bug 1130246
- SUSE Bug 1161167
- SUSE CVE CVE-2018-19870 page
- SUSE CVE CVE-2018-19872 page
- SUSE CVE CVE-2020-0569 page
Описание
An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in QGifHandler resulting in a segmentation fault.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP1-LTSS:libQt5Core5-5.5.1-8.10.1
SUSE Linux Enterprise Server 12 SP1-LTSS:libQt5DBus5-5.5.1-8.10.1
SUSE Linux Enterprise Server 12 SP1-LTSS:libQt5Gui5-5.5.1-8.10.1
SUSE Linux Enterprise Server 12 SP1-LTSS:libQt5Network5-5.5.1-8.10.1
Ссылки
- CVE-2018-19870
- SUSE Bug 1118597
Описание
An issue was discovered in Qt 5.11. A malformed PPM image causes a division by zero and a crash in qppmhandler.cpp.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP1-LTSS:libQt5Core5-5.5.1-8.10.1
SUSE Linux Enterprise Server 12 SP1-LTSS:libQt5DBus5-5.5.1-8.10.1
SUSE Linux Enterprise Server 12 SP1-LTSS:libQt5Gui5-5.5.1-8.10.1
SUSE Linux Enterprise Server 12 SP1-LTSS:libQt5Network5-5.5.1-8.10.1
Ссылки
- CVE-2018-19872
- SUSE Bug 1130246
Описание
Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service via local access.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP1-LTSS:libQt5Core5-5.5.1-8.10.1
SUSE Linux Enterprise Server 12 SP1-LTSS:libQt5DBus5-5.5.1-8.10.1
SUSE Linux Enterprise Server 12 SP1-LTSS:libQt5Gui5-5.5.1-8.10.1
SUSE Linux Enterprise Server 12 SP1-LTSS:libQt5Network5-5.5.1-8.10.1
Ссылки
- CVE-2020-0569
- SUSE Bug 1161167
- SUSE Bug 1162191