Описание
Security update for libqt4
This update for libqt4 fixes the following issues:
- CVE-2018-15518: Fixed a double free in QXmlStreamReader (bsc#1118595)
- CVE-2018-19873: Fixed a segmantation fault via a malformed BMP file (bsc#1118596).
- CVE-2018-19869: Fixed an improper checking which might lead to a crach via a malformed url reference (bsc#1118599).
- Added stricter toplevel asm parsing by dropping volatile qualification that has no effect (bsc#1121214).
Список пакетов
SUSE Linux Enterprise Server 12 SP4
libqt4-4.8.7-8.13.1
libqt4-32bit-4.8.7-8.13.1
libqt4-qt3support-4.8.7-8.13.1
libqt4-qt3support-32bit-4.8.7-8.13.1
libqt4-sql-4.8.7-8.13.1
libqt4-sql-32bit-4.8.7-8.13.1
libqt4-sql-mysql-4.8.7-8.13.1
libqt4-sql-sqlite-4.8.7-8.13.1
libqt4-x11-4.8.7-8.13.1
libqt4-x11-32bit-4.8.7-8.13.1
qt4-x11-tools-4.8.7-8.13.1
SUSE Linux Enterprise Server 12 SP5
libqt4-4.8.7-8.13.1
libqt4-32bit-4.8.7-8.13.1
libqt4-qt3support-4.8.7-8.13.1
libqt4-qt3support-32bit-4.8.7-8.13.1
libqt4-sql-4.8.7-8.13.1
libqt4-sql-32bit-4.8.7-8.13.1
libqt4-sql-mysql-4.8.7-8.13.1
libqt4-sql-sqlite-4.8.7-8.13.1
libqt4-x11-4.8.7-8.13.1
libqt4-x11-32bit-4.8.7-8.13.1
qt4-x11-tools-4.8.7-8.13.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
libqt4-4.8.7-8.13.1
libqt4-32bit-4.8.7-8.13.1
libqt4-qt3support-4.8.7-8.13.1
libqt4-qt3support-32bit-4.8.7-8.13.1
libqt4-sql-4.8.7-8.13.1
libqt4-sql-32bit-4.8.7-8.13.1
libqt4-sql-mysql-4.8.7-8.13.1
libqt4-sql-sqlite-4.8.7-8.13.1
libqt4-x11-4.8.7-8.13.1
libqt4-x11-32bit-4.8.7-8.13.1
qt4-x11-tools-4.8.7-8.13.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
libqt4-4.8.7-8.13.1
libqt4-32bit-4.8.7-8.13.1
libqt4-qt3support-4.8.7-8.13.1
libqt4-qt3support-32bit-4.8.7-8.13.1
libqt4-sql-4.8.7-8.13.1
libqt4-sql-32bit-4.8.7-8.13.1
libqt4-sql-mysql-4.8.7-8.13.1
libqt4-sql-sqlite-4.8.7-8.13.1
libqt4-x11-4.8.7-8.13.1
libqt4-x11-32bit-4.8.7-8.13.1
qt4-x11-tools-4.8.7-8.13.1
SUSE Linux Enterprise Software Development Kit 12 SP4
libqt4-devel-4.8.7-8.13.1
libqt4-devel-doc-4.8.7-8.13.1
libqt4-devel-doc-data-4.8.7-8.13.1
libqt4-linguist-4.8.7-8.13.1
libqt4-private-headers-devel-4.8.7-8.13.1
libqt4-sql-postgresql-4.8.7-8.13.1
libqt4-sql-postgresql-32bit-4.8.7-8.13.1
libqt4-sql-unixODBC-4.8.7-8.13.1
libqt4-sql-unixODBC-32bit-4.8.7-8.13.1
SUSE Linux Enterprise Software Development Kit 12 SP5
libqt4-devel-4.8.7-8.13.1
libqt4-devel-doc-4.8.7-8.13.1
libqt4-devel-doc-data-4.8.7-8.13.1
libqt4-linguist-4.8.7-8.13.1
libqt4-private-headers-devel-4.8.7-8.13.1
libqt4-sql-postgresql-4.8.7-8.13.1
libqt4-sql-postgresql-32bit-4.8.7-8.13.1
libqt4-sql-unixODBC-4.8.7-8.13.1
libqt4-sql-unixODBC-32bit-4.8.7-8.13.1
SUSE Linux Enterprise Workstation Extension 12 SP4
libqt4-sql-mysql-32bit-4.8.7-8.13.1
libqt4-sql-postgresql-4.8.7-8.13.1
libqt4-sql-postgresql-32bit-4.8.7-8.13.1
libqt4-sql-sqlite-32bit-4.8.7-8.13.1
libqt4-sql-unixODBC-4.8.7-8.13.1
libqt4-sql-unixODBC-32bit-4.8.7-8.13.1
SUSE Linux Enterprise Workstation Extension 12 SP5
libqt4-sql-mysql-32bit-4.8.7-8.13.1
libqt4-sql-postgresql-4.8.7-8.13.1
libqt4-sql-postgresql-32bit-4.8.7-8.13.1
libqt4-sql-sqlite-32bit-4.8.7-8.13.1
libqt4-sql-unixODBC-4.8.7-8.13.1
libqt4-sql-unixODBC-32bit-4.8.7-8.13.1
Ссылки
- Link for SUSE-SU-2020:1021-1
- E-Mail link for SUSE-SU-2020:1021-1
- SUSE Security Ratings
- SUSE Bug 1118595
- SUSE Bug 1118596
- SUSE Bug 1118599
- SUSE Bug 1121214
- SUSE CVE CVE-2018-15518 page
- SUSE CVE CVE-2018-19869 page
- SUSE CVE CVE-2018-19873 page
Описание
QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP4:libqt4-32bit-4.8.7-8.13.1
SUSE Linux Enterprise Server 12 SP4:libqt4-4.8.7-8.13.1
SUSE Linux Enterprise Server 12 SP4:libqt4-qt3support-32bit-4.8.7-8.13.1
SUSE Linux Enterprise Server 12 SP4:libqt4-qt3support-4.8.7-8.13.1
Ссылки
- CVE-2018-15518
- SUSE Bug 1118595
- SUSE Bug 1126909
Описание
An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in qsvghandler.cpp.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP4:libqt4-32bit-4.8.7-8.13.1
SUSE Linux Enterprise Server 12 SP4:libqt4-4.8.7-8.13.1
SUSE Linux Enterprise Server 12 SP4:libqt4-qt3support-32bit-4.8.7-8.13.1
SUSE Linux Enterprise Server 12 SP4:libqt4-qt3support-4.8.7-8.13.1
Ссылки
- CVE-2018-19869
- SUSE Bug 1118599
Описание
An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP4:libqt4-32bit-4.8.7-8.13.1
SUSE Linux Enterprise Server 12 SP4:libqt4-4.8.7-8.13.1
SUSE Linux Enterprise Server 12 SP4:libqt4-qt3support-32bit-4.8.7-8.13.1
SUSE Linux Enterprise Server 12 SP4:libqt4-qt3support-4.8.7-8.13.1
Ссылки
- CVE-2018-19873
- SUSE Bug 1118596
- SUSE Bug 1126909