Описание
Security update for libqt5-qtsvg
This update for libqt5-qtsvg fixes the following issues:
- CVE-2021-45930: Fixed an out-of-bounds write that may have lead to a denial-of-service (bsc#1196654).
- CVE-2023-32573: Fixed missing initialization of QtSvg QSvgFont m_unitsPerEm variable (bsc#1211298).
Список пакетов
Image SLES15-SP2-SAP-Azure
libQt5Svg5-5.12.7-150200.3.8.1
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production
libQt5Svg5-5.12.7-150200.3.8.1
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production
libQt5Svg5-5.12.7-150200.3.8.1
Image SLES15-SP2-SAP-BYOS-Azure
libQt5Svg5-5.12.7-150200.3.8.1
Image SLES15-SP2-SAP-BYOS-EC2-HVM
libQt5Svg5-5.12.7-150200.3.8.1
Image SLES15-SP2-SAP-BYOS-GCE
libQt5Svg5-5.12.7-150200.3.8.1
Image SLES15-SP2-SAP-EC2-HVM
libQt5Svg5-5.12.7-150200.3.8.1
Image SLES15-SP2-SAP-GCE
libQt5Svg5-5.12.7-150200.3.8.1
Image SLES15-SP3-SAP-BYOS-Azure
libQt5Svg5-5.12.7-150200.3.8.1
Image SLES15-SP3-SAP-BYOS-EC2-HVM
libQt5Svg5-5.12.7-150200.3.8.1
Image SLES15-SP3-SAP-BYOS-GCE
libQt5Svg5-5.12.7-150200.3.8.1
SUSE Linux Enterprise Real Time 15 SP3
libQt5Svg5-5.12.7-150200.3.8.1
libqt5-qtsvg-devel-5.12.7-150200.3.8.1
libqt5-qtsvg-private-headers-devel-5.12.7-150200.3.8.1
SUSE Manager Proxy 4.2
libQt5Svg5-5.12.7-150200.3.8.1
libqt5-qtsvg-devel-5.12.7-150200.3.8.1
SUSE Manager Server 4.2
libQt5Svg5-5.12.7-150200.3.8.1
libqt5-qtsvg-devel-5.12.7-150200.3.8.1
Ссылки
- Link for SUSE-SU-2023:3209-1
- E-Mail link for SUSE-SU-2023:3209-1
- SUSE Security Ratings
- SUSE Bug 1196654
- SUSE Bug 1211298
- SUSE CVE CVE-2021-45930 page
- SUSE CVE CVE-2023-32573 page
Описание
Qt SVG in Qt 5.0.0 through 5.15.2 and 6.0.0 through 6.2.1 has an out-of-bounds write in QtPrivate::QCommonArrayOps<QPainterPath::Element>::growAppend (called from QPainterPath::addPath and QPathClipper::intersect).
Затронутые продукты
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production:libQt5Svg5-5.12.7-150200.3.8.1
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production:libQt5Svg5-5.12.7-150200.3.8.1
Image SLES15-SP2-SAP-Azure:libQt5Svg5-5.12.7-150200.3.8.1
Image SLES15-SP2-SAP-BYOS-Azure:libQt5Svg5-5.12.7-150200.3.8.1
Ссылки
- CVE-2021-45930
- SUSE Bug 1196654
Описание
In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled.
Затронутые продукты
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production:libQt5Svg5-5.12.7-150200.3.8.1
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production:libQt5Svg5-5.12.7-150200.3.8.1
Image SLES15-SP2-SAP-Azure:libQt5Svg5-5.12.7-150200.3.8.1
Image SLES15-SP2-SAP-BYOS-Azure:libQt5Svg5-5.12.7-150200.3.8.1
Ссылки
- CVE-2023-32573
- SUSE Bug 1211298