Описание
Security update for libqt4
This update for libqt4 fixes the following issues:
- Fix buffer over-read in read_xbm_body (boo#1176315, CVE-2020-17507)
- Fix 'double free or corruption' in QXmlStreamReader (boo#1118595, CVE-2018-15518)
- Fix QBmpHandler segfault on malformed BMP file boo#1118596, CVE-2018-19873)
- Fix crash when parsing malformed url reference (boo#1118599, CVE-2018-19869)
This update was imported from the openSUSE:Leap:15.1:Update update project.
Список пакетов
openSUSE Leap 15.2
libqt4-4.8.7-lp152.10.3.1
libqt4-32bit-4.8.7-lp152.10.3.1
libqt4-devel-4.8.7-lp152.10.3.1
libqt4-devel-32bit-4.8.7-lp152.10.3.1
libqt4-devel-doc-4.8.7-lp152.10.3.1
libqt4-devel-doc-data-4.8.7-lp152.10.3.1
libqt4-linguist-4.8.7-lp152.10.3.1
libqt4-private-headers-devel-4.8.7-lp152.10.3.1
libqt4-qt3support-4.8.7-lp152.10.3.1
libqt4-qt3support-32bit-4.8.7-lp152.10.3.1
libqt4-sql-4.8.7-lp152.10.3.1
libqt4-sql-32bit-4.8.7-lp152.10.3.1
libqt4-sql-postgresql-4.8.7-lp152.10.3.1
libqt4-sql-sqlite-4.8.7-lp152.10.3.1
libqt4-sql-sqlite-32bit-4.8.7-lp152.10.3.1
libqt4-sql-unixODBC-4.8.7-lp152.10.3.1
libqt4-x11-4.8.7-lp152.10.3.1
libqt4-x11-32bit-4.8.7-lp152.10.3.1
qt4-x11-tools-4.8.7-lp152.10.3.1
Ссылки
- E-Mail link for openSUSE-SU-2020:1501-1
- SUSE Security Ratings
- SUSE Bug 1118595
- SUSE Bug 1118596
- SUSE Bug 1118599
- SUSE Bug 1121214
- SUSE Bug 1176315
- SUSE CVE CVE-2018-15518 page
- SUSE CVE CVE-2018-19869 page
- SUSE CVE CVE-2018-19873 page
- SUSE CVE CVE-2020-17507 page
Описание
QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document.
Затронутые продукты
openSUSE Leap 15.2:libqt4-32bit-4.8.7-lp152.10.3.1
openSUSE Leap 15.2:libqt4-4.8.7-lp152.10.3.1
openSUSE Leap 15.2:libqt4-devel-32bit-4.8.7-lp152.10.3.1
openSUSE Leap 15.2:libqt4-devel-4.8.7-lp152.10.3.1
Ссылки
- CVE-2018-15518
- SUSE Bug 1118595
- SUSE Bug 1126909
Описание
An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in qsvghandler.cpp.
Затронутые продукты
openSUSE Leap 15.2:libqt4-32bit-4.8.7-lp152.10.3.1
openSUSE Leap 15.2:libqt4-4.8.7-lp152.10.3.1
openSUSE Leap 15.2:libqt4-devel-32bit-4.8.7-lp152.10.3.1
openSUSE Leap 15.2:libqt4-devel-4.8.7-lp152.10.3.1
Ссылки
- CVE-2018-19869
- SUSE Bug 1118599
Описание
An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data.
Затронутые продукты
openSUSE Leap 15.2:libqt4-32bit-4.8.7-lp152.10.3.1
openSUSE Leap 15.2:libqt4-4.8.7-lp152.10.3.1
openSUSE Leap 15.2:libqt4-devel-32bit-4.8.7-lp152.10.3.1
openSUSE Leap 15.2:libqt4-devel-4.8.7-lp152.10.3.1
Ссылки
- CVE-2018-19873
- SUSE Bug 1118596
- SUSE Bug 1126909
Описание
An issue was discovered in Qt through 5.12.9, and 5.13.x through 5.15.x before 5.15.1. read_xbm_body in gui/image/qxbmhandler.cpp has a buffer over-read.
Затронутые продукты
openSUSE Leap 15.2:libqt4-32bit-4.8.7-lp152.10.3.1
openSUSE Leap 15.2:libqt4-4.8.7-lp152.10.3.1
openSUSE Leap 15.2:libqt4-devel-32bit-4.8.7-lp152.10.3.1
openSUSE Leap 15.2:libqt4-devel-4.8.7-lp152.10.3.1
Ссылки
- CVE-2020-17507
- SUSE Bug 1176315