openSUSE-SU-2021:1371-1

Опубликовано: 18 окт. 2021

Источник: suse-cvrf

Описание

Security update for libqt5-qtsvg

This update for libqt5-qtsvg fixes the following issues:

CVE-2021-3481: Fixed an out of bounds read in function QRadialFetchSimd from crafted svg file. (bsc#1184783)

This update was imported from the SUSE:SLE-15-SP2:Update update project.

Список пакетов

openSUSE Leap 15.2

libQt5Svg5-5.12.7-lp152.2.3.1

libQt5Svg5-32bit-5.12.7-lp152.2.3.1

libqt5-qtsvg-devel-5.12.7-lp152.2.3.1

libqt5-qtsvg-devel-32bit-5.12.7-lp152.2.3.1

libqt5-qtsvg-examples-5.12.7-lp152.2.3.1

libqt5-qtsvg-private-headers-devel-5.12.7-lp152.2.3.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WUQQL3BSIDANFVPIE65N7IJDJSBTEPHN/
E-Mail link for openSUSE-SU-2021:1371-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1184783
SUSE Bug 1184783
https://www.suse.com/security/cve/CVE-2021-3481/
SUSE CVE CVE-2021-3481 page

Описание

A flaw was found in Qt. An out-of-bounds read vulnerability was found in QRadialFetchSimd in qt/qtbase/src/gui/painting/qdrawhelper_p.h in Qt/Qtbase. While rendering and displaying a crafted Scalable Vector Graphics (SVG) file this flaw may lead to an unauthorized memory access. The highest threat from this vulnerability is to data confidentiality and the application availability.

Затронутые продукты

openSUSE Leap 15.2:libQt5Svg5-32bit-5.12.7-lp152.2.3.1

openSUSE Leap 15.2:libQt5Svg5-5.12.7-lp152.2.3.1

openSUSE Leap 15.2:libqt5-qtsvg-devel-32bit-5.12.7-lp152.2.3.1

openSUSE Leap 15.2:libqt5-qtsvg-devel-5.12.7-lp152.2.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-3481.html
CVE-2021-3481
https://bugzilla.suse.com/1184783
SUSE Bug 1184783

openSUSE-SU-2021:1371-1

Описание

Список пакетов

openSUSE Leap 15.2

Ссылки

Уязвимость: CVE-2021-3481

Описание

Затронутые продукты

Ссылки