Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Mehrere Probleme in qt5-qtbase
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in qt5-qtbase
ID: FEDORA-2015-6114
Distribution: Fedora
Plattformen: Fedora 22
Datum: Di, 21. April 2015, 23:38
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1858
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1859
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1860

Originalnachricht

Name        : qt5-qtbase
Product : Fedora 22
Version : 5.4.1
Release : 9.fc22
URL : http://qt-project.org/
Summary : Qt5 - QtBase components
Description :
Qt is a software toolkit for developing applications.

This package contains base tools, like string, xml, and network
handling.

-------------------------------------------------------------------------------
-
Update Information:

Multiple vulnerabilities were found in Qt image format handling of BMP, ICO
and GIF files. The issues exposed included denial of service and buffer overflows leading to heap corruption. It is possible the latter could be used to perform remote code execution.

See also http://lists.qt-project.org/pipermail/announce/2015-April/000067.html

Drop backported Qt 5.5 XCB patches, the rebase is incomplete and does not work
properly with Qt 5.4
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1210675 - CVE-2015-1860 qt: segmentation fault in qgifhandler.cpp
https://bugzilla.redhat.com/show_bug.cgi?id=1210675
[ 2 ] Bug #1210674 - CVE-2015-1859 qt: segmentation fault in qicohandler.cpp
https://bugzilla.redhat.com/show_bug.cgi?id=1210674
[ 3 ] Bug #1210673 - CVE-2015-1858 qt: segmentation fault in qbmphandler.cpp
https://bugzilla.redhat.com/show_bug.cgi?id=1210673
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update qt5-qtbase' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung