drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in Qt
Name: |
Denial of Service in Qt |
|
ID: |
FEDORA-2015-2897 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 20 |
|
Datum: |
Fr, 6. März 2015, 08:44 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0295 |
|
Applikationen: |
Qt |
|
Originalnachricht |
Name : qt Product : Fedora 20 Version : 4.8.6 Release : 25.fc20 URL : http://qt-project.org/ Summary : Qt toolkit Description : Qt is a software toolkit for developing applications.
This package contains base tools, like string, xml, and network handling.
------------------------------------------------------------------------------- - Update Information:
DoS vulnerability in the BMP image handler (CVE-2015-0295) ------------------------------------------------------------------------------- - ChangeLog:
* Fri Feb 27 2015 Rex Dieter <rdieter@fedoraproject.org> 1:4.8.6-25 - DoS vulnerability in the BMP image handler (CVE-2015-0295) * Mon Feb 16 2015 Rex Dieter <rdieter@fedoraproject.org> 1:4.8.6-24 - more gcc5 detection fixes, in particular, ensure same QT_BUILD_KEY as gcc4 for now * Fri Feb 13 2015 Rex Dieter <rdieter@fedoraproject.org> - 1:4.8.6-23 - Qt: FTBFS with gcc5 (#1192464) - Make Adwaita the default theme for applications running in the GNOME DE (#1192453) * Wed Feb 11 2015 Rex Dieter <rdieter@fedoraproject.org> 1:4.8.6-22 - rebuild (gcc5) * Thu Jan 29 2015 Rex Dieter <rdieter@fedoraproject.org> 1:4.8.6-21 - refresh boost/moc patch (QTBUG-22829) * Sun Jan 18 2015 Rex Dieter <rdieter@fedoraproject.org> 1:4.8.6-20 - fix %pre scriptlet (#1183299) * Sat Jan 17 2015 Rex Dieter <rdieter@fedoraproject.org> 1:4.8.6-19 - ship /etc/xdg/qtchooser/4.conf alternative instead (of qt4.conf) * Wed Nov 26 2014 Rex Dieter <rdieter@fedoraproject.org> 1:4.8.6-18 - omit previously-overlooked webkit bits (#1168259) * Sun Nov 9 2014 Rex Dieter <rdieter@fedoraproject.org> 1:4.8.6-17 - Broken qmake_qt4 in /usr/lib/rpm/macros.d/macros.qt4 (#1161927) * Mon Nov 3 2014 Rex Dieter <rdieter@fedoraproject.org> 1:4.8.6-16 - macros.qt4: standalone, improved %qmake_qt4 macro (sync'd with qt5 version) * Sat Nov 1 2014 Kevin Kofler <Kevin@tigcc.ticalc.org> - 1:4.8.6-15 - sync system-clucene patch from qt5-qttools (some QDir::mkpath in QtCLucene) * Sun Oct 26 2014 Kevin Kofler <Kevin@tigcc.ticalc.org> - 1:4.8.6-14 - build against the system clucene09-core (same patch as for qt5-qttools) * Tue Sep 16 2014 Rex Dieter <rdieter@fedoraproject.org> - 1:4.8.6-13 - qmlviewer: -qt4 wrapper, move to -devel - pull in some upstream fixes * Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1:4.8.6-12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Tue Aug 12 2014 Kevin Kofler <Kevin@tigcc.ticalc.org> - 4.8.6-11 - drop Phonon-GStreamer0.10 support from qtconfig-qt4 on F21+ (#1123112) * Wed Jul 23 2014 Rex Dieter <rdieter@fedoraproject.org> - 4.8.6-10 - use alternatives to fix qtchooser conf's in non-basearch multilib case (#1122316) * Thu Jul 17 2014 Rex Dieter <rdieter@fedoraproject.org> 4.8.6-9.1 - rebuild (for pulseaudio, bug #1117683) * Sat Jun 7 2014 Kevin Kofler <Kevin@tigcc.ticalc.org> 4.8.6-9 - apply proposed fixes for QTBUG-34614,37380,38585 for LibreOffice (#1105422) * Tue Jun 3 2014 Rex Dieter <rdieter@fedoraproject.org> 4.8.6-8 - backport selected upstream commits... - Fix visual index lookup (QTBUG-37813) - RGB30 fix (QTBUG-25998,#1018566) - QDBus comparison * Wed May 7 2014 Rex Dieter <rdieter@fedoraproject.org> 4.8.6-7 - gcc should be fixed, drop workaround (#1091482) * Mon May 5 2014 Rex Dieter <rdieter@fedoraproject.org> 4.8.6-6 - try -fno-devirtualize workaround fc21+ (#1091482, gcc #60965) * Mon May 5 2014 Rex Dieter <rdieter@fedoraproject.org> - 4.8.6-5 - drop f21 gcc-4.9 workarounds (they didn't work) - omit qt-cupsEnumDests.patch, again, pending more testing (#980952) * Fri Apr 25 2014 Rex Dieter <rdieter@fedoraproject.org> 4.8.6-4 - -fno-tree-vrp (#1091482) * Fri Apr 25 2014 Rex Dieter <rdieter@fedoraproject.org> 4.8.6-3 - try -fno-delete-null-pointer-checks to workaround bug #1091482 * Thu Apr 24 2014 Rex Dieter <rdieter@fedoraproject.org> 4.8.6-2 - DoS vulnerability in the GIF image handler (QTBUG-38367) * Thu Apr 24 2014 Rex Dieter <rdieter@fedoraproject.org> 4.8.6-1 - 4.8.6 (final) * Tue Apr 15 2014 Rex Dieter <rdieter@fedoraproject.org> 4.8.6-0.2.rc2 - 4.8.6-rc2 * Tue Apr 1 2014 Rex Dieter <rdieter@fedoraproject.org> - 4.8.6-0.1.rc1 - 4.8.6-rc1 * Wed Mar 26 2014 Rex Dieter <rdieter@fedoraproject.org> 4.8.5-24 - support ppc64le arch (#1081216) * Sat Mar 8 2014 Kevin Kofler <Kevin@tigcc.ticalc.org> 4.8.5-23 - fix QMAKE_STRIP handling (#1074041) * Fri Mar 7 2014 Rex Dieter <rdieter@fedoraproject.org> 4.8.5-22 - respin mysql_config patch * Fri Mar 7 2014 Rex Dieter <rdieter@fedoraproject.org> 4.8.5-21 - restore qt-cupsEnumDests.patch (#980952) * Thu Mar 6 2014 Rex Dieter <rdieter@fedoraproject.org> 4.8.5-20 - systemtrayicon plugin support (from kubuntu) ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1197273 - CVE-2015-0295 QT: BMP image handler crash https://bugzilla.redhat.com/show_bug.cgi?id=1197273 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update qt' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|