drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Preisgabe von Informationen in qt5-qtsvg
Name: |
Preisgabe von Informationen in qt5-qtsvg |
|
ID: |
FEDORA-2021-6167e8e205 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 33 |
|
Datum: |
Mi, 17. März 2021, 07:21 |
|
Referenzen: |
https://bugzilla.redhat.com/show_bug.cgi?id=1931444 |
|
Applikationen: |
Qt |
|
Originalnachricht |
------------------------------------------------------------------------------- - Fedora Update Notification FEDORA-2021-6167e8e205 2021-03-17 02:17:03.381087 ------------------------------------------------------------------------------- -
Name : qt5-qtsvg Product : Fedora 33 Version : 5.15.2 Release : 3.fc33 URL : http://www.qt.io Summary : Qt5 - Support for rendering and displaying SVG Description : Scalable Vector Graphics (SVG) is an XML-based language for describing two-dimensional vector graphics. Qt provides classes for rendering and displaying SVG drawings in widgets and on other paint devices.
------------------------------------------------------------------------------- - Update Information:
An out of bounds read in function QRadialFetchSimd from crafted svg file may lead to information disclosure or other potential consequences. This update includes the backported upstream fix and should resolve the security issue. ------------------------------------------------------------------------------- - ChangeLog:
* Tue Mar 9 2021 Than Ngo <than@redhat.com> - 5.15.2-3 - Resolves: #1931447, Out of bounds read in function QRadialFetchSimd from crafted svg file ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1931444 - qt: Out of bounds read in function QRadialFetchSimd from crafted svg file https://bugzilla.redhat.com/show_bug.cgi?id=1931444 ------------------------------------------------------------------------------- -
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-6167e8e205' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
|
|
|
|