Preisgabe von Informationen in qt5-qtsvg
ID: | FEDORA-2021-a95a40b78b |
Distribution: | Fedora |
Plattformen: | Fedora 34 |
Datum: | Do, 25. März 2021, 07:44 |
Referenzen: | https://bugzilla.redhat.com/show_bug.cgi?id=1931444 |
Applikationen: | Qt |
Originalnachricht |
|
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2021-a95a40b78b 2021-03-25 00:15:39.359217 -------------------------------------------------------------------------------- Name : qt5-qtsvg Product : Fedora 34 Version : 5.15.2 Release : 4.fc34 URL : http://www.qt.io Summary : Qt5 - Support for rendering and displaying SVG Description : Scalable Vector Graphics (SVG) is an XML-based language for describing two-dimensional vector graphics. Qt provides classes for rendering and displaying SVG drawings in widgets and on other paint devices. -------------------------------------------------------------------------------- Update Information: An out of bounds read in function QRadialFetchSimd from crafted svg file may lead to information disclosure or other potential consequences. This update includes the backported upstream fix and should resolve the security issue. -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 9 2021 Than Ngo |