Fedora 21: qt3 Security Update
Summary
Qt is a GUI software toolkit which simplifies the task of writing and
maintaining GUI (Graphical User Interface) applications
for the X Window System.
Qt is written in C++ and is fully object-oriented.
This package contains the shared library needed to run Qt 3
applications, as well as the README files for Qt 3.
Update Information:
This update fixes CVE-2015-1860, a buffer overflow when loading some specific invalid GIF image files, which could be exploited for denial of service (application crash) and possibly even arbitrary code execution attacks. The security patch is backported from Qt 4.
(Please note that Qt 3 is NOT vulnerable to the simultaneously published issues CVE-2015-1858 and CVE-2015-1859.)
Change Log
* Tue Apr 21 2015 Kevin Kofler
References
[ 1 ] Bug #1210675 - CVE-2015-1860 qt: segmentation fault in qgifhandler.cpp https://bugzilla.redhat.com/show_bug.cgi?id=1210675
Update Instructions
This update can be installed with the "yum" update program. Use su -c 'yum update qt3' at the command line. For more information, refer to "Managing Software with yum", available at .