Fedora 21: Security Advisory for qt3 Application Crash Risk
fedora
May 1, 2015
This update fixes CVE-2015-1860, a buffer overflow when loading some specific invalid GIF image files, which could be exploited for denial of service (application crash) and possib...
Summary
Qt is a GUI software toolkit which simplifies the task of writing and
maintaining GUI (Graphical User Interface) applications
for the X Window System.
Qt is written in C++ and is fully object-oriented.
This package contains the shared library needed to run Qt 3
applications, as well as the README files for Qt 3.
Update Information:
This update fixes CVE-2015-1860, a buffer overflow when loading some specific invalid GIF image files, which could be exploited for denial of service (application crash) and possibly even arbitrary code execution attacks. The security patch is backported from Qt 4.
(Please note that Qt 3 is NOT vulnerable to the simultaneously published issues CVE-2015-1858 and CVE-2015-1859.)
Topics Covered
Change Log
* Tue Apr 21 2015 Kevin Kofler
References
[ 1 ] Bug #1210675 - CVE-2015-1860 qt: segmentation fault in qgifhandler.cpp
https://bugzilla.redhat.com/show_bug.cgi?id=1210675
Update Instructions
This update can be installed with the "yum" update program. Use su -c 'yum update qt3' at the command line. For more information, refer to "Managing Software with yum", available at .
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Name: qt3
Product: Fedora 21
Version: 3.3.8b
Release: 63.fc21
Summary: The shared library for the Qt 3 GUI toolkit
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!