Fedora 22 FEDORA-2015-6613 Moderate: Qt3 Buffer Overflow Risk
fedora
April 24, 2015
This update fixes CVE-2015-1860, a buffer overflow when loading some specific invalid GIF image files, which could be exploited for denial of service (application crash) and possib...
Summary
Qt is a GUI software toolkit which simplifies the task of writing and
maintaining GUI (Graphical User Interface) applications
for the X Window System.
Qt is written in C++ and is fully object-oriented.
This package contains the shared library needed to run Qt 3
applications, as well as the README files for Qt 3.
Update Information:
This update fixes CVE-2015-1860, a buffer overflow when loading some specific invalid GIF image files, which could be exploited for denial of service (application crash) and possibly even arbitrary code execution attacks. The security patch is backported from Qt 4.
(Please note that Qt 3 is NOT vulnerable to the simultaneously published issues CVE-2015-1858 and CVE-2015-1859.)
Topics Covered
Change Log
References
[ 1 ] Bug #1210675 - CVE-2015-1860 qt: segmentation fault in qgifhandler.cpp
https://bugzilla.redhat.com/show_bug.cgi?id=1210675
Update Instructions
This update can be installed with the "yum" update program. Use su -c 'yum update qt3' at the command line. For more information, refer to "Managing Software with yum", available at .
PREVIOUS
NEXT
Name: qt3
Product: Fedora 22
Version: 3.3.8b
Release: 63.fc22
Summary: The shared library for the Qt 3 GUI toolkit
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!