Fedora 29 Security Advisory: mingw-qt5-qtwebsockets Critical Fix

This package contains the Qt software toolkit for developing

cross-platform applications.

This is the Windows version of Qt, for use in conjunction with the

Fedora Windows cross-compiler.

Update to mingw-qt5-*-5.11.3, see

https://www.qt.io/blog

for details. Update to mingw-sip-4.19.13, see

for details.

* Mon Jan 14 2019 Sandro Mani - 5.11.3-1

- Update to 5.11.3

* Sun Sep 23 2018 Sandro Mani - 5.11.2-1

- Update to 5.11.2

[ 1 ] Bug #1659001 - CVE-2018-15518 CVE-2018-19870 CVE-2018-19873 mingw-qt5-qtbase: various flaws [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1659001

[ 2 ] Bug #1661461 - CVE-2018-19869 mingw-qt5-qtsvg: qt5-qtsvg: Invalid parsing of malformed url reference resulting in a denial of service [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1661461

[ 3 ] Bug #1661466 - CVE-2018-19871 mingw-qt5-qtimageformats: qt5-qtimageformats: QTgaFile CPU exhaustion [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1661466

su -c 'dnf upgrade --advisory FEDORA-2019-3c45bd2cc3' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org