openSUSE Leap 15.1: 2020:1452-1 Moderate: libqt4 Buffer Overflow

opensuse

September 18, 2020

An update that solves four vulnerabilities and has one errata is now available.

Description

This update for libqt4 fixes the following issues:

* Fix buffer over-read in read_xbm_body (boo#1176315, CVE-2020-17507)

* Fix "double free or corruption" in QXmlStreamReader (boo#1118595,

CVE-2018-15518)

* Fix QBmpHandler segfault on malformed BMP file boo#1118596,

CVE-2018-19873)

* Fix crash when parsing malformed url reference (boo#1118599,

CVE-2018-19869)

Topics Covered

security advisory moderate buffer overflow application fix openSUSE library patch

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.1:

zypper in -t patch openSUSE-2020-1452=1

Package List

- openSUSE Leap 15.1 (i586 x86_64):

libqt4-4.8.7-lp151.9.3.1

libqt4-debuginfo-4.8.7-lp151.9.3.1

libqt4-debugsource-4.8.7-lp151.9.3.1

libqt4-devel-4.8.7-lp151.9.3.1

libqt4-devel-debuginfo-4.8.7-lp151.9.3.1

libqt4-linguist-4.8.7-lp151.9.3.1

libqt4-linguist-debuginfo-4.8.7-lp151.9.3.1

libqt4-private-headers-devel-4.8.7-lp151.9.3.1

libqt4-qt3support-4.8.7-lp151.9.3.1

libqt4-qt3support-debuginfo-4.8.7-lp151.9.3.1

libqt4-sql-4.8.7-lp151.9.3.1

libqt4-sql-debuginfo-4.8.7-lp151.9.3.1

libqt4-sql-sqlite-4.8.7-lp151.9.3.1

libqt4-sql-sqlite-debuginfo-4.8.7-lp151.9.3.1

libqt4-x11-4.8.7-lp151.9.3.1

libqt4-x11-debuginfo-4.8.7-lp151.9.3.1

- openSUSE Leap 15.1 (x86_64):

libqt4-32bit-4.8.7-lp151.9.3.1

libqt4-32bit-debuginfo-4.8.7-lp151.9.3.1

libqt4-devel-32bit-4.8.7-lp151.9.3.1

libqt4-devel-32bit-debuginfo-4.8.7-lp151.9.3.1

libqt4-devel-doc-4.8.7-lp151.9.3.1

libqt4-devel-doc-debuginfo-4.8.7-lp151.9.3.1

libqt4-devel-doc-debugsource-4.8.7-lp151.9.3.1

libqt4-qt3support-32bit-4.8.7-lp151.9.3.1

libqt4-qt3support-32bit-debuginfo-4.8.7-...

Read the Full Advisory

References

https://www.suse.com/security/cve/CVE-2018-15518.html

https://www.suse.com/security/cve/CVE-2018-19869.html

https://www.suse.com/security/cve/CVE-2018-19873.html

https://www.suse.com/security/cve/CVE-2020-17507.html

https://bugzilla.suse.com/1118595

https://bugzilla.suse.com/1118596

https://bugzilla.suse.com/1118599

https://bugzilla.suse.com/1121214

https://bugzilla.suse.com/1176315

Announcement ID: openSUSE-SU-2020:1452-1

Rating: moderate

Affected Products: openSUSE Leap 15.1 le.

Topics Covered

security advisory moderate buffer overflow application fix openSUSE library patch

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

openSUSE Leap 15.1: 2020:1452-1 Moderate: libqt4 Buffer Overflow

Description

Topics Covered

Patch

Package List

References

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

openSUSE Leap 15.1: 2020:1452-1 Moderate: libqt4 Buffer Overflow

Description

Topics Covered

Patch

Package List

References

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!