Alerts This Week
Warning Icon 1 646
Alerts This Week
Warning Icon 1 646

openSUSE: 2020:1564-1 Important: libqt5-qtbase Buffer Overflow Fix

opensuse
Calendar Grey September 28, 2020
Dist Opensuse Esm H88
OpenSUSE has released an essential security patch for libqt5-qtbase, fixing a serious buffer vulnerability while also improving stability and performance with additional updates
An update that solves one vulnerability and has one errata is now available.

Description

This update for libqt5-qtbase fixes the following issues:

- CVE-2020-17507: Fixed a buffer overflow in XBM parser (bsc#1176315)

- Fixed various issues discovered by fuzzing:

- Made handling of XDG_RUNTIME_DIR more secure (bsc#1172515):

This update was imported from the SUSE:SLE-15-SP2:Update update project.

Topics%20covered

Topics Covered

security advisory buffer overflow patch important openSUSE libqt5-qtbase XBM parser

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.2:

zypper in -t patch openSUSE-2020-1564=1

Package List

- openSUSE Leap 15.2 (i586 x86_64):

libQt5Bootstrap-devel-static-5.12.7-lp152.3.6.1

libQt5Concurrent-devel-5.12.7-lp152.3.6.1

libQt5Concurrent5-5.12.7-lp152.3.6.1

libQt5Concurrent5-debuginfo-5.12.7-lp152.3.6.1

libQt5Core-devel-5.12.7-lp152.3.6.1

libQt5Core5-5.12.7-lp152.3.6.1

libQt5Core5-debuginfo-5.12.7-lp152.3.6.1

libQt5DBus-devel-5.12.7-lp152.3.6.1

libQt5DBus-devel-debuginfo-5.12.7-lp152.3.6.1

libQt5DBus5-5.12.7-lp152.3.6.1

libQt5DBus5-debuginfo-5.12.7-lp152.3.6.1

libQt5Gui-devel-5.12.7-lp152.3.6.1

libQt5Gui5-5.12.7-lp152.3.6.1

libQt5Gui5-debuginfo-5.12.7-lp152.3.6.1

libQt5KmsSupport-devel-static-5.12.7-lp152.3.6.1

libQt5Network-devel-5.12.7-lp152.3.6.1

libQt5Network5-5.12.7-lp152.3.6.1

libQt5Network5-debuginfo-5.12.7-lp152.3.6.1

libQt5OpenGL-devel-5.12.7-lp152.3.6.1

libQt5OpenGL5-5.12.7-lp152.3.6.1

libQt5OpenGL5-debuginfo-5.12.7-lp152.3.6.1

libQt5OpenGLExtensions-devel-static-5.12.7-lp152.3.6.1

libQt5PlatformHeaders-devel-5.12.7-lp152.3.6.1

libQt5PlatformSupport-devel-static-5.12.7-lp152.3.6.1

libQt5PrintS...

Read the Full Advisory

References

https://www.suse.com/security/cve/CVE-2020-17507.html

https://bugzilla.suse.com/1172515

https://bugzilla.suse.com/1176315

--

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2020:1564-1
Rating: important
Affected Products: openSUSE Leap 15.2 le.

Topics%20covered

Topics Covered

security advisory buffer overflow patch important openSUSE libqt5-qtbase XBM parser

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here