SUSE: 2020:1021-1 Moderate: libqt4 Update with Fixes for Issues
suse
April 17, 2020
An update that solves three vulnerabilities and has one errata is now available.
Summary
This update for libqt4 fixes the following issues: - CVE-2018-15518: Fixed a double free in QXmlStreamReader (bsc#1118595) - CVE-2018-19873: Fixed a segmantation fault via a malformed BMP file (bsc#1118596). - CVE-2018-19869: Fixed an improper checking which might lead to a crach via a malformed url reference (bsc#1118599). - Added stricter toplevel asm parsing by dropping volatile qualification that has no effect (bsc#1121214). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP5: zypper in -t patch SUSE-SLE-WE-12-SP5-2020-1021=1
Topics Covered
References
#1118595 #1118596 #1118599 #1121214
Cross- CVE-2018-15518 CVE-2018-19869 CVE-2018-19873
Affected Products:
SUSE Linux Enterprise Workstation Extension 12-SP5
SUSE Linux Enterprise Workstation Extension 12-SP4
SUSE Linux Enterprise Software Development Kit 12-SP5
SUSE Linux Enterprise Software Development Kit 12-SP4
SUSE Linux Enterprise Server 12-SP5
SUSE Linux Enterprise Server 12-SP4
https://www.suse.com/security/cve/CVE-2018-15518.html
https://www.suse.com/security/cve/CVE-2018-19869.html
https://www.suse.com/security/cve/CVE-2018-19873.html
https://bugzilla.suse.com/1118595
https://bugzilla.suse.com/1118596
https://bugzilla.suse.com/1118599
https://bugzilla.suse.com/1121214
PREVIOUS
NEXT
Announcement ID: SUSE-SU-2020:1021-1
Rating: moderate
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!