Explore top 10 tips to secure your open-source projects now. Read More
×
Qt could be made to crash or run programs as your login if it opened a
specially crafted file.
Software Description:
- qt4-x11: Qt 4 libraries
- qtbase-opensource-src: Qt 5 libraries
Details:
Wolfgang Schenk discovered that Qt incorrectly handled certain malformed
GIF images. If a user or automated system were tricked into opening a
specially crafted GIF image, a remote attacker could use this issue to
cause Qt to crash, resulting in a denial of service. This issue only
applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-0190)
Fabian Vogt discovered that Qt incorrectly handled certain malformed BMP
images. If a user or automated system were tricked into opening a specially
crafted BMP image, a remote attacker could use this issue to cause Qt to
crash, resulting in a denial of service. (CVE-2015-0295)
Richard Moore and Fabian Vogt discovered that Qt incorrectly handled
certain malformed BMP images. If a user or automated system were tricked
into o...
The problem can be corrected by updating your system to the following package versions: Ubuntu 15.04: libqt5gui5 5.4.1+dfsg-2ubuntu4.1 libqtgui4 4:4.8.6+git64-g5dc8b2b+dfsg-3~ubuntu6.1 Ubuntu 14.10: libqt5gui5 5.3.0+dfsg-2ubuntu9.1 libqtgui4 4:4.8.6+git49-gbc62005+dfsg-1ubuntu1.1 Ubuntu 14.04 LTS: libqt5gui5 5.2.1+dfsg-1ubuntu14.3 libqtgui4 4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1 Ubuntu 12.04 LTS: libqtgui4 4:4.8.1-0ubuntu4.9 After a standard system update you need to restart your session to make all the necessary changes.
https://ubuntu.com/security/notices/USN-2626-1
CVE-2014-0190, CVE-2015-0295, CVE-2015-1858, CVE-2015-1859,
CVE-2015-1860
Get the latest Linux and open source security news straight to your inbox.