==========================================================================
Ubuntu Security Notice USN-5081-1
September 16, 2021

qtbase-opensource-src vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.04 LTS

Summary:

Several security issues were fixed in Qt.

Software Description:
- qtbase-opensource-src: Qt 5 libraries

Details:

It was discovered that Qt incorrectly handled certain XBM image files. If a
user or automated system were tricked into opening a specially crafted PPM
file, a remote attacker could cause Qt to crash, resulting in a denial of
service. (CVE-2020-17507)

It was discovered that Qt incorrectly handled certain graphics operations.
If a user or automated system were tricked into performing certain graphics
operations, a remote attacker could cause Qt to crash, resulting in a
denial of service. (CVE-2021-38593)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
  libqt5core5a                    5.9.5+dfsg-0ubuntu2.6
  libqt5gui5                      5.9.5+dfsg-0ubuntu2.6

After a standard system update you need to restart your session to make all
the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-5081-1
  CVE-2020-17507, CVE-2021-38593

Package Information:
  https://launchpad.net/ubuntu/+source/qtbase-opensource-src/5.9.5+dfsg-0ubuntu2.6