Ubuntu 5081-1: Qt vulnerabilities | LinuxSecurity.com

Advisories

==========================================================================
Ubuntu Security Notice USN-5081-1
September 16, 2021

qtbase-opensource-src vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.04 LTS

Summary:

Several security issues were fixed in Qt.

Software Description:
- qtbase-opensource-src: Qt 5 libraries

Details:

It was discovered that Qt incorrectly handled certain XBM image files. If a
user or automated system were tricked into opening a specially crafted PPM
file, a remote attacker could cause Qt to crash, resulting in a denial of
service. (CVE-2020-17507)

It was discovered that Qt incorrectly handled certain graphics operations.
If a user or automated system were tricked into performing certain graphics
operations, a remote attacker could cause Qt to crash, resulting in a
denial of service. (CVE-2021-38593)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
  libqt5core5a                    5.9.5+dfsg-0ubuntu2.6
  libqt5gui5                      5.9.5+dfsg-0ubuntu2.6

After a standard system update you need to restart your session to make all
the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-5081-1
  CVE-2020-17507, CVE-2021-38593

Package Information:
  https://launchpad.net/ubuntu/+source/qtbase-opensource-src/5.9.5+dfsg-0ubuntu2.6

Ubuntu 5081-1: Qt vulnerabilities

September 16, 2021

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS Summary: Several security issues were fixed in Qt. Software Description: - qtbase-opensource-src: Qt 5 libraries Details: It was discovered that Qt incorrectly handled certain XBM image files. If a user or automated system were tricked into opening a specially crafted PPM file, a remote attacker could cause Qt to crash, resulting in a denial of service. (CVE-2020-17507) It was discovered that Qt incorrectly handled certain graphics operations. If a user or automated system were tricked into performing certain graphics operations, a remote attacker could cause Qt to crash, resulting in a denial of service. (CVE-2021-38593)

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS: libqt5core5a 5.9.5+dfsg-0ubuntu2.6 libqt5gui5 5.9.5+dfsg-0ubuntu2.6 After a standard system update you need to restart your session to make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5081-1

CVE-2020-17507, CVE-2021-38593

Severity
Ubuntu Security Notice USN-5081-1

Package Information

https://launchpad.net/ubuntu/+source/qtbase-opensource-src/5.9.5+dfsg-0ubuntu2.6

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.