Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 428
Alerts This Week
Warning Icon 1 428

Ubuntu 18.04 LTS USN-5241-1 Moderate: QtSvg Denial Of Service

ubuntu
Calendar Grey January 19, 2022
Dist Ubuntu Esm H88
Numerous QtSvg glitches addressed in Ubuntu 18.04 LTS; a routine update tackles serious security vulnerabilities.
Several security issues were fixed in QtSvg.

Summary

Several security issues were fixed in QtSvg.

Software Description:

- qtsvg-opensource-src: Qt 5 SVG module

Details:

It was discovered that QtSvg incorrectly handled certain malformed SVG

images. If a user or automated system were tricked into opening a specially

crafted image file, a remote attacker could use this issue to cause QtSvg

to crash, resulting in a denial of service, or possibly execute arbitrary

code.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
  libqt5svg5                      5.9.5-0ubuntu1.1

In general, a standard system update will make all the necessary changes.

References

CVE-2018-19869, CVE-2021-3481, CVE-2021-45930

January 19, 2022

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.