Vulnerability CVE-2018-19872: Information
Description
An issue was discovered in Qt 5.11. A malformed PPM image causes a division by zero and a crash in qppmhandler.cpp.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
qt4 | sisyphus | 4.8.7-alt17 | 4.8.7-alt26 | ALT-PU-2019-2558-1 | 236710 | Fixed |
qt4 | p10 | 4.8.7-alt17 | 4.8.7-alt23 | ALT-PU-2019-2558-1 | 236710 | Fixed |
qt4 | p9 | 4.8.7-alt18 | 4.8.7-alt22 | ALT-PU-2019-2583-1 | 236801 | Fixed |
qt4 | p8 | 4.8.7-alt7.1 | 4.8.7-alt7.1 | ALT-PU-2019-2659-1 | 236719 | Fixed |
qt4 | c10f1 | 4.8.7-alt17 | 4.8.7-alt23 | ALT-PU-2019-2558-1 | 236710 | Fixed |
qt4 | c9f2 | 4.8.7-alt18 | 4.8.7-alt20 | ALT-PU-2019-2583-1 | 236801 | Fixed |
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
---|---|
https://bugreports.qt.io/browse/QTBUG-69449 |
|
http://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/ |
|
openSUSE-SU-2019:1239 |
|
USN-4275-1 | |
[debian-lts-announce] 20200928 [SECURITY] [DLA 2376-1] qtbase-opensource-src security update | |
[debian-lts-announce] 20200928 [SECURITY] [DLA 2377-1] qt4-x11 security update | |
FEDORA-2019-03ac7f1d2f | |
FEDORA-2019-ae913a2f00 | |
FEDORA-2019-b5e690b96e |