[Forgot Password]
Login  Register Subscribe

25354

 
 

132811

 
 

146457

 
 

909

 
 

117103

 
 

156

Paid content will be excluded from the download.


Download | Alert*
OVAL

CESA-2019:2135 -- centos 7 qt5-qtmultimedia

ID: oval:org.secpod.oval:def:205348Date: (C)2019-09-17   (M)2020-02-26
Class: PATCHFamily: unix




Qt is a software toolkit for developing applications. The qt5-base packages contain base tools for string, xml, and network handling in Qt. The following packages have been upgraded to a later upstream version: qt5-qt3d , qt5-qtbase , qt5-qtcanvas3d , qt5-qtconnectivity , qt5-qtdeclarative , qt5-qtdoc , qt5-qtgraphicaleffects , qt5-qtimageformats , qt5-qtlocation , qt5-qtmultimedia , qt5-qtquickcontrols , qt5-qtquickcontrols2 , qt5-qtscript , qt5-qtsensors , qt5-qtserialbus , qt5-qtserialport , qt5-qtsvg , qt5-qttools , qt5-qttranslations , qt5-qtwayland , qt5-qtwebchannel , qt5-qtwebsockets , qt5-qtx11extras , qt5-qtxmlpatterns . Security Fix: * qt5-qtbase: Double free in QXmlStreamReader * qt5-qtsvg: Invalid parsing of malformed url reference resulting in a denial of service * qt5-qtbase: QImage allocation failure in qgifhandler * qt5-qtimageformats: QTgaFile CPU exhaustion * qt5-qtbase: QBmpHandler segmentation fault on malformed BMP file For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.

Platform:
CentOS 7
Product:
qt5-qtmultimedia
Reference:
CESA-2019:2135
CVE-2018-15518
CVE-2018-19869
CVE-2018-19870
CVE-2018-19871
CVE-2018-19873
CVE    5
CVE-2018-19873
CVE-2018-19871
CVE-2018-19870
CVE-2018-15518
...
CPE    2
cpe:/a:qt-project:qt5-qtmultimedia
cpe:/o:centos:centos:7

© SecPod Technologies