MGASA-2019-0356

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2019-0356.html

Import Source

https://advisories.mageia.org/MGASA-2019-0356.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2019-0356

Related

CVE-2019-18281

Published

2019-12-06T14:15:42Z

Modified

2019-12-24T11:54:50Z

Summary

Updated QT stack fix security vulnerability

Details

This update provides the 5.12.6 QT stack maintenance release and fixes the following security issue:

An out-of-bounds memory access in the generateDirectionalRuns() function in qtextengine.cpp in Qt qtbase 5.11.x and 5.12.x before 5.12.5 allows attackers to cause a denial of service by crashing an application via a text file containing many directional characters (CVE-2019-18281).

kwin and skrooge has been rebuilt to pick up proper dependencies on the updated QT packages.

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:7 / kwin

Package

Name: kwin
Purl: pkg:rpm/mageia/kwin?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.15.4-1.1.mga7

Ecosystem specific

{
    "section": "core"
}

Mageia:7 / pyside2

Package

Name: pyside2
Purl: pkg:rpm/mageia/pyside2?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.12.6-1.mga7

Ecosystem specific

{
    "section": "core"
}

Mageia:7 / pyside2-tools

Package

Name: pyside2-tools
Purl: pkg:rpm/mageia/pyside2-tools?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.12.6-1.mga7

Ecosystem specific

{
    "section": "core"
}

Mageia:7 / qt3d5

Package

Name: qt3d5
Purl: pkg:rpm/mageia/qt3d5?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.12.6-1.mga7

Ecosystem specific

{
    "section": "core"
}

Mageia:7 / qtbase5

Package

Name: qtbase5
Purl: pkg:rpm/mageia/qtbase5?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.12.6-1.mga7

Ecosystem specific

{
    "section": "core"
}

Mageia:7 / qtcharts5

Package

Name: qtcharts5
Purl: pkg:rpm/mageia/qtcharts5?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.12.6-1.mga7

Ecosystem specific

{
    "section": "core"
}

Mageia:7 / qtconnectivity5

Package

Name: qtconnectivity5
Purl: pkg:rpm/mageia/qtconnectivity5?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.12.6-1.mga7

Ecosystem specific

{
    "section": "core"
}

Mageia:7 / qtdatavis3d5

Package

Name: qtdatavis3d5
Purl: pkg:rpm/mageia/qtdatavis3d5?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.12.6-1.mga7

Ecosystem specific

{
    "section": "core"
}

Mageia:7 / qtdeclarative5

Package

Name: qtdeclarative5
Purl: pkg:rpm/mageia/qtdeclarative5?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.12.6-1.mga7

Ecosystem specific

{
    "section": "core"
}

Mageia:7 / qtdoc5

Package

Name: qtdoc5
Purl: pkg:rpm/mageia/qtdoc5?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.12.6-1.mga7

Ecosystem specific

{
    "section": "core"
}

Mageia:7 / qtenginio5

Package

Name: qtenginio5
Purl: pkg:rpm/mageia/qtenginio5?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.6.3-7.1.mga7

Ecosystem specific

{
    "section": "core"
}

Mageia:7 / qtgamepad5

Package

Name: qtgamepad5
Purl: pkg:rpm/mageia/qtgamepad5?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.12.6-1.mga7

Ecosystem specific

{
    "section": "core"
}

Mageia:7 / qtgraphicaleffects5

Package

Name: qtgraphicaleffects5
Purl: pkg:rpm/mageia/qtgraphicaleffects5?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.12.6-1.mga7

Ecosystem specific

{
    "section": "core"
}

Mageia:7 / qtimageformats5

Package

Name: qtimageformats5
Purl: pkg:rpm/mageia/qtimageformats5?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.12.6-1.mga7

Ecosystem specific

{
    "section": "core"
}

Mageia:7 / qtlocation5

Package

Name: qtlocation5
Purl: pkg:rpm/mageia/qtlocation5?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.12.6-1.mga7

Ecosystem specific

{
    "section": "core"
}

Mageia:7 / qtmultimedia5

Package

Name: qtmultimedia5
Purl: pkg:rpm/mageia/qtmultimedia5?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.12.6-1.mga7

Ecosystem specific

{
    "section": "core"
}

Mageia:7 / qtnetworkauth5

Package

Name: qtnetworkauth5
Purl: pkg:rpm/mageia/qtnetworkauth5?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.12.6-1.mga7

Ecosystem specific

{
    "section": "core"
}

Mageia:7 / qtpurchasing5

Package

Name: qtpurchasing5
Purl: pkg:rpm/mageia/qtpurchasing5?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.12.6-1.mga7

Ecosystem specific

{
    "section": "core"
}

Mageia:7 / qtquickcontrols25

Package

Name: qtquickcontrols25
Purl: pkg:rpm/mageia/qtquickcontrols25?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.12.6-1.mga7

Ecosystem specific

{
    "section": "core"
}

Mageia:7 / qtquickcontrols5

Package

Name: qtquickcontrols5
Purl: pkg:rpm/mageia/qtquickcontrols5?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.12.6-1.mga7

Ecosystem specific

{
    "section": "core"
}

Mageia:7 / qtremoteobjects5

Package

Name: qtremoteobjects5
Purl: pkg:rpm/mageia/qtremoteobjects5?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.12.6-1.mga7

Ecosystem specific

{
    "section": "core"
}

Mageia:7 / qtscript5

Package

Name: qtscript5
Purl: pkg:rpm/mageia/qtscript5?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.12.6-1.mga7

Ecosystem specific

{
    "section": "core"
}

Mageia:7 / qtscxml5

Package

Name: qtscxml5
Purl: pkg:rpm/mageia/qtscxml5?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.12.6-1.mga7

Ecosystem specific

{
    "section": "core"
}

Mageia:7 / qtsensors5

Package

Name: qtsensors5
Purl: pkg:rpm/mageia/qtsensors5?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.12.6-1.mga7

Ecosystem specific

{
    "section": "core"
}

Mageia:7 / qtserialbus5

Package

Name: qtserialbus5
Purl: pkg:rpm/mageia/qtserialbus5?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.12.6-1.mga7

Ecosystem specific

{
    "section": "core"
}

Mageia:7 / qtserialport5

Package

Name: qtserialport5
Purl: pkg:rpm/mageia/qtserialport5?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.12.6-1.mga7

Ecosystem specific

{
    "section": "core"
}

Mageia:7 / qtspeech5

Package

Name: qtspeech5
Purl: pkg:rpm/mageia/qtspeech5?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.12.6-1.mga7

Ecosystem specific

{
    "section": "core"
}

Mageia:7 / qtsvg5

Package

Name: qtsvg5
Purl: pkg:rpm/mageia/qtsvg5?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.12.6-1.mga7

Ecosystem specific

{
    "section": "core"
}

Mageia:7 / qttools5

Package

Name: qttools5
Purl: pkg:rpm/mageia/qttools5?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.12.6-1.mga7

Ecosystem specific

{
    "section": "core"
}

Mageia:7 / qttranslations5

Package

Name: qttranslations5
Purl: pkg:rpm/mageia/qttranslations5?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.12.6-1.mga7

Ecosystem specific

{
    "section": "core"
}

Mageia:7 / qtvirtualkeyboard5

Package

Name: qtvirtualkeyboard5
Purl: pkg:rpm/mageia/qtvirtualkeyboard5?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.12.6-1.mga7

Ecosystem specific

{
    "section": "core"
}

Mageia:7 / qtwayland5

Package

Name: qtwayland5
Purl: pkg:rpm/mageia/qtwayland5?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.12.6-1.mga7

Ecosystem specific

{
    "section": "core"
}

Mageia:7 / qtwebchannel5

Package

Name: qtwebchannel5
Purl: pkg:rpm/mageia/qtwebchannel5?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.12.6-1.mga7

Ecosystem specific

{
    "section": "core"
}

Mageia:7 / qtwebengine5

Package

Name: qtwebengine5
Purl: pkg:rpm/mageia/qtwebengine5?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.12.6-1.mga7

Ecosystem specific

{
    "section": "core"
}

Mageia:7 / qtwebglplugin5

Package

Name: qtwebglplugin5
Purl: pkg:rpm/mageia/qtwebglplugin5?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.12.6-1.mga7

Ecosystem specific

{
    "section": "core"
}

Mageia:7 / qtwebkit5

Package

Name: qtwebkit5
Purl: pkg:rpm/mageia/qtwebkit5?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.212.0-1.alpha3.1.mga7

Ecosystem specific

{
    "section": "core"
}

Mageia:7 / qtwebsockets5

Package

Name: qtwebsockets5
Purl: pkg:rpm/mageia/qtwebsockets5?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.12.6-1.mga7

Ecosystem specific

{
    "section": "core"
}

Mageia:7 / qtwebview5

Package

Name: qtwebview5
Purl: pkg:rpm/mageia/qtwebview5?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.12.6-1.mga7

Ecosystem specific

{
    "section": "core"
}

Mageia:7 / qtx11extras5

Package

Name: qtx11extras5
Purl: pkg:rpm/mageia/qtx11extras5?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.12.6-1.mga7

Ecosystem specific

{
    "section": "core"
}

Mageia:7 / qtxmlpatterns5

Package

Name: qtxmlpatterns5
Purl: pkg:rpm/mageia/qtxmlpatterns5?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.12.6-1.mga7

Ecosystem specific

{
    "section": "core"
}

Mageia:7 / shiboken2

Package

Name: shiboken2
Purl: pkg:rpm/mageia/shiboken2?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.12.6-1.mga7

Ecosystem specific

{
    "section": "core"
}

Mageia:7 / skrooge

Package

Name: skrooge
Purl: pkg:rpm/mageia/skrooge?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.19.1-2.mga7

Ecosystem specific

{
    "section": "core"
}