openSUSE-SU-2020:1452-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2020:1452-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/openSUSE-SU-2020:1452-1
- Related
- Published
- 2020-09-18T18:24:01Z
- Modified
- 2020-09-18T18:24:01Z
- Summary
- Security update for libqt4
- Details
-
This update for libqt4 fixes the following issues:
- Fix buffer over-read in readxbmbody (boo#1176315, CVE-2020-17507)
- Fix 'double free or corruption' in QXmlStreamReader (boo#1118595, CVE-2018-15518)
- Fix QBmpHandler segfault on malformed BMP file boo#1118596, CVE-2018-19873)
- Fix crash when parsing malformed url reference (boo#1118599, CVE-2018-19869)
- References
-
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/KJKFQBI7CGD7FQDCE2V7CAQ2LKSPRQMR/
- https://bugzilla.suse.com/1118595
- https://bugzilla.suse.com/1118596
- https://bugzilla.suse.com/1118599
- https://bugzilla.suse.com/1121214
- https://bugzilla.suse.com/1176315
- https://www.suse.com/security/cve/CVE-2018-15518
- https://www.suse.com/security/cve/CVE-2018-19869
- https://www.suse.com/security/cve/CVE-2018-19873
- https://www.suse.com/security/cve/CVE-2020-17507
Affected packages
openSUSE:Leap 15.1 / libqt4
Package
- Name
- libqt4
- Purl
- purl:rpm/suse/libqt4&distro=openSUSE%20Leap%2015.1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.8.7-lp151.9.3.1
Ecosystem specific
{
"binaries": [
{
"libqt4-qt3support-32bit": "4.8.7-lp151.9.3.1",
"libqt4-sql-sqlite-32bit": "4.8.7-lp151.9.3.1",
"libqt4-devel-doc-data": "4.8.7-lp151.9.3.1",
"libqt4-x11": "4.8.7-lp151.9.3.1",
"libqt4-sql-sqlite": "4.8.7-lp151.9.3.1",
"libqt4-sql-32bit": "4.8.7-lp151.9.3.1",
"libqt4-devel": "4.8.7-lp151.9.3.1",
"libqt4-sql-unixODBC": "4.8.7-lp151.9.3.1",
"qt4-x11-tools": "4.8.7-lp151.9.3.1",
"libqt4-private-headers-devel": "4.8.7-lp151.9.3.1",
"libqt4": "4.8.7-lp151.9.3.1",
"libqt4-sql-postgresql": "4.8.7-lp151.9.3.1",
"libqt4-devel-32bit": "4.8.7-lp151.9.3.1",
"libqt4-devel-doc": "4.8.7-lp151.9.3.1",
"libqt4-qt3support": "4.8.7-lp151.9.3.1",
"libqt4-x11-32bit": "4.8.7-lp151.9.3.1",
"libqt4-sql": "4.8.7-lp151.9.3.1",
"libqt4-linguist": "4.8.7-lp151.9.3.1",
"libqt4-32bit": "4.8.7-lp151.9.3.1"
}
]
}
openSUSE:Leap 15.1 / libqt4-devel-doc
Package
- Name
- libqt4-devel-doc
- Purl
- purl:rpm/suse/libqt4-devel-doc&distro=openSUSE%20Leap%2015.1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.8.7-lp151.9.3.1
Ecosystem specific
{
"binaries": [
{
"libqt4-qt3support-32bit": "4.8.7-lp151.9.3.1",
"libqt4-sql-sqlite-32bit": "4.8.7-lp151.9.3.1",
"libqt4-devel-doc-data": "4.8.7-lp151.9.3.1",
"libqt4-x11": "4.8.7-lp151.9.3.1",
"libqt4-sql-sqlite": "4.8.7-lp151.9.3.1",
"libqt4-sql-32bit": "4.8.7-lp151.9.3.1",
"libqt4-devel": "4.8.7-lp151.9.3.1",
"libqt4-sql-unixODBC": "4.8.7-lp151.9.3.1",
"qt4-x11-tools": "4.8.7-lp151.9.3.1",
"libqt4-private-headers-devel": "4.8.7-lp151.9.3.1",
"libqt4": "4.8.7-lp151.9.3.1",
"libqt4-sql-postgresql": "4.8.7-lp151.9.3.1",
"libqt4-devel-32bit": "4.8.7-lp151.9.3.1",
"libqt4-devel-doc": "4.8.7-lp151.9.3.1",
"libqt4-qt3support": "4.8.7-lp151.9.3.1",
"libqt4-x11-32bit": "4.8.7-lp151.9.3.1",
"libqt4-sql": "4.8.7-lp151.9.3.1",
"libqt4-linguist": "4.8.7-lp151.9.3.1",
"libqt4-32bit": "4.8.7-lp151.9.3.1"
}
]
}
openSUSE:Leap 15.1 / libqt4-sql-plugins
Package
- Name
- libqt4-sql-plugins
- Purl
- purl:rpm/suse/libqt4-sql-plugins&distro=openSUSE%20Leap%2015.1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.8.7-lp151.9.3.1
Ecosystem specific
{
"binaries": [
{
"libqt4-qt3support-32bit": "4.8.7-lp151.9.3.1",
"libqt4-sql-sqlite-32bit": "4.8.7-lp151.9.3.1",
"libqt4-devel-doc-data": "4.8.7-lp151.9.3.1",
"libqt4-x11": "4.8.7-lp151.9.3.1",
"libqt4-sql-sqlite": "4.8.7-lp151.9.3.1",
"libqt4-sql-32bit": "4.8.7-lp151.9.3.1",
"libqt4-devel": "4.8.7-lp151.9.3.1",
"libqt4-sql-unixODBC": "4.8.7-lp151.9.3.1",
"qt4-x11-tools": "4.8.7-lp151.9.3.1",
"libqt4-private-headers-devel": "4.8.7-lp151.9.3.1",
"libqt4": "4.8.7-lp151.9.3.1",
"libqt4-sql-postgresql": "4.8.7-lp151.9.3.1",
"libqt4-devel-32bit": "4.8.7-lp151.9.3.1",
"libqt4-devel-doc": "4.8.7-lp151.9.3.1",
"libqt4-qt3support": "4.8.7-lp151.9.3.1",
"libqt4-x11-32bit": "4.8.7-lp151.9.3.1",
"libqt4-sql": "4.8.7-lp151.9.3.1",
"libqt4-linguist": "4.8.7-lp151.9.3.1",
"libqt4-32bit": "4.8.7-lp151.9.3.1"
}
]
}