Security update for libqt5-qtbase
This update for libqt5-qtbase fixes the following issues:
- CVE-2020-17507: Fixed a buffer overflow in XBM parser (bsc#1176315)
- Fixed various issues discovered by fuzzing:
- Made handling of XDG_RUNTIME_DIR more secure (bsc#1172515):
This update was imported from the SUSE:SLE-15-SP2:Update update project.
-
Submitted by
Fabian Vogt (favogt)
Fixed bugs
bnc#1176315
VUL-0: CVE-2020-17507: libqt4,libqt5-qtbase: buffer over-read in read_xbm_body in gui/image/qxbmhandler.cpp
bnc#1172515
VUL-0: libqt5-qtbase: fallback to /tmp/runtime-$USER if XDG_RUNTIME_DIR is not set is unsafe
