Overview

File _patchinfo of Package patchinfo.10740

<patchinfo incident="10740">
  <issue tracker="bnc" id="1161167">VUL-0: CVE-2020-0569: libqt5-qtbase: QPluginLoader looks at the CWD</issue>
  <issue tracker="bnc" id="1130246">VUL-1: CVE-2018-19872: libqt5-qtbase: An issue was discovered in Qt 5.11. A malformed PPM image causes a division by zero and a crash in qppmhandler.cpp.</issue>
  <issue tracker="bnc" id="1118597">VUL-1: CVE-2018-19870: libqt5-qtbase: Check for QImage allocation failure in qgifhandler</issue>
  <issue tracker="cve" id="2018-19870"/>
  <issue tracker="cve" id="2018-19872"/>
  <issue tracker="cve" id="2020-0569"/>
  <category>security</category>
  <rating>important</rating>
  <packager>mlin7442</packager>
  <description>This update for libqt5-qtbase fixes the following issue:
	  
Security issues fixed:	  

- CVE-2020-0569: Fixed a potential local code execution by loading plugins from CWD (bsc#1161167).
- CVE-2018-19870: Fixed an improper check in QImage allocation which could allow Denial of Service
  when opening crafted gif files (bsc#1118597).
- CVE-2018-19872: Fixed an issue which could allow a division by zero leading to crash (bsc#1130246).

Other issue addressed: 

- Fixed an issue with rendering animated gifs (QTBUG-55141).
</description>
  <summary>Security update for libqt5-qtbase</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places