Overview

File _patchinfo of Package patchinfo.14473

<patchinfo incident="14473">
  <issue tracker="cve" id="2018-19873"/>
  <issue tracker="cve" id="2018-19869"/>
  <issue tracker="cve" id="2018-15518"/>
  <issue tracker="bnc" id="1121214">GCC 9: libqt4 build fails</issue>
  <issue tracker="bnc" id="1118599">VUL-1: CVE-2018-19869: libqt5-qtsvg: Fix crash when parsing malformed url reference</issue>
  <issue tracker="bnc" id="1118595">VUL-0: CVE-2018-15518: libqt4 ,libqt5-qtbase: "double free or corruption" in QXmlStreamReader</issue>
  <issue tracker="bnc" id="1118596">VUL-1: CVE-2018-19873: libqt4 ,libqt5-qtbase: QBmpHandler segfault on malformed BMP file</issue>
  <packager>dirkmueller</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for libqt4</summary>
  <description>This update for libqt4 fixes the following issues:

- CVE-2018-15518: Fixed a double free in QXmlStreamReader (bsc#1118595)
- CVE-2018-19873: Fixed a segmantation fault via a malformed 
  BMP file (bsc#1118596).
- CVE-2018-19869: Fixed an improper checking which might lead to
  a crach via a malformed url reference (bsc#1118599).
- Added stricter toplevel asm parsing by dropping volatile 
  qualification that has no effect (bsc#1121214).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places