Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:13.1:Update
patchinfo.3619
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.3619
<patchinfo incident="3619"> <issue id="875470" tracker="bnc">libqt4: NULL pointer dereference flaw in QGIFFormat::fillRect</issue> <issue id="883374" tracker="bnc">kdelibs4: KMail/KIO POP3 SSL MITM Flaw (CVE-2014-3494)</issue> <issue id="902670" tracker="bnc">quassel: out-of-bounds read on a heap-allocated array</issue> <issue id="905742" tracker="bnc">kdebase3,kdebase4-runtime: Insufficient Input Validation By IO Slaves and Webkit Part</issue> <issue id="921999" tracker="bnc">libqt4,qt: division by zero when processing malformed BMP files</issue> <issue id="CVE-2014-0190" tracker="cve" /> <issue id="CVE-2014-8483" tracker="cve" /> <issue id="CVE-2014-3494" tracker="cve" /> <issue id="CVE-2014-8600" tracker="cve" /> <issue id="CVE-2015-0295" tracker="cve" /> <category>security</category> <rating>moderate</rating> <packager>sumski</packager> <description>KDE and QT were updated to fix security issues and bugs. The following vulerabilities were fixed: * CVE-2014-0190: Malformed GIF files could have crashed QT based applications * CVE-2015-0295: Malformed BMP files could have crashed QT based applications * CVE-2014-8600: Multiple cross-site scripting (XSS) vulnerabilities in the KDE runtime could have allowed remote attackers to insert arbitrary web script or HTML via crafted URIs using one of several supported URL schemes * CVE-2014-8483: A missing size check in the Blowfish ECB could have lead to a crash of Konversation or 11 byte information leak * CVE-2014-3494: The KMail POP3 kioslave accepted invalid certifiates and allowed a man-in-the-middle (MITM) attack Additionally, Konversation was updated to 1.5.1 to fix bugs. </description> <summary>Security update for kdebase4-runtime, kdelibs4, konversation, kwebkitpart, libqt4</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor