Advisories » MGASA-2018-0284

Updated qt3 packages fix security vulnerability

Publication date: 14 Jun 2018
Modification date: 14 Jun 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2016-10040

Description

Updated qt3 packages fix security vulnerability:

A stack overflow flaw was found in the way Qt parsed XML input with several
nested opening tags. An application using Qt's QXmlSimpleReader to parse
specially crafted XML input could crash (CVE-2016-10040).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=23166
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/MMPQK37WEHT2KHWYTH4WNIAWNFKBUZ3P/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10040

SRPMS

6/core

• qt3-3.3.8b-42.1.mga6