Advisories » MGASA-2020-0192

Updated qtbase5 packages fix security vulnerability

Publication date: 05 May 2020
Modification date: 05 May 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2015-9541

Description

Updated qtbase5 packages fix security vulnerability:

An XML Entity Expansion flaw was found in the QT library. Applications that
use QT to load untrusted images, for example, SVG images, or untrusted XML
documents, may be vulnerable to this flaw. This flaw allows an attacker to
cause a denial of service (CVE-2015-9541).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=26554
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/2PT6327C64Q4RBFRWUSBKCG7SVGBWU5W/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9541

SRPMS

7/core

• qtbase5-5.12.6-3.mga7