Advisories ยป MGASA-2020-0204

Updated qt4 packages fix security vulnerabilities

Publication date: 08 May 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2018-15518 , CVE-2018-19869 , CVE-2018-19870 , CVE-2018-19871 , CVE-2018-19873


Updated qt4 packages fix security vulnerabilities:

A double-free or corruption during parsing of a specially crafted illegal
XML document (CVE-2018-15518).

A malformed SVG image could cause a segmentation fault in qsvghandler.cpp

A malformed GIF image might have caused a NULL pointer dereference in
QGifHandler resulting in a segmentation fault (CVE-2018-19870).

There was an uncontrolled resource consumption in QTgaFile (CVE-2018-19871).

QBmpHandler had a buffer overflow via BMP data (CVE-2018-19873).