Advisories » MGASA-2014-0115

Updated qt5 packages fix security vulnerability.

Publication date: 03 Mar 2014
Modification date: 03 Mar 2014
Type: security
Affected Mageia releases : 3
CVE: CVE-2013-4549

Description

It was discovered that QXmlSimpleReader in Qt incorrectly handled XML
entity expansion. An attacker could use this flaw to cause Qt applications
to consume large amounts of resources, resulting in a denial of service
(CVE-2013-4549)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=12178
• http://lists.qt-project.org/pipermail/announce/2013-December/000036.html
• http://www.ubuntu.com/usn/usn-2057-1/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4549

SRPMS

3/core

• qtbase5-5.0.2-1.1.mga3