Advisories ยป MGASA-2014-0240

Updated qt4 packages fix security vulnerability

Publication date: 29 May 2014
Modification date: 29 May 2014
Type: security
Affected Mageia releases : 3
CVE: CVE-2014-0190

Description

A NULL pointer dereference flaw was found in QGIFFormat::fillRect in QtGui.
If an application using the qt-x11 libraries opened a malicious GIF file with
invalid width and height values, it could cause the application to crash
(CVE-2014-0190).

Qt4 has been patched to correct this flaw and has been updated to version
4.8.6, which fixes several other bugs.
                

References

SRPMS

3/core