Updated qt4 packages fix security vulnerability
Publication date: 29 May 2014Modification date: 29 May 2014
Type: security
Affected Mageia releases : 3
CVE: CVE-2014-0190
Description
A NULL pointer dereference flaw was found in QGIFFormat::fillRect in QtGui. If an application using the qt-x11 libraries opened a malicious GIF file with invalid width and height values, it could cause the application to crash (CVE-2014-0190). Qt4 has been patched to correct this flaw and has been updated to version 4.8.6, which fixes several other bugs.
References
- https://bugs.mageia.org/show_bug.cgi?id=13276
- http://lists.qt-project.org/pipermail/announce/2014-April/000045.html
- http://blog.qt.digia.com/blog/2014/04/24/qt-4-8-6-released/
- https://lists.fedoraproject.org/pipermail/package-announce/2014-May/132395.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0190
SRPMS
3/core
- qt4-4.8.6-1.mga3