Advisories ยป MGASA-2014-0241

Updated qt4 and qtbase5 packages fix security vulnerability

Publication date: 29 May 2014
Type: security
Affected Mageia releases : 4
CVE: CVE-2014-0190

Description

A NULL pointer dereference flaw was found in QGIFFormat::fillRect in QtGui.
If an application using the qt-x11 libraries opened a malicious GIF file with
invalid width and height values, it could cause the application to crash
(CVE-2014-0190).

Qt4 has been patched to correct this flaw and has been updated to version
4.8.6, which fixes several other bugs.

Qtbase5 has also been patched to correct this flaw.
                

References

SRPMS

4/core