DATABASE RESOURCES PRICING ABOUT US

{"id": "CVE-2018-19871", "vendorId": null, "type": "cve", "bulletinFamily": "NVD", "title": "CVE-2018-19871", "description": "An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.", "published": "2018-12-26T21:29:00", "modified": "2020-09-28T09:15:00", "epss": [{"cve": "CVE-2018-19871", "epss": 0.00328, "percentile": 0.6679, "modified": "2023-06-23"}], "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3}, "severity": "MEDIUM", "exploitabilityScore": 8.6, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}, "cvss3": {"cvssV3": {"version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM"}, "exploitabilityScore": 2.8, "impactScore": 3.6}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-19871", "reporter": "cve@mitre.org", "references": ["https://codereview.qt-project.org/#/c/237761/", "https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/", "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00002.html", "https://lists.debian.org/debian-lts-announce/2019/05/msg00014.html", "https://access.redhat.com/errata/RHSA-2019:2135", "https://lists.debian.org/debian-lts-announce/2020/09/msg00023.html"], "cvelist": ["CVE-2018-19871"], "immutableFields": [], "lastseen": "2023-06-23T14:48:37", "viewCount": 210, "enchantments": {"dependencies": {"references": [{"type": "almalinux", "idList": ["ALSA-2020:1665"]}, {"type": "altlinux", "idList": ["F7608B5E5BB40B0923ADC5561FFEC8C5"]}, {"type": "amazon", "idList": ["ALAS2-2020-1458"]}, {"type": "centos", "idList": ["CESA-2019:2135", "CESA-2020:1172"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1786-1:57AFC", "DEBIAN:DLA-1786-1:E10CC", "DEBIAN:DLA-2377-1:093E0"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2018-19871"]}, {"type": "f5", "idList": ["F5:K08037765", "F5:K42941419"]}, {"type": "fedora", "idList": ["FEDORA:07B9D62EF550", "FEDORA:07C0062F0D09", "FEDORA:1E12462E5266", "FEDORA:2210262E5266", "FEDORA:22A6962F0D2C", "FEDORA:3B35C62E2398", "FEDORA:3F03B62E4679", "FEDORA:4317D62E2398", "FEDORA:54A1762E5266", "FEDORA:5662C62E4679", "FEDORA:6FAE062E5288", "FEDORA:70BD062E4679", "FEDORA:88DE562EF550", "FEDORA:8D40F62E467E", "FEDORA:A32B862EF568", "FEDORA:A53B062E4679", "FEDORA:A713A62E5292", "FEDORA:BED7562E467E", "FEDORA:C24EA62F0D01", "FEDORA:C2AB262E2398", "FEDORA:DF56F62E5288", "FEDORA:E0C5D62E2398"]}, {"type": "mageia", "idList": ["MGASA-2020-0204"]}, {"type": "nessus", "idList": ["AL2_ALAS-2020-1458.NASL", "ALMA_LINUX_ALSA-2020-1665.NASL", "CENTOS8_RHSA-2020-1665.NASL", "CENTOS_RHSA-2019-2135.NASL", "CENTOS_RHSA-2020-1172.NASL", "DEBIAN_DLA-1786.NASL", "DEBIAN_DLA-2377.NASL", "EULEROS_SA-2019-2186.NASL", "EULEROS_SA-2019-2301.NASL", "EULEROS_SA-2019-2381.NASL", "EULEROS_SA-2019-2656.NASL", "FEDORA_2019-3C45BD2CC3.NASL", "NEWSTART_CGSL_NS-SA-2020-0040_QT5-QTIMAGEFORMATS.NASL", "NEWSTART_CGSL_NS-SA-2020-0062_QT.NASL", "NEWSTART_CGSL_NS-SA-2020-0092_QT.NASL", "NEWSTART_CGSL_NS-SA-2020-0099_QT5-QTIMAGEFORMATS.NASL", "NEWSTART_CGSL_NS-SA-2023-0011_QT5-QTSERIALPORT.NASL", "NEWSTART_CGSL_NS-SA-2023-0014_QT5-QTTRANSLATIONS.NASL", "NEWSTART_CGSL_NS-SA-2023-0018_QT5-QTDOC.NASL", "NEWSTART_CGSL_NS-SA-2023-0020_QT5-QTXMLPATTERNS.NASL", "NEWSTART_CGSL_NS-SA-2023-0023_QT5-QTX11EXTRAS.NASL", "OPENSUSE-2019-1115.NASL", "REDHAT-RHSA-2019-2135.NASL", "REDHAT-RHSA-2020-1172.NASL", "REDHAT-RHSA-2020-1665.NASL", "SL_20190806_QT5_ON_SL7_X.NASL", "SL_20200407_QT_ON_SL7_X.NASL", "SUSE_SU-2019-0705-1.NASL", "SUSE_SU-2020-2923-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310852364", "OPENVAS:1361412562310875598", "OPENVAS:1361412562310875611", "OPENVAS:1361412562310875631", "OPENVAS:1361412562310875722", "OPENVAS:1361412562310875725", "OPENVAS:1361412562310875765", "OPENVAS:1361412562310875800", "OPENVAS:1361412562310875803", "OPENVAS:1361412562310875813", "OPENVAS:1361412562310875838", "OPENVAS:1361412562310875857", "OPENVAS:1361412562310875996", "OPENVAS:1361412562310876022", "OPENVAS:1361412562310876024", "OPENVAS:1361412562310876085", "OPENVAS:1361412562310876109", "OPENVAS:1361412562310876122", "OPENVAS:1361412562310876127", "OPENVAS:1361412562310876196", "OPENVAS:1361412562310876242", "OPENVAS:1361412562310876288", "OPENVAS:1361412562310876308", "OPENVAS:1361412562310891786", "OPENVAS:1361412562311220192186", "OPENVAS:1361412562311220192301", "OPENVAS:1361412562311220192381", "OPENVAS:1361412562311220192656"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-2135", "ELSA-2020-1172", "ELSA-2020-1665"]}, {"type": "osv", "idList": ["OSV:DLA-1786-1", "OSV:DLA-2377-1"]}, {"type": "qt", "idList": ["QT:CE083167141AA39DA6CB0209418EA74D"]}, {"type": "redhat", "idList": ["RHSA-2019:2135", "RHSA-2020:1172", "RHSA-2020:1665"]}, {"type": "redhatcve", "idList": ["RH:CVE-2018-19871"]}, {"type": "rocky", "idList": ["RLSA-2020:1665"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:1115-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2018-19871"]}]}, "score": {"value": 2.3, "vector": "NONE"}, "backreferences": {"references": [{"type": "almalinux", "idList": ["ALSA-2020:1665"]}, {"type": "amazon", "idList": ["ALAS2-2020-1458"]}, {"type": "centos", "idList": ["CESA-2019:2135"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1786-1:57AFC"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2018-19871"]}, {"type": "f5", "idList": ["F5:K42941419"]}, {"type": "fedora", "idList": ["FEDORA:07B9D62EF550", "FEDORA:07C0062F0D09", "FEDORA:1E12462E5266", "FEDORA:2210262E5266", "FEDORA:22A6962F0D2C", "FEDORA:3B35C62E2398", "FEDORA:3F03B62E4679", "FEDORA:4317D62E2398", "FEDORA:54A1762E5266", "FEDORA:5662C62E4679", "FEDORA:6FAE062E5288", "FEDORA:70BD062E4679", "FEDORA:88DE562EF550", "FEDORA:8D40F62E467E", "FEDORA:A32B862EF568", "FEDORA:A53B062E4679", "FEDORA:A713A62E5292", "FEDORA:BED7562E467E", "FEDORA:C24EA62F0D01", "FEDORA:C2AB262E2398", "FEDORA:DF56F62E5288", "FEDORA:E0C5D62E2398"]}, {"type": "nessus", "idList": ["FEDORA_2019-3C45BD2CC3.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310852364", "OPENVAS:1361412562310875598", "OPENVAS:1361412562310875611", "OPENVAS:1361412562310875631", "OPENVAS:1361412562310875722", "OPENVAS:1361412562310875725", "OPENVAS:1361412562310875765", "OPENVAS:1361412562310875800", "OPENVAS:1361412562310875803", "OPENVAS:1361412562310875813", "OPENVAS:1361412562310875838", "OPENVAS:1361412562310875857", "OPENVAS:1361412562310875996", "OPENVAS:1361412562310876022", "OPENVAS:1361412562310876024", "OPENVAS:1361412562310876085", "OPENVAS:1361412562310876109", "OPENVAS:1361412562310876122", "OPENVAS:1361412562310876127", "OPENVAS:1361412562310876196", "OPENVAS:1361412562310876242", "OPENVAS:1361412562310876288", "OPENVAS:1361412562310876308", "OPENVAS:1361412562310891786"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-2135"]}, {"type": "qt", "idList": ["QT:CE083167141AA39DA6CB0209418EA74D"]}, {"type": "redhat", "idList": ["RHSA-2020:1665"]}, {"type": "redhatcve", "idList": ["RH:CVE-2018-19871"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:1115-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2018-19871"]}]}, "exploitation": null, "affected_software": {"major_version": [{"name": "qt", "version": 5}, {"name": "opensuse leap", "version": 15}]}, "epss": [{"cve": "CVE-2018-19871", "epss": 0.00328, "percentile": 0.66536, "modified": "2023-05-06"}], "vulnersScore": 2.3}, "_state": {"dependencies": 1687532678, "score": 1687531799, "affected_software_major_version": 0, "epss": 0}, "_internal": {"score_hash": "83f3c896d5f31254bfd323c471960f71"}, "cna_cvss": {"cna": null, "cvss": {}}, "cpe": ["cpe:/o:opensuse:leap:15.0"], "cpe23": ["cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"], "cwe": ["CWE-400"], "affectedSoftware": [{"cpeName": "qt:qt", "version": "5.11.3", "operator": "lt", "name": "qt"}, {"cpeName": "opensuse:leap", "version": "15.0", "operator": "eq", "name": "opensuse leap"}], "affectedConfiguration": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:a:qt:qt:5.11.3:*:*:*:*:*:*:*", "versionEndExcluding": "5.11.3", "cpe_name": []}]}, {"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "cpe_name": []}]}]}, "extraReferences": [{"url": "https://codereview.qt-project.org/#/c/237761/", "name": "https://codereview.qt-project.org/#/c/237761/", "refsource": "CONFIRM", "tags": ["Issue Tracking", "Patch", "Vendor Advisory"]}, {"url": "https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/", "name": "https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/", "refsource": "CONFIRM", "tags": ["Release Notes", "Vendor Advisory"]}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00002.html", "name": "openSUSE-SU-2019:1115", "refsource": "SUSE", "tags": ["Third Party Advisory"]}, {"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00014.html", "name": "[debian-lts-announce] 20190514 [SECURITY] [DLA 1786-1] qt4-x11 security update", "refsource": "MLIST", "tags": []}, {"url": "https://access.redhat.com/errata/RHSA-2019:2135", "name": "RHSA-2019:2135", "refsource": "REDHAT", "tags": []}, {"url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00023.html", "name": "[debian-lts-announce] 20200928 [SECURITY] [DLA 2377-1] qt4-x11 security update", "refsource": "MLIST", "tags": []}], "product_info": [{"vendor": "Opensuse", "product": "Leap"}, {"vendor": "Qt", "product": "Qt"}], "solutions": [], "workarounds": [], "impacts": [], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "exploits": [], "assigned": "1976-01-01T00:00:00"}

{"openvas": [{"lastseen": "2020-01-27T18:37:43", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for qt (EulerOS-SA-2019-2186)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19871"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192186", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192186", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2186\");\n script_version(\"2020-01-23T12:37:44+0000\");\n script_cve_id(\"CVE-2018-19871\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:37:44 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:37:44 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for qt (EulerOS-SA-2019-2186)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2186\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2186\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'qt' package(s) announced via the EulerOS-SA-2019-2186 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.(CVE-2018-19871)\");\n\n script_tag(name:\"affected\", value:\"'qt' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"qt\", rpm:\"qt~4.8.7~2.h5.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"qt-devel\", rpm:\"qt-devel~4.8.7~2.h5.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"qt-mysql\", rpm:\"qt-mysql~4.8.7~2.h5.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"qt-odbc\", rpm:\"qt-odbc~4.8.7~2.h5.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"qt-postgresql\", rpm:\"qt-postgresql~4.8.7~2.h5.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"qt-x11\", rpm:\"qt-x11~4.8.7~2.h5.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-27T18:40:02", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for qt (EulerOS-SA-2019-2301)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19871"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192301", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192301", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2301\");\n script_version(\"2020-01-23T12:45:54+0000\");\n script_cve_id(\"CVE-2018-19871\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:45:54 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:45:54 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for qt (EulerOS-SA-2019-2301)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP8\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2301\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2301\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'qt' package(s) announced via the EulerOS-SA-2019-2301 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.(CVE-2018-19871)\");\n\n script_tag(name:\"affected\", value:\"'qt' package(s) on Huawei EulerOS V2.0SP8.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP8\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"qt\", rpm:\"qt~4.8.7~42.h5.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"qt-common\", rpm:\"qt-common~4.8.7~42.h5.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"qt-devel\", rpm:\"qt-devel~4.8.7~42.h5.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"qt-mysql\", rpm:\"qt-mysql~4.8.7~42.h5.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"qt-odbc\", rpm:\"qt-odbc~4.8.7~42.h5.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"qt-x11\", rpm:\"qt-x11~4.8.7~42.h5.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-31T16:48:38", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-04-03T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for libqt5-qtimageformats (openSUSE-SU-2019:1115-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19871"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852364", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852364", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852364\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2018-19871\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-04-03 06:41:35 +0000 (Wed, 03 Apr 2019)\");\n script_name(\"openSUSE: Security Advisory for libqt5-qtimageformats (openSUSE-SU-2019:1115-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:1115-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-04/msg00002.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libqt5-qtimageformats'\n package(s) announced via the openSUSE-SU-2019:1115-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for libqt5-qtimageformats fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2018-19871: Fixed CPU exhaustion in QTgaFile (bsc#1118598)\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-1115=1\");\n\n script_tag(name:\"affected\", value:\"'libqt5-qtimageformats' package(s) on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libqt5-qtimageformats\", rpm:\"libqt5-qtimageformats~5.9.4~lp150.2.3.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libqt5-qtimageformats-debuginfo\", rpm:\"libqt5-qtimageformats-debuginfo~5.9.4~lp150.2.3.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libqt5-qtimageformats-debugsource\", rpm:\"libqt5-qtimageformats-debugsource~5.9.4~lp150.2.3.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libqt5-qtimageformats-devel\", rpm:\"libqt5-qtimageformats-devel~5.9.4~lp150.2.3.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libqt5-qtimageformats-32bit\", rpm:\"libqt5-qtimageformats-32bit~5.9.4~lp150.2.3.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libqt5-qtimageformats-32bit-debuginfo\", rpm:\"libqt5-qtimageformats-32bit-debuginfo~5.9.4~lp150.2.3.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:32:15", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for mingw-qt5-qtscript FEDORA-2019-3c45bd2cc3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15518", "CVE-2018-19873", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19869"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310876109", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876109", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876109\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-15518\", \"CVE-2018-19870\", \"CVE-2018-19873\", \"CVE-2018-19869\", \"CVE-2018-19871\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:34:55 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for mingw-qt5-qtscript FEDORA-2019-3c45bd2cc3\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-3c45bd2cc3\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A74BMSIPOK7REAKE7SMPOITKJRCGZRCK\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mingw-qt5-qtscript'\n package(s) announced via the FEDORA-2019-3c45bd2cc3 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This package contains the Qt software toolkit for developing\ncross-platform applications.\n\nThis is the Windows version of Qt, for use in conjunction with the\nFedora Windows cross-compiler.\");\n\n script_tag(name:\"affected\", value:\"'mingw-qt5-qtscript' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"mingw-qt5-qtscript\", rpm:\"mingw-qt5-qtscript~5.11.3~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:18", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for mingw-qt5-qtbase FEDORA-2019-3c45bd2cc3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15518", "CVE-2018-19873", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19869"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310875813", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875813", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875813\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-15518\", \"CVE-2018-19870\", \"CVE-2018-19873\", \"CVE-2018-19869\", \"CVE-2018-19871\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:22:05 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for mingw-qt5-qtbase FEDORA-2019-3c45bd2cc3\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-3c45bd2cc3\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LYVHBTI6QIIQFFV3CJI3LLKUV5XFE3AF\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mingw-qt5-qtbase'\n package(s) announced via the FEDORA-2019-3c45bd2cc3 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This package contains the Qt software toolkit for developing\ncross-platform applications.\n\nThis is the Windows version of Qt, for use in conjunction with the\nFedora Windows cross-compiler.\");\n\n script_tag(name:\"affected\", value:\"'mingw-qt5-qtbase' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"mingw-qt5-qtbase\", rpm:\"mingw-qt5-qtbase~5.11.3~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:16", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for mingw-qt5-qtdeclarative FEDORA-2019-3c45bd2cc3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15518", "CVE-2018-19873", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19869"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310876024", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876024", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876024\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-15518\", \"CVE-2018-19870\", \"CVE-2018-19873\", \"CVE-2018-19869\", \"CVE-2018-19871\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:32:01 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for mingw-qt5-qtdeclarative FEDORA-2019-3c45bd2cc3\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-3c45bd2cc3\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZEY5CKDHK2YEGIBAKVS7SOC3BQ5BDUU7\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mingw-qt5-qtdeclarative'\n package(s) announced via the FEDORA-2019-3c45bd2cc3 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This package contains the Qt software toolkit for developing\ncross-platform applications.\n\nThis is the Windows version of Qt, for use in conjunction with the\nFedora Windows cross-compiler.\");\n\n script_tag(name:\"affected\", value:\"'mingw-qt5-qtdeclarative' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"mingw-qt5-qtdeclarative\", rpm:\"mingw-qt5-qtdeclarative~5.11.3~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:16", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for mingw-sip FEDORA-2019-3c45bd2cc3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15518", "CVE-2018-19873", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19869"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310875857", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875857", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875857\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-15518\", \"CVE-2018-19870\", \"CVE-2018-19873\", \"CVE-2018-19869\", \"CVE-2018-19871\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:24:19 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for mingw-sip FEDORA-2019-3c45bd2cc3\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-3c45bd2cc3\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5AUIEMGSNFCFZFGP5QTOJIHCZ7MCTWEN\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mingw-sip'\n package(s) announced via the FEDORA-2019-3c45bd2cc3 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"MinGW Windows SIP.\");\n\n script_tag(name:\"affected\", value:\"'mingw-sip' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"mingw-sip\", rpm:\"mingw-sip~4.19.13~2.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:15", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for mingw-qt5-qtgraphicaleffects FEDORA-2019-3c45bd2cc3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15518", "CVE-2018-19873", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19869"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310876122", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876122", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876122\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-15518\", \"CVE-2018-19870\", \"CVE-2018-19873\", \"CVE-2018-19869\", \"CVE-2018-19871\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:35:22 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for mingw-qt5-qtgraphicaleffects FEDORA-2019-3c45bd2cc3\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-3c45bd2cc3\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S27S7DX65NBDHK7BHH34ZKHGDZQLG2ZA\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mingw-qt5-qtgraphicaleffects'\n package(s) announced via the FEDORA-2019-3c45bd2cc3 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This package contains the Qt software toolkit for developing\ncross-platform applications.\n\nThis is the Windows version of Qt, for use in conjunction with the\nFedora Windows cross-compiler.\");\n\n script_tag(name:\"affected\", value:\"'mingw-qt5-qtgraphicaleffects' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"mingw-qt5-qtgraphicaleffects\", rpm:\"mingw-qt5-qtgraphicaleffects~5.11.3~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:14", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for mingw-qt5-qtwinextras FEDORA-2019-3c45bd2cc3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15518", "CVE-2018-19873", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19869"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310876022", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876022", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876022\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-15518\", \"CVE-2018-19870\", \"CVE-2018-19873\", \"CVE-2018-19869\", \"CVE-2018-19871\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:31:56 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for mingw-qt5-qtwinextras FEDORA-2019-3c45bd2cc3\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-3c45bd2cc3\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7NRQMNWK6ZQ2IDYHDHB5QUJLTNQ6CXW2\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mingw-qt5-qtwinextras'\n package(s) announced via the FEDORA-2019-3c45bd2cc3 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This package contains the Qt software toolkit for developing\ncross-platform applications.\n\nThis is the Windows version of Qt, for use in conjunction with the\nFedora Windows cross-compiler.\");\n\n script_tag(name:\"affected\", value:\"'mingw-qt5-qtwinextras' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"mingw-qt5-qtwinextras\", rpm:\"mingw-qt5-qtwinextras~5.11.3~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:19", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for mingw-qt5-qtmultimedia FEDORA-2019-3c45bd2cc3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15518", "CVE-2018-19873", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19869"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310876308", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876308", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876308\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-15518\", \"CVE-2018-19870\", \"CVE-2018-19873\", \"CVE-2018-19869\", \"CVE-2018-19871\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:43:48 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for mingw-qt5-qtmultimedia FEDORA-2019-3c45bd2cc3\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-3c45bd2cc3\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4J6CJEHDHQKOJEMGDX7HZV44TWSSHNCY\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mingw-qt5-qtmultimedia'\n package(s) announced via the FEDORA-2019-3c45bd2cc3 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This package contains the Qt software toolkit for developing\ncross-platform applications.\n\nThis is the Windows version of Qt, for use in conjunction with the\nFedora Windows cross-compiler.\");\n\n script_tag(name:\"affected\", value:\"'mingw-qt5-qtmultimedia' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"mingw-qt5-qtmultimedia\", rpm:\"mingw-qt5-qtmultimedia~5.11.3~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:16", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for mingw-qt5-qtxmlpatterns FEDORA-2019-3c45bd2cc3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15518", "CVE-2018-19873", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19869"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310875838", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875838", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875838\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-15518\", \"CVE-2018-19870\", \"CVE-2018-19873\", \"CVE-2018-19869\", \"CVE-2018-19871\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:23:31 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for mingw-qt5-qtxmlpatterns FEDORA-2019-3c45bd2cc3\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-3c45bd2cc3\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVLG5EXO47TO5JNHH5HDDJI4HHZBA7P\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mingw-qt5-qtxmlpatterns'\n package(s) announced via the FEDORA-2019-3c45bd2cc3 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This package contains the Qt software toolkit for developing\ncross-platform applications.\n\nThis is the Windows version of Qt, for use in conjunction with the\nFedora Windows cross-compiler.\");\n\n script_tag(name:\"affected\", value:\"'mingw-qt5-qtxmlpatterns' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"mingw-qt5-qtxmlpatterns\", rpm:\"mingw-qt5-qtxmlpatterns~5.11.3~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:13", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for mingw-qt5-qtwebkit FEDORA-2019-3c45bd2cc3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15518", "CVE-2018-19873", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19869"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310875722", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875722", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875722\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-15518\", \"CVE-2018-19870\", \"CVE-2018-19873\", \"CVE-2018-19869\", \"CVE-2018-19871\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:17:32 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for mingw-qt5-qtwebkit FEDORA-2019-3c45bd2cc3\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-3c45bd2cc3\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6ODZU4O222HJRJ54TNUE5LXWIEUCNRTG\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mingw-qt5-qtwebkit'\n package(s) announced via the FEDORA-2019-3c45bd2cc3 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This package contains the Qt software toolkit for developing\ncross-platform applications.\n\nThis is the Windows version of Qt, for use in conjunction with the\nFedora Windows cross-compiler.\");\n\n script_tag(name:\"affected\", value:\"'mingw-qt5-qtwebkit' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"mingw-qt5-qtwebkit\", rpm:\"mingw-qt5-qtwebkit~5.9.4~0.8.gitbd0657f.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:17", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for mingw-qt5-qtactiveqt FEDORA-2019-3c45bd2cc3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15518", "CVE-2018-19873", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19869"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310875765", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875765", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875765\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-15518\", \"CVE-2018-19870\", \"CVE-2018-19873\", \"CVE-2018-19869\", \"CVE-2018-19871\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:19:45 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for mingw-qt5-qtactiveqt FEDORA-2019-3c45bd2cc3\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-3c45bd2cc3\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q7FC6CNTIJRSYRISEUSD532EW2QKPQ4L\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mingw-qt5-qtactiveqt'\n package(s) announced via the FEDORA-2019-3c45bd2cc3 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This package contains the Qt software toolkit for developing\ncross-platform applications.\n\nThis is the Windows version of Qt, for use in conjunction with the\nFedora Windows cross-compiler.\");\n\n script_tag(name:\"affected\", value:\"'mingw-qt5-qtactiveqt' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"mingw-qt5-qtactiveqt\", rpm:\"mingw-qt5-qtactiveqt~5.11.3~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:15", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for mingw-qt5-qtimageformats FEDORA-2019-3c45bd2cc3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15518", "CVE-2018-19873", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19869"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310876242", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876242", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876242\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-15518\", \"CVE-2018-19870\", \"CVE-2018-19873\", \"CVE-2018-19869\", \"CVE-2018-19871\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:40:24 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for mingw-qt5-qtimageformats FEDORA-2019-3c45bd2cc3\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-3c45bd2cc3\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MHLFIOJNE4XV5SKENVWV7L4F76XCMFEG\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mingw-qt5-qtimageformats'\n package(s) announced via the FEDORA-2019-3c45bd2cc3 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This package contains the Qt software toolkit for developing\ncross-platform applications.\n\nThis is the Windows version of Qt, for use in conjunction with the\nFedora Windows cross-compiler.\");\n\n script_tag(name:\"affected\", value:\"'mingw-qt5-qtimageformats' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"mingw-qt5-qtimageformats\", rpm:\"mingw-qt5-qtimageformats~5.11.3~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:14", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for mingw-qt5-qtsvg FEDORA-2019-3c45bd2cc3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15518", "CVE-2018-19873", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19869"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310876196", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876196", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876196\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-15518\", \"CVE-2018-19870\", \"CVE-2018-19873\", \"CVE-2018-19869\", \"CVE-2018-19871\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:38:42 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for mingw-qt5-qtsvg FEDORA-2019-3c45bd2cc3\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-3c45bd2cc3\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E3SJOXZU3MPWTHQXF3PAMABF4HLIDAGM\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mingw-qt5-qtsvg'\n package(s) announced via the FEDORA-2019-3c45bd2cc3 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This package contains the Qt software toolkit for developing\ncross-platform applications.\n\nThis is the Windows version of Qt, for use in conjunction with the\nFedora Windows cross-compiler.\");\n\n script_tag(name:\"affected\", value:\"'mingw-qt5-qtsvg' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"mingw-qt5-qtsvg\", rpm:\"mingw-qt5-qtsvg~5.11.3~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:17", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for mingw-qt5-qttranslations FEDORA-2019-3c45bd2cc3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15518", "CVE-2018-19873", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19869"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310875800", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875800", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875800\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-15518\", \"CVE-2018-19870\", \"CVE-2018-19873\", \"CVE-2018-19869\", \"CVE-2018-19871\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:21:16 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for mingw-qt5-qttranslations FEDORA-2019-3c45bd2cc3\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-3c45bd2cc3\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KVKXXMUTCFBLR34SELGU2EE4ZLW6PQ5N\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mingw-qt5-qttranslations'\n package(s) announced via the FEDORA-2019-3c45bd2cc3 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This package contains the Qt software toolkit for developing\ncross-platform applications.\n\nThis is the Windows version of Qt, for use in conjunction with the\nFedora Windows cross-compiler.\");\n\n script_tag(name:\"affected\", value:\"'mingw-qt5-qttranslations' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"mingw-qt5-qttranslations\", rpm:\"mingw-qt5-qttranslations~5.11.3~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:15", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for mingw-qt5-qt3d FEDORA-2019-3c45bd2cc3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15518", "CVE-2018-19873", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19869"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310875598", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875598", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875598\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-15518\", \"CVE-2018-19870\", \"CVE-2018-19873\", \"CVE-2018-19869\", \"CVE-2018-19871\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:11:33 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for mingw-qt5-qt3d FEDORA-2019-3c45bd2cc3\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-3c45bd2cc3\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AEBSCWYSSBVIJJP26XYJSNJVMBURIAUM\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mingw-qt5-qt3d'\n package(s) announced via the FEDORA-2019-3c45bd2cc3 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This package contains the Qt software toolkit for developing\ncross-platform applications.\n\nThis is the Windows version of Qt, for use in conjunction with the\nFedora Windows cross-compiler.\");\n\n script_tag(name:\"affected\", value:\"'mingw-qt5-qt3d' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"mingw-qt5-qt3d\", rpm:\"mingw-qt5-qt3d~5.11.3~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:13", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for mingw-qt5-qttools FEDORA-2019-3c45bd2cc3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15518", "CVE-2018-19873", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19869"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310876085", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876085", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876085\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-15518\", \"CVE-2018-19870\", \"CVE-2018-19873\", \"CVE-2018-19869\", \"CVE-2018-19871\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:33:58 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for mingw-qt5-qttools FEDORA-2019-3c45bd2cc3\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-3c45bd2cc3\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7Z4ZXBVUA5I4DOGYOQL47KHTWTSKT4VU\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mingw-qt5-qttools'\n package(s) announced via the FEDORA-2019-3c45bd2cc3 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This package contains the Qt software toolkit for developing\ncross-platform applications.\n\nThis is the Windows version of Qt, for use in conjunction with the\nFedora Windows cross-compiler.\");\n\n script_tag(name:\"affected\", value:\"'mingw-qt5-qttools' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"mingw-qt5-qttools\", rpm:\"mingw-qt5-qttools~5.11.3~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-29T19:28:43", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-15T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for qt4-x11 (DLA-1786-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15518", "CVE-2018-19873", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19869"], "modified": "2020-01-29T00:00:00", "id": "OPENVAS:1361412562310891786", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891786", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891786\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2018-15518\", \"CVE-2018-19869\", \"CVE-2018-19870\", \"CVE-2018-19871\", \"CVE-2018-19873\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-05-15 02:00:11 +0000 (Wed, 15 May 2019)\");\n script_name(\"Debian LTS: Security Advisory for qt4-x11 (DLA-1786-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2019/05/msg00014.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DLA-1786-1\");\n script_xref(name:\"URL\", value:\"https://bugs.debian.org/923003\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'qt4-x11'\n package(s) announced via the DLA-1786-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple issues have been addressed in Qt4.\n\nCVE-2018-15518\n\nA double-free or corruption during parsing of a specially crafted\nillegal XML document.\n\nCVE-2018-19869\n\nA malformed SVG image could cause a segmentation fault in\nqsvghandler.cpp.\n\nCVE-2018-19870\n\nA malformed GIF image might have caused a NULL pointer dereference in\nQGifHandler resulting in a segmentation fault.\n\nCVE-2018-19871\n\nThere was an uncontrolled resource consumption in QTgaFile.\n\nCVE-2018-19873\n\nQBmpHandler had a buffer overflow via BMP data.\");\n\n script_tag(name:\"affected\", value:\"'qt4-x11' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2.\n\nWe recommend that you upgrade your qt4-x11 packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libqt4-assistant\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libqt4-core\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libqt4-dbg\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libqt4-dbus\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libqt4-declarative\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libqt4-declarative-folderlistmodel\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libqt4-declarative-gestures\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libqt4-declarative-particles\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libqt4-declarative-shaders\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libqt4-designer\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libqt4-designer-dbg\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libqt4-dev\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libqt4-dev-bin\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libqt4-gui\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libqt4-help\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libqt4-network\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libqt4-opengl\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libqt4-opengl-dev\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libqt4-phonon\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libqt4-private-dev\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libqt4-qt3support\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libqt4-qt3support-dbg\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libqt4-script\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libqt4-script-dbg\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libqt4-scripttools\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libqt4-sql\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libqt4-sql-ibase\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libqt4-sql-mysql\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libqt4-sql-odbc\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libqt4-sql-psql\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libqt4-sql-sqlite\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libqt4-sql-sqlite2\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libqt4-sql-tds\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libqt4-svg\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libqt4-test\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libqt4-webkit\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libqt4-webkit-dbg\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libqt4-xml\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libqt4-xmlpatterns\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libqt4-xmlpatterns-dbg\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libqtcore4\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libqtdbus4\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libqtgui4\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"qdbus\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"qt4-bin-dbg\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"qt4-default\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"qt4-demos\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"qt4-demos-dbg\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"qt4-designer\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"qt4-dev-tools\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"qt4-doc\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"qt4-doc-html\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"qt4-linguist-tools\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"qt4-qmake\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"qt4-qmlviewer\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"qt4-qtconfig\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"qtcore4-l10n\", ver:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:18", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for mingw-qt5-qtsensors FEDORA-2019-3c45bd2cc3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15518", "CVE-2018-19873", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19869"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310876288", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876288", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876288\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-15518\", \"CVE-2018-19870\", \"CVE-2018-19873\", \"CVE-2018-19869\", \"CVE-2018-19871\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:42:34 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for mingw-qt5-qtsensors FEDORA-2019-3c45bd2cc3\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-3c45bd2cc3\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XNGM2YFHCMKYAYEI2YDLQ6N44L7J5LO6\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mingw-qt5-qtsensors'\n package(s) announced via the FEDORA-2019-3c45bd2cc3 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This package contains the Qt software toolkit for developing\ncross-platform applications.\n\nThis is the Windows version of Qt, for use in conjunction with the\nFedora Windows cross-compiler.\");\n\n script_tag(name:\"affected\", value:\"'mingw-qt5-qtsensors' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"mingw-qt5-qtsensors\", rpm:\"mingw-qt5-qtsensors~5.11.3~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:13", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for mingw-python-qt5 FEDORA-2019-3c45bd2cc3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15518", "CVE-2018-19873", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19869"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310875631", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875631", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875631\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-15518\", \"CVE-2018-19870\", \"CVE-2018-19873\", \"CVE-2018-19869\", \"CVE-2018-19871\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:13:43 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for mingw-python-qt5 FEDORA-2019-3c45bd2cc3\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-3c45bd2cc3\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IEKKZOBL2CQNA4GNHVUXFP4B2WDAKCKD\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mingw-python-qt5'\n package(s) announced via the FEDORA-2019-3c45bd2cc3 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"MinGW Windows PyQt5\");\n\n script_tag(name:\"affected\", value:\"'mingw-python-qt5' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"mingw-python-qt5\", rpm:\"mingw-python-qt5~5.11.3~2.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:11", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for mingw-qt5-qtquickcontrols FEDORA-2019-3c45bd2cc3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15518", "CVE-2018-19873", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19869"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310875725", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875725", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875725\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-15518\", \"CVE-2018-19870\", \"CVE-2018-19873\", \"CVE-2018-19869\", \"CVE-2018-19871\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:17:39 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for mingw-qt5-qtquickcontrols FEDORA-2019-3c45bd2cc3\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-3c45bd2cc3\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FCJELPMJLRDP5MNHV3K6VIW5QRMMQJVT\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mingw-qt5-qtquickcontrols'\n package(s) announced via the FEDORA-2019-3c45bd2cc3 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This package contains the Qt software toolkit for developing\ncross-platform applications.\n\nThis is the Windows version of Qt, for use in conjunction with the\nFedora Windows cross-compiler.\");\n\n script_tag(name:\"affected\", value:\"'mingw-qt5-qtquickcontrols' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"mingw-qt5-qtquickcontrols\", rpm:\"mingw-qt5-qtquickcontrols~5.11.3~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:18", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for mingw-qt5-qtcharts FEDORA-2019-3c45bd2cc3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15518", "CVE-2018-19873", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19869"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310876127", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876127", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876127\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-15518\", \"CVE-2018-19870\", \"CVE-2018-19873\", \"CVE-2018-19869\", \"CVE-2018-19871\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:35:29 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for mingw-qt5-qtcharts FEDORA-2019-3c45bd2cc3\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-3c45bd2cc3\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWQLXM4I7SS7UGZQKNDOZLX5OPGIBORD\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mingw-qt5-qtcharts'\n package(s) announced via the FEDORA-2019-3c45bd2cc3 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This package contains the Qt software toolkit for developing\ncross-platform applications.\n\nThis is the Windows version of Qt, for use in conjunction with the\nFedora Windows cross-compiler.\");\n\n script_tag(name:\"affected\", value:\"'mingw-qt5-qtcharts' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"mingw-qt5-qtcharts\", rpm:\"mingw-qt5-qtcharts~5.11.3~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:17", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for mingw-qt5-qtwebsockets FEDORA-2019-3c45bd2cc3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15518", "CVE-2018-19873", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19869"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310875803", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875803", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875803\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-15518\", \"CVE-2018-19870\", \"CVE-2018-19873\", \"CVE-2018-19869\", \"CVE-2018-19871\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:21:37 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for mingw-qt5-qtwebsockets FEDORA-2019-3c45bd2cc3\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-3c45bd2cc3\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WR6WVTWMN75ODMX2GP54EYDRWNAJUMN5\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mingw-qt5-qtwebsockets'\n package(s) announced via the FEDORA-2019-3c45bd2cc3 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This package contains the Qt software toolkit for developing\ncross-platform applications.\n\nThis is the Windows version of Qt, for use in conjunction with the\nFedora Windows cross-compiler.\");\n\n script_tag(name:\"affected\", value:\"'mingw-qt5-qtwebsockets' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"mingw-qt5-qtwebsockets\", rpm:\"mingw-qt5-qtwebsockets~5.11.3~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:13", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for mingw-qt5-qtserialport FEDORA-2019-3c45bd2cc3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15518", "CVE-2018-19873", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19869"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310875996", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875996", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875996\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-15518\", \"CVE-2018-19870\", \"CVE-2018-19873\", \"CVE-2018-19869\", \"CVE-2018-19871\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:30:50 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for mingw-qt5-qtserialport FEDORA-2019-3c45bd2cc3\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-3c45bd2cc3\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G5DMDS6EWBAYIOVHODCJRZ3CBF5NQFWH\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mingw-qt5-qtserialport'\n package(s) announced via the FEDORA-2019-3c45bd2cc3 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This package contains the Qt software toolkit for developing\ncross-platform applications.\n\nThis is the Windows version of Qt, for use in conjunction with the\nFedora Windows cross-compiler.\");\n\n script_tag(name:\"affected\", value:\"'mingw-qt5-qtserialport' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"mingw-qt5-qtserialport\", rpm:\"mingw-qt5-qtserialport~5.11.3~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:15", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for mingw-qt5-qtlocation FEDORA-2019-3c45bd2cc3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15518", "CVE-2018-19873", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19869"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310875611", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875611", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875611\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-15518\", \"CVE-2018-19870\", \"CVE-2018-19873\", \"CVE-2018-19869\", \"CVE-2018-19871\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:12:02 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for mingw-qt5-qtlocation FEDORA-2019-3c45bd2cc3\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-3c45bd2cc3\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NF64OXS55YRM7T7Q7LJONUCUFMH4SX3K\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mingw-qt5-qtlocation'\n package(s) announced via the FEDORA-2019-3c45bd2cc3 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This package contains the Qt software toolkit for developing\ncross-platform applications.\n\nThis is the Windows version of Qt, for use in conjunction with the\nFedora Windows cross-compiler.\");\n\n script_tag(name:\"affected\", value:\"'mingw-qt5-qtlocation' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"mingw-qt5-qtlocation\", rpm:\"mingw-qt5-qtlocation~5.11.3~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:39:51", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for qt (EulerOS-SA-2019-2381)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1858", "CVE-2015-1859", "CVE-2018-15518", "CVE-2014-0190", "CVE-2018-19872", "CVE-2018-19871", "CVE-2015-0295", "CVE-2013-4549", "CVE-2015-1860"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192381", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192381", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2381\");\n script_version(\"2020-01-23T12:52:29+0000\");\n script_cve_id(\"CVE-2013-4549\", \"CVE-2014-0190\", \"CVE-2015-0295\", \"CVE-2015-1858\", \"CVE-2015-1859\", \"CVE-2015-1860\", \"CVE-2018-15518\", \"CVE-2018-19871\", \"CVE-2018-19872\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:52:29 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:52:29 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for qt (EulerOS-SA-2019-2381)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2381\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2381\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'qt' package(s) announced via the EulerOS-SA-2019-2381 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"QXmlSimpleReader in Qt before 5.2 allows context-dependent attackers to cause a denial of service (memory consumption) via an XML Entity Expansion (XEE) attack.(CVE-2013-4549)\n\nAn issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.(CVE-2018-19871)\n\nQXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document.(CVE-2018-15518)\n\nAn issue was discovered in Qt 5.11. A malformed PPM image causes a division by zero and a crash in qppmhandler.cpp.(CVE-2018-19872)\n\nMultiple buffer overflows in gui/image/qbmphandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code via a crafted BMP image.(CVE-2015-1858)\n\nMultiple buffer overflows in plugins/imageformats/ico/qicohandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code via a crafted ICO image.(CVE-2015-1859)\n\nMultiple buffer overflows in gui/image/qgifhandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted GIF image.(CVE-2015-1860)\n\nThe BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service (divide-by-zero and crash) via a crafted BMP file.(CVE-2015-0295)\n\nThe GIF decoder in QtGui in Qt before 5.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via invalid width and height values in a GIF image.(CVE-2014-0190)\");\n\n script_tag(name:\"affected\", value:\"'qt' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"qt\", rpm:\"qt~4.8.5~12.h6\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"qt-devel\", rpm:\"qt-devel~4.8.5~12.h6\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"qt-mysql\", rpm:\"qt-mysql~4.8.5~12.h6\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"qt-odbc\", rpm:\"qt-odbc~4.8.5~12.h6\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"qt-postgresql\", rpm:\"qt-postgresql~4.8.5~12.h6\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"qt-x11\", rpm:\"qt-x11~4.8.5~12.h6\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:35:27", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for qt (EulerOS-SA-2019-2656)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1858", "CVE-2015-1859", "CVE-2018-15518", "CVE-2014-0190", "CVE-2018-19872", "CVE-2018-19871", "CVE-2015-0295", "CVE-2013-4549", "CVE-2015-1860"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192656", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192656", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2656\");\n script_version(\"2020-01-23T13:12:45+0000\");\n script_cve_id(\"CVE-2013-4549\", \"CVE-2014-0190\", \"CVE-2015-0295\", \"CVE-2015-1858\", \"CVE-2015-1859\", \"CVE-2015-1860\", \"CVE-2018-15518\", \"CVE-2018-19871\", \"CVE-2018-19872\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 13:12:45 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 13:12:45 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for qt (EulerOS-SA-2019-2656)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2656\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2656\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'qt' package(s) announced via the EulerOS-SA-2019-2656 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An issue was discovered in Qt 5.11. A malformed PPM image causes a division by zero and a crash in qppmhandler.cpp.(CVE-2018-19872)\n\nAn issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.(CVE-2018-19871)\n\nMultiple buffer overflows in gui/image/qbmphandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code via a crafted BMP image.(CVE-2015-1858)\n\nMultiple buffer overflows in gui/image/qgifhandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted GIF image.(CVE-2015-1860)\n\nMultiple buffer overflows in plugins/imageformats/ico/qicohandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code via a crafted ICO image.(CVE-2015-1859)\n\nQXmlSimpleReader in Qt before 5.2 allows context-dependent attackers to cause a denial of service (memory consumption) via an XML Entity Expansion (XEE) attack.(CVE-2013-4549)\n\nQXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document.(CVE-2018-15518)\n\nThe BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service (divide-by-zero and crash) via a crafted BMP file.(CVE-2015-0295)\n\nThe GIF decoder in QtGui in Qt before 5.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via invalid width and height values in a GIF image.(CVE-2014-0190)\");\n\n script_tag(name:\"affected\", value:\"'qt' package(s) on Huawei EulerOS V2.0SP3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"qt\", rpm:\"qt~4.8.5~13.h6\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"qt-devel\", rpm:\"qt-devel~4.8.5~13.h6\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"qt-mysql\", rpm:\"qt-mysql~4.8.5~13.h6\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"qt-odbc\", rpm:\"qt-odbc~4.8.5~13.h6\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"qt-postgresql\", rpm:\"qt-postgresql~4.8.5~13.h6\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"qt-x11\", rpm:\"qt-x11~4.8.5~13.h6\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2023-05-18T15:26:18", "description": "The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has qt5-qtimageformats packages installed that are affected by a vulnerability:\n\n - An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.\n (CVE-2018-19871)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-12-09T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.05 / MAIN 5.05 : qt5-qtimageformats Vulnerability (NS-SA-2020-0099)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19871"], "modified": "2020-12-10T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2020-0099_QT5-QTIMAGEFORMATS.NASL", "href": "https://www.tenable.com/plugins/nessus/143932", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2020-0099. The text\n# itself is copyright (C) ZTE, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143932);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/10\");\n\n script_cve_id(\"CVE-2018-19871\");\n script_bugtraq_id(106338);\n\n script_name(english:\"NewStart CGSL CORE 5.05 / MAIN 5.05 : qt5-qtimageformats Vulnerability (NS-SA-2020-0099)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by a vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has qt5-qtimageformats packages installed that are\naffected by a vulnerability:\n\n - An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.\n (CVE-2018-19871)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2020-0099\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL qt5-qtimageformats packages. Note that updated packages may not be available yet. Please\ncontact ZTE for more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-19871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (release !~ \"CGSL CORE 5.05\" &&\n release !~ \"CGSL MAIN 5.05\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.05 / NewStart CGSL MAIN 5.05');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nflag = 0;\n\npkgs = {\n 'CGSL CORE 5.05': [\n 'qt5-qtimageformats-5.9.7-1.el7',\n 'qt5-qtimageformats-debuginfo-5.9.7-1.el7',\n 'qt5-qtimageformats-doc-5.9.7-1.el7'\n ],\n 'CGSL MAIN 5.05': [\n 'qt5-qtimageformats-5.9.7-1.el7',\n 'qt5-qtimageformats-debuginfo-5.9.7-1.el7',\n 'qt5-qtimageformats-doc-5.9.7-1.el7'\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'qt5-qtimageformats');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:31:24", "description": "According to the version of the qt packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.(CVE-2018-19871)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-11-27T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : qt (EulerOS-SA-2019-2301)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19871"], "modified": "2021-01-06T00:00:00", "cpe": ["cpe:/o:huawei:euleros:2.0", "p-cpe:/a:huawei:euleros:qt", "p-cpe:/a:huawei:euleros:qt-devel", "p-cpe:/a:huawei:euleros:qt-mysql", "p-cpe:/a:huawei:euleros:qt-odbc", "p-cpe:/a:huawei:euleros:qt-x11", "p-cpe:/a:huawei:euleros:qt-common"], "id": "EULEROS_SA-2019-2301.NASL", "href": "https://www.tenable.com/plugins/nessus/131367", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131367);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-19871\"\n );\n\n script_name(english:\"EulerOS 2.0 SP8 : qt (EulerOS-SA-2019-2301)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the qt packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - An issue was discovered in Qt before 5.11.3. There is\n QTgaFile Uncontrolled Resource\n Consumption.(CVE-2018-19871)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2301\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1585ce4c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected qt package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qt-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qt-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qt-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qt-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"qt-4.8.7-42.h5.eulerosv2r8\",\n \"qt-common-4.8.7-42.h5.eulerosv2r8\",\n \"qt-devel-4.8.7-42.h5.eulerosv2r8\",\n \"qt-mysql-4.8.7-42.h5.eulerosv2r8\",\n \"qt-odbc-4.8.7-42.h5.eulerosv2r8\",\n \"qt-x11-4.8.7-42.h5.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qt\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:31:42", "description": "According to the version of the qt packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.(CVE-2018-19871)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-11-08T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : qt (EulerOS-SA-2019-2186)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19871"], "modified": "2021-01-06T00:00:00", "cpe": ["cpe:/o:huawei:euleros:2.0", "p-cpe:/a:huawei:euleros:qt", "p-cpe:/a:huawei:euleros:qt-devel", "p-cpe:/a:huawei:euleros:qt-mysql", "p-cpe:/a:huawei:euleros:qt-odbc", "p-cpe:/a:huawei:euleros:qt-postgresql", "p-cpe:/a:huawei:euleros:qt-x11"], "id": "EULEROS_SA-2019-2186.NASL", "href": "https://www.tenable.com/plugins/nessus/130648", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130648);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-19871\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : qt (EulerOS-SA-2019-2186)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the qt packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - An issue was discovered in Qt before 5.11.3. There is\n QTgaFile Uncontrolled Resource\n Consumption.(CVE-2018-19871)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2186\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?945578c4\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected qt package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qt-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qt-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qt-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qt-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"qt-4.8.7-2.h5.eulerosv2r7\",\n \"qt-devel-4.8.7-2.h5.eulerosv2r7\",\n \"qt-mysql-4.8.7-2.h5.eulerosv2r7\",\n \"qt-odbc-4.8.7-2.h5.eulerosv2r7\",\n \"qt-postgresql-4.8.7-2.h5.eulerosv2r7\",\n \"qt-x11-4.8.7-2.h5.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qt\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:25:31", "description": "This update for libqt5-qtimageformats fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2018-19871: Fixed CPU exhaustion in QTgaFile (bsc#1118598)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-12-09T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : libqt5-qtimageformats (SUSE-SU-2020:2923-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19871"], "modified": "2020-12-11T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libqt5-qtimageformats", "p-cpe:/a:novell:suse_linux:libqt5-qtimageformats-debuginfo", "p-cpe:/a:novell:suse_linux:libqt5-qtimageformats-debugsource", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2020-2923-1.NASL", "href": "https://www.tenable.com/plugins/nessus/143837", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:2923-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(143837);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/11\");\n\n script_cve_id(\"CVE-2018-19871\");\n\n script_name(english:\"SUSE SLES12 Security Update : libqt5-qtimageformats (SUSE-SU-2020:2923-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for libqt5-qtimageformats fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2018-19871: Fixed CPU exhaustion in QTgaFile (bsc#1118598)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1118598\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19871/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20202923-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8c67c47a\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12-SP5 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-2923=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libqt5-qtimageformats\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libqt5-qtimageformats-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libqt5-qtimageformats-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP5\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libqt5-qtimageformats-5.6.2-3.3.110\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libqt5-qtimageformats-debuginfo-5.6.2-3.3.110\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libqt5-qtimageformats-debugsource-5.6.2-3.3.110\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libqt5-qtimageformats\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:08:25", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has qt5-qtimageformats packages installed that are affected by a vulnerability:\n\n - An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.\n (CVE-2018-19871)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-09-21T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : qt5-qtimageformats Vulnerability (NS-SA-2020-0040)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19871"], "modified": "2021-01-14T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2020-0040_QT5-QTIMAGEFORMATS.NASL", "href": "https://www.tenable.com/plugins/nessus/140698", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2020-0040. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(140698);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2018-19871\");\n script_bugtraq_id(106338);\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : qt5-qtimageformats Vulnerability (NS-SA-2020-0040)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by a vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has qt5-qtimageformats packages installed that are\naffected by a vulnerability:\n\n - An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.\n (CVE-2018-19871)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2020-0040\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL qt5-qtimageformats packages. Note that updated packages may not be available yet. Please\ncontact ZTE for more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-19871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nflag = 0;\n\npkgs = {\n 'CGSL CORE 5.04': [\n 'qt5-qtimageformats-5.9.7-1.el7',\n 'qt5-qtimageformats-debuginfo-5.9.7-1.el7',\n 'qt5-qtimageformats-doc-5.9.7-1.el7'\n ],\n 'CGSL MAIN 5.04': [\n 'qt5-qtimageformats-5.9.7-1.el7',\n 'qt5-qtimageformats-debuginfo-5.9.7-1.el7',\n 'qt5-qtimageformats-doc-5.9.7-1.el7'\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'qt5-qtimageformats');\n}\n\n\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:10:15", "description": "This update for libqt5-qtimageformats fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2018-19871: Fixed CPU exhaustion in QTgaFile (bsc#1118598)\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {}, "published": "2019-04-03T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libqt5-qtimageformats (openSUSE-2019-1115)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19871"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libqt5-qtimageformats", "p-cpe:/a:novell:opensuse:libqt5-qtimageformats-32bit", "p-cpe:/a:novell:opensuse:libqt5-qtimageformats-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libqt5-qtimageformats-debuginfo", "p-cpe:/a:novell:opensuse:libqt5-qtimageformats-debugsource", "p-cpe:/a:novell:opensuse:libqt5-qtimageformats-devel", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2019-1115.NASL", "href": "https://www.tenable.com/plugins/nessus/123662", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-1115.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123662);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-19871\");\n\n script_name(english:\"openSUSE Security Update : libqt5-qtimageformats (openSUSE-2019-1115)\");\n script_summary(english:\"Check for the openSUSE-2019-1115 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for libqt5-qtimageformats fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2018-19871: Fixed CPU exhaustion in QTgaFile\n (bsc#1118598)\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1118598\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libqt5-qtimageformats packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt5-qtimageformats\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt5-qtimageformats-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt5-qtimageformats-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt5-qtimageformats-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt5-qtimageformats-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt5-qtimageformats-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libqt5-qtimageformats-5.9.4-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libqt5-qtimageformats-debuginfo-5.9.4-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libqt5-qtimageformats-debugsource-5.9.4-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libqt5-qtimageformats-devel-5.9.4-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libqt5-qtimageformats-32bit-5.9.4-lp150.2.3.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libqt5-qtimageformats-32bit-debuginfo-5.9.4-lp150.2.3.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libqt5-qtimageformats / libqt5-qtimageformats-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-21T14:16:35", "description": "This update for libqt5-qtimageformats fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2018-19871: Fixed CPU exhaustion in QTgaFile (bsc#1118598)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-03-25T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : libqt5-qtimageformats (SUSE-SU-2019:0705-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19871"], "modified": "2020-02-03T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libqt5-qtimageformats", "p-cpe:/a:novell:suse_linux:libqt5-qtimageformats-debuginfo", "p-cpe:/a:novell:suse_linux:libqt5-qtimageformats-debugsource", "p-cpe:/a:novell:suse_linux:libqt5-qtimageformats-devel", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2019-0705-1.NASL", "href": "https://www.tenable.com/plugins/nessus/123063", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:0705-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(123063);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/02/03\");\n\n script_cve_id(\"CVE-2018-19871\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : libqt5-qtimageformats (SUSE-SU-2019:0705-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for libqt5-qtimageformats fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2018-19871: Fixed CPU exhaustion in QTgaFile (bsc#1118598)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1118598\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19871/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20190705-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2d491cf4\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Desktop Applications 15:zypper in -t\npatch SUSE-SLE-Module-Desktop-Applications-15-2019-705=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libqt5-qtimageformats\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libqt5-qtimageformats-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libqt5-qtimageformats-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libqt5-qtimageformats-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libqt5-qtimageformats-5.9.4-3.3.17\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libqt5-qtimageformats-debuginfo-5.9.4-3.3.17\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libqt5-qtimageformats-debugsource-5.9.4-3.3.17\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libqt5-qtimageformats-devel-5.9.4-3.3.17\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libqt5-qtimageformats-5.9.4-3.3.17\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libqt5-qtimageformats-debuginfo-5.9.4-3.3.17\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libqt5-qtimageformats-debugsource-5.9.4-3.3.17\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libqt5-qtimageformats-devel-5.9.4-3.3.17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libqt5-qtimageformats\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-10T16:42:02", "description": "The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1665 advisory.\n\n - An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in qsvghandler.cpp. (CVE-2018-19869)\n\n - An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.\n (CVE-2018-19871)\n\n - An issue was discovered in Qt 5.11. A malformed PPM image causes a division by zero and a crash in qppmhandler.cpp. (CVE-2018-19872)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-09-07T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : qt5 (ELSA-2020-1665)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19869", "CVE-2018-19871", "CVE-2018-19872"], "modified": "2023-09-07T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:python-qt5-rpm-macros", "p-cpe:/a:oracle:linux:python3-pyqt5-sip", "p-cpe:/a:oracle:linux:python3-qt5", "p-cpe:/a:oracle:linux:python3-qt5-base", "p-cpe:/a:oracle:linux:qgnomeplatform", "p-cpe:/a:oracle:linux:qt5-assistant", "p-cpe:/a:oracle:linux:qt5-designer", "p-cpe:/a:oracle:linux:qt5-doctools", "p-cpe:/a:oracle:linux:qt5-linguist", "p-cpe:/a:oracle:linux:qt5-qdbusviewer", "p-cpe:/a:oracle:linux:qt5-qt3d", "p-cpe:/a:oracle:linux:qt5-qt3d-devel", "p-cpe:/a:oracle:linux:qt5-qt3d-examples", "p-cpe:/a:oracle:linux:qt5-qtbase", "p-cpe:/a:oracle:linux:qt5-qtbase-common", "p-cpe:/a:oracle:linux:qt5-qtbase-devel", "p-cpe:/a:oracle:linux:qt5-qtbase-examples", "p-cpe:/a:oracle:linux:qt5-qtbase-gui", "p-cpe:/a:oracle:linux:qt5-qtbase-mysql", "p-cpe:/a:oracle:linux:qt5-qtbase-odbc", "p-cpe:/a:oracle:linux:qt5-qtbase-postgresql", "p-cpe:/a:oracle:linux:qt5-qtbase-private-devel", "p-cpe:/a:oracle:linux:qt5-qtcanvas3d", "p-cpe:/a:oracle:linux:qt5-qtcanvas3d-examples", "p-cpe:/a:oracle:linux:qt5-qtconnectivity", "p-cpe:/a:oracle:linux:qt5-qtconnectivity-devel", "p-cpe:/a:oracle:linux:qt5-qtconnectivity-examples", "p-cpe:/a:oracle:linux:qt5-qtdeclarative", "p-cpe:/a:oracle:linux:qt5-qtdeclarative-devel", "p-cpe:/a:oracle:linux:qt5-qtdeclarative-examples", "p-cpe:/a:oracle:linux:qt5-qtdoc", "p-cpe:/a:oracle:linux:qt5-qtgraphicaleffects", "p-cpe:/a:oracle:linux:qt5-qtimageformats", "p-cpe:/a:oracle:linux:qt5-qtlocation", "p-cpe:/a:oracle:linux:qt5-qtlocation-devel", "p-cpe:/a:oracle:linux:qt5-qtlocation-examples", "p-cpe:/a:oracle:linux:qt5-qtmultimedia", "p-cpe:/a:oracle:linux:qt5-qtmultimedia-devel", "p-cpe:/a:oracle:linux:qt5-qtmultimedia-examples", "p-cpe:/a:oracle:linux:qt5-qtquickcontrols", "p-cpe:/a:oracle:linux:qt5-qtquickcontrols-examples", "p-cpe:/a:oracle:linux:qt5-qtquickcontrols2", "p-cpe:/a:oracle:linux:qt5-qtquickcontrols2-examples", "p-cpe:/a:oracle:linux:qt5-qtscript", "p-cpe:/a:oracle:linux:qt5-qtscript-devel", "p-cpe:/a:oracle:linux:qt5-qtscript-examples", "p-cpe:/a:oracle:linux:qt5-qtsensors", "p-cpe:/a:oracle:linux:qt5-qtsensors-devel", "p-cpe:/a:oracle:linux:qt5-qtsensors-examples", "p-cpe:/a:oracle:linux:qt5-qtserialbus", "p-cpe:/a:oracle:linux:qt5-qtserialbus-examples", "p-cpe:/a:oracle:linux:qt5-qtserialport", "p-cpe:/a:oracle:linux:qt5-qtserialport-devel", "p-cpe:/a:oracle:linux:qt5-qtserialport-examples", "p-cpe:/a:oracle:linux:qt5-qtsvg", "p-cpe:/a:oracle:linux:qt5-qtsvg-devel", "p-cpe:/a:oracle:linux:qt5-qtsvg-examples", "p-cpe:/a:oracle:linux:qt5-qttools", "p-cpe:/a:oracle:linux:qt5-qttools-common", "p-cpe:/a:oracle:linux:qt5-qttools-devel", "p-cpe:/a:oracle:linux:qt5-qttools-examples", "p-cpe:/a:oracle:linux:qt5-qttools-libs-designer", "p-cpe:/a:oracle:linux:qt5-qttools-libs-designercomponents", "p-cpe:/a:oracle:linux:qt5-qttools-libs-help", "p-cpe:/a:oracle:linux:qt5-qttranslations", "p-cpe:/a:oracle:linux:qt5-qtwayland", "p-cpe:/a:oracle:linux:qt5-qtwayland-examples", "p-cpe:/a:oracle:linux:qt5-qtwebchannel", "p-cpe:/a:oracle:linux:qt5-qtwebchannel-devel", "p-cpe:/a:oracle:linux:qt5-qtwebchannel-examples", "p-cpe:/a:oracle:linux:qt5-qtwebsockets", "p-cpe:/a:oracle:linux:qt5-qtwebsockets-devel", "p-cpe:/a:oracle:linux:qt5-qtwebsockets-examples", "p-cpe:/a:oracle:linux:qt5-qtx11extras", "p-cpe:/a:oracle:linux:qt5-qtx11extras-devel", "p-cpe:/a:oracle:linux:qt5-qtxmlpatterns", "p-cpe:/a:oracle:linux:qt5-qtxmlpatterns-devel", "p-cpe:/a:oracle:linux:qt5-qtxmlpatterns-examples", "p-cpe:/a:oracle:linux:qt5-rpm-macros", "p-cpe:/a:oracle:linux:qt5-srpm-macros", "p-cpe:/a:oracle:linux:sip"], "id": "ORACLELINUX_ELSA-2020-1665.NASL", "href": "https://www.tenable.com/plugins/nessus/180963", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2020-1665.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(180963);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/07\");\n\n script_cve_id(\"CVE-2018-19869\", \"CVE-2018-19871\", \"CVE-2018-19872\");\n\n script_name(english:\"Oracle Linux 8 : qt5 (ELSA-2020-1665)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2020-1665 advisory.\n\n - An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in\n qsvghandler.cpp. (CVE-2018-19869)\n\n - An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.\n (CVE-2018-19871)\n\n - An issue was discovered in Qt 5.11. A malformed PPM image causes a division by zero and a crash in\n qppmhandler.cpp. (CVE-2018-19872)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2020-1665.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-19872\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2018-19871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/09/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-qt5-rpm-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python3-pyqt5-sip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python3-qt5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python3-qt5-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qgnomeplatform\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-assistant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-designer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-doctools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-linguist\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qdbusviewer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qt3d\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qt3d-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qt3d-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtbase-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtbase-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtbase-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtbase-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtbase-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtbase-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtbase-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtbase-private-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtcanvas3d\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtcanvas3d-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtconnectivity\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtconnectivity-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtconnectivity-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtdeclarative\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtdeclarative-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtdeclarative-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtgraphicaleffects\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtimageformats\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtlocation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtlocation-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtlocation-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtmultimedia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtmultimedia-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtmultimedia-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtquickcontrols\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtquickcontrols-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtquickcontrols2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtquickcontrols2-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtscript-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtscript-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtsensors\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtsensors-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtsensors-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtserialbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtserialbus-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtserialport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtserialport-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtserialport-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtsvg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtsvg-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtsvg-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qttools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qttools-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qttools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qttools-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qttools-libs-designer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qttools-libs-designercomponents\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qttools-libs-help\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qttranslations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtwayland\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtwayland-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtwebchannel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtwebchannel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtwebchannel-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtwebsockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtwebsockets-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtwebsockets-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtx11extras\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtx11extras-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtxmlpatterns\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtxmlpatterns-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtxmlpatterns-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-rpm-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-srpm-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:sip\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(os_release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:os_release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar pkgs = [\n {'reference':'python-qt5-rpm-macros-5.13.1-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-common-5.12.5-4.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdoc-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-common-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttranslations-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-rpm-macros-5.12.5-3.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-srpm-macros-5.12.5-3.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-pyqt5-sip-4.19.19-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-qt5-5.13.1-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-qt5-base-5.13.1-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qgnomeplatform-0.4-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-assistant-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-designer-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-doctools-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-linguist-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qdbusviewer-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qt3d-5.12.5-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qt3d-devel-5.12.5-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qt3d-examples-5.12.5-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-5.12.5-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-devel-5.12.5-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-examples-5.12.5-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-gui-5.12.5-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-mysql-5.12.5-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-odbc-5.12.5-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-postgresql-5.12.5-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-private-devel-5.12.5-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtcanvas3d-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtcanvas3d-examples-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtconnectivity-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtconnectivity-devel-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtconnectivity-examples-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-devel-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-examples-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtgraphicaleffects-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtimageformats-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtlocation-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtlocation-devel-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtlocation-examples-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtmultimedia-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtmultimedia-devel-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtmultimedia-examples-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols-examples-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols2-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols2-examples-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtscript-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtscript-devel-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtscript-examples-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsensors-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsensors-devel-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsensors-examples-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialbus-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialbus-examples-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialport-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialport-devel-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialport-examples-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsvg-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsvg-devel-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsvg-examples-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-devel-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-examples-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-libs-designer-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-libs-designercomponents-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-libs-help-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwayland-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwayland-examples-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebchannel-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebchannel-devel-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebchannel-examples-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebsockets-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebsockets-devel-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebsockets-examples-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtx11extras-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtx11extras-devel-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtxmlpatterns-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtxmlpatterns-devel-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtxmlpatterns-examples-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sip-4.19.19-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-qt5-5.13.1-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-qt5-base-5.13.1-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qgnomeplatform-0.4-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qt3d-5.12.5-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qt3d-devel-5.12.5-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-5.12.5-4.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-devel-5.12.5-4.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-examples-5.12.5-4.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-gui-5.12.5-4.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-mysql-5.12.5-4.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-odbc-5.12.5-4.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-postgresql-5.12.5-4.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-private-devel-5.12.5-4.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtcanvas3d-5.12.5-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtconnectivity-5.12.5-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtconnectivity-devel-5.12.5-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-5.12.5-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-devel-5.12.5-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtgraphicaleffects-5.12.5-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtimageformats-5.12.5-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtlocation-5.12.5-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtlocation-devel-5.12.5-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtmultimedia-5.12.5-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtmultimedia-devel-5.12.5-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols-5.12.5-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols2-5.12.5-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtscript-5.12.5-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtscript-devel-5.12.5-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsensors-5.12.5-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsensors-devel-5.12.5-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialbus-5.12.5-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialport-5.12.5-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialport-devel-5.12.5-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsvg-5.12.5-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsvg-devel-5.12.5-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-devel-5.12.5-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-examples-5.12.5-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-libs-designer-5.12.5-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-libs-designercomponents-5.12.5-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-libs-help-5.12.5-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwayland-5.12.5-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebchannel-5.12.5-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebchannel-devel-5.12.5-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebsockets-5.12.5-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebsockets-devel-5.12.5-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtx11extras-5.12.5-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtx11extras-devel-5.12.5-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtxmlpatterns-5.12.5-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtxmlpatterns-devel-5.12.5-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-pyqt5-sip-4.19.19-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-qt5-5.13.1-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-qt5-base-5.13.1-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qgnomeplatform-0.4-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-assistant-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-designer-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-doctools-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-linguist-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qdbusviewer-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qt3d-5.12.5-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qt3d-devel-5.12.5-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qt3d-examples-5.12.5-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-5.12.5-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-devel-5.12.5-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-examples-5.12.5-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-gui-5.12.5-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-mysql-5.12.5-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-odbc-5.12.5-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-postgresql-5.12.5-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-private-devel-5.12.5-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtcanvas3d-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtcanvas3d-examples-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtconnectivity-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtconnectivity-devel-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtconnectivity-examples-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-devel-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-examples-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtgraphicaleffects-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtimageformats-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtlocation-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtlocation-devel-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtlocation-examples-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtmultimedia-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtmultimedia-devel-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtmultimedia-examples-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols-examples-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols2-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols2-examples-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtscript-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtscript-devel-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtscript-examples-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsensors-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsensors-devel-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsensors-examples-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialbus-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialbus-examples-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialport-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialport-devel-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialport-examples-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsvg-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsvg-devel-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsvg-examples-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-devel-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-examples-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-libs-designer-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-libs-designercomponents-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-libs-help-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwayland-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwayland-examples-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebchannel-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebchannel-devel-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebchannel-examples-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebsockets-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebsockets-devel-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebsockets-examples-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtx11extras-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtx11extras-devel-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtxmlpatterns-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtxmlpatterns-devel-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtxmlpatterns-examples-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sip-4.19.19-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release) {\n if (exists_check) {\n if (rpm_exists(release:_release, rpm:exists_check) && rpm_check(release:_release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python-qt5-rpm-macros / python3-pyqt5-sip / python3-qt5 / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:25:19", "description": "Update to mingw-qt5-*-5.11.3, see http://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-securit y-updates/ for details. Update to mingw-sip-4.19.13, see https://www.riverbankcomputing.com/static/Downloads/sip/ChangeLog for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-01-30T00:00:00", "type": "nessus", "title": "Fedora 29 : mingw-python-qt5 / mingw-qt5-qt3d / mingw-qt5-qtactiveqt / etc (2019-3c45bd2cc3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15518", "CVE-2018-19869", "CVE-2018-19871"], "modified": "2020-02-20T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:mingw-python-qt5", "p-cpe:/a:fedoraproject:fedora:mingw-qt5-qt3d", "p-cpe:/a:fedoraproject:fedora:mingw-qt5-qtactiveqt", "p-cpe:/a:fedoraproject:fedora:mingw-qt5-qtbase", "p-cpe:/a:fedoraproject:fedora:mingw-qt5-qtcharts", "p-cpe:/a:fedoraproject:fedora:mingw-qt5-qtdeclarative", "p-cpe:/a:fedoraproject:fedora:mingw-qt5-qtgraphicaleffects", "p-cpe:/a:fedoraproject:fedora:mingw-qt5-qtimageformats", "p-cpe:/a:fedoraproject:fedora:mingw-qt5-qtlocation", "p-cpe:/a:fedoraproject:fedora:mingw-qt5-qtmultimedia", "p-cpe:/a:fedoraproject:fedora:mingw-qt5-qtquickcontrols", "p-cpe:/a:fedoraproject:fedora:mingw-qt5-qtscript", "p-cpe:/a:fedoraproject:fedora:mingw-qt5-qtsensors", "p-cpe:/a:fedoraproject:fedora:mingw-qt5-qtserialport", "p-cpe:/a:fedoraproject:fedora:mingw-qt5-qtsvg", "p-cpe:/a:fedoraproject:fedora:mingw-qt5-qttools", "p-cpe:/a:fedoraproject:fedora:mingw-qt5-qttranslations", "p-cpe:/a:fedoraproject:fedora:mingw-qt5-qtwebkit", "p-cpe:/a:fedoraproject:fedora:mingw-qt5-qtwebsockets", "p-cpe:/a:fedoraproject:fedora:mingw-qt5-qtwinextras", "p-cpe:/a:fedoraproject:fedora:mingw-qt5-qtxmlpatterns", "p-cpe:/a:fedoraproject:fedora:mingw-sip", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2019-3C45BD2CC3.NASL", "href": "https://www.tenable.com/plugins/nessus/121444", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-3c45bd2cc3.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121444);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/20\");\n\n script_cve_id(\"CVE-2018-15518\", \"CVE-2018-19869\", \"CVE-2018-19871\");\n script_xref(name:\"FEDORA\", value:\"2019-3c45bd2cc3\");\n\n script_name(english:\"Fedora 29 : mingw-python-qt5 / mingw-qt5-qt3d / mingw-qt5-qtactiveqt / etc (2019-3c45bd2cc3)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to mingw-qt5-*-5.11.3, see\nhttp://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-securit\ny-updates/ for details. Update to mingw-sip-4.19.13, see\nhttps://www.riverbankcomputing.com/static/Downloads/sip/ChangeLog for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n # http://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?98ae98d6\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-3c45bd2cc3\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.riverbankcomputing.com/static/Downloads/sip/ChangeLog\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw-python-qt5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw-qt5-qt3d\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw-qt5-qtactiveqt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw-qt5-qtbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw-qt5-qtcharts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw-qt5-qtdeclarative\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw-qt5-qtgraphicaleffects\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw-qt5-qtimageformats\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw-qt5-qtlocation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw-qt5-qtmultimedia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw-qt5-qtquickcontrols\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw-qt5-qtscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw-qt5-qtsensors\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw-qt5-qtserialport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw-qt5-qtsvg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw-qt5-qttools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw-qt5-qttranslations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw-qt5-qtwebkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw-qt5-qtwebsockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw-qt5-qtwinextras\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw-qt5-qtxmlpatterns\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw-sip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"mingw-python-qt5-5.11.3-2.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"mingw-qt5-qt3d-5.11.3-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"mingw-qt5-qtactiveqt-5.11.3-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"mingw-qt5-qtbase-5.11.3-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"mingw-qt5-qtcharts-5.11.3-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"mingw-qt5-qtdeclarative-5.11.3-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"mingw-qt5-qtgraphicaleffects-5.11.3-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"mingw-qt5-qtimageformats-5.11.3-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"mingw-qt5-qtlocation-5.11.3-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"mingw-qt5-qtmultimedia-5.11.3-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"mingw-qt5-qtquickcontrols-5.11.3-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"mingw-qt5-qtscript-5.11.3-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"mingw-qt5-qtsensors-5.11.3-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"mingw-qt5-qtserialport-5.11.3-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"mingw-qt5-qtsvg-5.11.3-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"mingw-qt5-qttools-5.11.3-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"mingw-qt5-qttranslations-5.11.3-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"mingw-qt5-qtwebkit-5.9.4-0.8.gitbd0657f.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"mingw-qt5-qtwebsockets-5.11.3-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"mingw-qt5-qtwinextras-5.11.3-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"mingw-qt5-qtxmlpatterns-5.11.3-1.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"mingw-sip-4.19.13-2.fc29\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mingw-python-qt5 / mingw-qt5-qt3d / mingw-qt5-qtactiveqt / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:41:26", "description": "The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2020:1665 advisory.\n\n - An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in qsvghandler.cpp. (CVE-2018-19869)\n\n - An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.\n (CVE-2018-19871)\n\n - An issue was discovered in Qt 5.11. A malformed PPM image causes a division by zero and a crash in qppmhandler.cpp. (CVE-2018-19872)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-09T00:00:00", "type": "nessus", "title": "AlmaLinux 8 : qt5 (ALSA-2020:1665)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19869", "CVE-2018-19871", "CVE-2018-19872"], "modified": "2022-05-06T00:00:00", "cpe": ["p-cpe:/a:alma:linux:python3-qt5-devel", "p-cpe:/a:alma:linux:qt5-devel", "p-cpe:/a:alma:linux:qt5-qtdeclarative-static", "p-cpe:/a:alma:linux:qt5-qtquickcontrols2-devel", "p-cpe:/a:alma:linux:qt5-qtwayland-devel", "cpe:/o:alma:linux:8"], "id": "ALMA_LINUX_ALSA-2020-1665.NASL", "href": "https://www.tenable.com/plugins/nessus/157627", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2020:1665.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157627);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/06\");\n\n script_cve_id(\"CVE-2018-19869\", \"CVE-2018-19871\", \"CVE-2018-19872\");\n script_xref(name:\"ALSA\", value:\"2020:1665\");\n\n script_name(english:\"AlmaLinux 8 : qt5 (ALSA-2020:1665)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nALSA-2020:1665 advisory.\n\n - An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in\n qsvghandler.cpp. (CVE-2018-19869)\n\n - An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.\n (CVE-2018-19871)\n\n - An issue was discovered in Qt 5.11. A malformed PPM image causes a division by zero and a crash in\n qppmhandler.cpp. (CVE-2018-19872)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/8/ALSA-2020-1665.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-19872\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2018-19871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:python3-qt5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:qt5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:qt5-qtdeclarative-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:qt5-qtquickcontrols2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:qt5-qtwayland-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(release) || 'AlmaLinux' >!< release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 8.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nvar pkgs = [\n {'reference':'python3-qt5-devel-5.13.1-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-qt5-devel-5.13.1-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-devel-5.12.5-3.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-static-5.12.5-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-static-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols2-devel-5.12.5-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols2-devel-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwayland-devel-5.12.5-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwayland-devel-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python3-qt5-devel / qt5-devel / qt5-qtdeclarative-static / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:24:46", "description": "The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:1665 advisory.\n\n - qt5-qtsvg: Invalid parsing of malformed url reference resulting in a denial of service (CVE-2018-19869)\n\n - qt5-qtimageformats: QTgaFile CPU exhaustion (CVE-2018-19871)\n\n - qt: Malformed PPM image causing division by zero and crash in qppmhandler.cpp (CVE-2018-19872)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-02-01T00:00:00", "type": "nessus", "title": "CentOS 8 : qt5 (CESA-2020:1665)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19869", "CVE-2018-19871", "CVE-2018-19872"], "modified": "2022-05-10T00:00:00", "cpe": ["cpe:/o:centos:centos:8", "p-cpe:/a:centos:centos:python-qt5-rpm-macros", "p-cpe:/a:centos:centos:python3-pyqt5-sip", "p-cpe:/a:centos:centos:python3-qt5", "p-cpe:/a:centos:centos:python3-qt5-base", "p-cpe:/a:centos:centos:python3-qt5-devel", "p-cpe:/a:centos:centos:python3-sip-devel", "p-cpe:/a:centos:centos:qgnomeplatform", "p-cpe:/a:centos:centos:qt5-devel", "p-cpe:/a:centos:centos:qt5-qt3d", "p-cpe:/a:centos:centos:qt5-qt3d-devel", "p-cpe:/a:centos:centos:qt5-qt3d-examples", "p-cpe:/a:centos:centos:qt5-qtbase", "p-cpe:/a:centos:centos:qt5-qtbase-common", "p-cpe:/a:centos:centos:qt5-qtbase-devel", "p-cpe:/a:centos:centos:qt5-qtbase-examples", "p-cpe:/a:centos:centos:qt5-qtbase-gui", "p-cpe:/a:centos:centos:qt5-qtbase-mysql", "p-cpe:/a:centos:centos:qt5-qtbase-odbc", "p-cpe:/a:centos:centos:qt5-qtbase-postgresql", "p-cpe:/a:centos:centos:qt5-qtbase-private-devel", "p-cpe:/a:centos:centos:qt5-qtbase-static", "p-cpe:/a:centos:centos:qt5-qtcanvas3d", "p-cpe:/a:centos:centos:qt5-qtcanvas3d-examples", "p-cpe:/a:centos:centos:qt5-qtconnectivity", "p-cpe:/a:centos:centos:qt5-qtconnectivity-devel", "p-cpe:/a:centos:centos:qt5-qtconnectivity-examples", "p-cpe:/a:centos:centos:qt5-qtdeclarative", "p-cpe:/a:centos:centos:qt5-qtdeclarative-devel", "p-cpe:/a:centos:centos:qt5-qtdeclarative-examples", "p-cpe:/a:centos:centos:qt5-qtdeclarative-static", "p-cpe:/a:centos:centos:qt5-qtdoc", "p-cpe:/a:centos:centos:qt5-qtgraphicaleffects", "p-cpe:/a:centos:centos:qt5-qtimageformats", "p-cpe:/a:centos:centos:qt5-qtlocation", "p-cpe:/a:centos:centos:qt5-qtlocation-devel", "p-cpe:/a:centos:centos:qt5-qtlocation-examples", "p-cpe:/a:centos:centos:qt5-qtmultimedia", "p-cpe:/a:centos:centos:qt5-qtmultimedia-devel", "p-cpe:/a:centos:centos:qt5-qtmultimedia-examples", "p-cpe:/a:centos:centos:qt5-qtquickcontrols", "p-cpe:/a:centos:centos:qt5-qtquickcontrols-examples", "p-cpe:/a:centos:centos:qt5-qtquickcontrols2", "p-cpe:/a:centos:centos:qt5-qtquickcontrols2-devel", "p-cpe:/a:centos:centos:qt5-qtquickcontrols2-examples", "p-cpe:/a:centos:centos:qt5-qtscript", "p-cpe:/a:centos:centos:qt5-qtscript-devel", "p-cpe:/a:centos:centos:qt5-qtscript-examples", "p-cpe:/a:centos:centos:qt5-qtsensors", "p-cpe:/a:centos:centos:qt5-qtsensors-devel", "p-cpe:/a:centos:centos:qt5-qtsensors-examples", "p-cpe:/a:centos:centos:qt5-qtserialbus", "p-cpe:/a:centos:centos:qt5-qtserialbus-examples", "p-cpe:/a:centos:centos:qt5-qtserialport", "p-cpe:/a:centos:centos:qt5-qtserialport-devel", "p-cpe:/a:centos:centos:qt5-qtserialport-examples", "p-cpe:/a:centos:centos:qt5-qtsvg", "p-cpe:/a:centos:centos:qt5-qtsvg-devel", "p-cpe:/a:centos:centos:qt5-qtsvg-examples", "p-cpe:/a:centos:centos:qt5-qttranslations", "p-cpe:/a:centos:centos:qt5-qtwayland", "p-cpe:/a:centos:centos:qt5-qtwayland-devel", "p-cpe:/a:centos:centos:qt5-qtwayland-examples", "p-cpe:/a:centos:centos:qt5-qtwebchannel", "p-cpe:/a:centos:centos:qt5-qtwebchannel-devel", "p-cpe:/a:centos:centos:qt5-qtwebchannel-examples", "p-cpe:/a:centos:centos:qt5-qtwebsockets", "p-cpe:/a:centos:centos:qt5-qtwebsockets-devel", "p-cpe:/a:centos:centos:qt5-qtwebsockets-examples", "p-cpe:/a:centos:centos:qt5-qtx11extras", "p-cpe:/a:centos:centos:qt5-qtx11extras-devel", "p-cpe:/a:centos:centos:qt5-qtxmlpatterns", "p-cpe:/a:centos:centos:qt5-qtxmlpatterns-devel", "p-cpe:/a:centos:centos:qt5-qtxmlpatterns-examples", "p-cpe:/a:centos:centos:qt5-rpm-macros", "p-cpe:/a:centos:centos:qt5-srpm-macros", "p-cpe:/a:centos:centos:sip"], "id": "CENTOS8_RHSA-2020-1665.NASL", "href": "https://www.tenable.com/plugins/nessus/145955", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2020:1665. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(145955);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/10\");\n\n script_cve_id(\"CVE-2018-19869\", \"CVE-2018-19871\", \"CVE-2018-19872\");\n script_bugtraq_id(106338);\n script_xref(name:\"RHSA\", value:\"2020:1665\");\n\n script_name(english:\"CentOS 8 : qt5 (CESA-2020:1665)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2020:1665 advisory.\n\n - qt5-qtsvg: Invalid parsing of malformed url reference resulting in a denial of service (CVE-2018-19869)\n\n - qt5-qtimageformats: QTgaFile CPU exhaustion (CVE-2018-19871)\n\n - qt: Malformed PPM image causing division by zero and crash in qppmhandler.cpp (CVE-2018-19872)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:1665\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-19872\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2018-19871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-qt5-rpm-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python3-pyqt5-sip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python3-qt5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python3-qt5-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python3-qt5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python3-sip-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qgnomeplatform\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qt3d\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qt3d-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qt3d-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtbase-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtbase-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtbase-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtbase-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtbase-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtbase-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtbase-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtbase-private-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtbase-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtcanvas3d\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtcanvas3d-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtconnectivity\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtconnectivity-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtconnectivity-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtdeclarative\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtdeclarative-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtdeclarative-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtdeclarative-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtgraphicaleffects\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtimageformats\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtlocation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtlocation-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtlocation-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtmultimedia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtmultimedia-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtmultimedia-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtquickcontrols\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtquickcontrols-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtquickcontrols2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtquickcontrols2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtquickcontrols2-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtscript-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtscript-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtsensors\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtsensors-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtsensors-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtserialbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtserialbus-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtserialport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtserialport-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtserialport-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtsvg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtsvg-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtsvg-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qttranslations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtwayland\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtwayland-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtwayland-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtwebchannel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtwebchannel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtwebchannel-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtwebsockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtwebsockets-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtwebsockets-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtx11extras\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtx11extras-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtxmlpatterns\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtxmlpatterns-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtxmlpatterns-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-rpm-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-srpm-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:sip\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nos_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >< release) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS Stream ' + os_ver);\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\npkgs = [\n {'reference':'python-qt5-rpm-macros-5.13.1-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-qt5-rpm-macros-5.13.1-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-pyqt5-sip-4.19.19-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-pyqt5-sip-4.19.19-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-qt5-5.13.1-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-qt5-5.13.1-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-qt5-base-5.13.1-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-qt5-base-5.13.1-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-qt5-devel-5.13.1-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-qt5-devel-5.13.1-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-sip-devel-4.19.19-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-sip-devel-4.19.19-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qgnomeplatform-0.4-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qgnomeplatform-0.4-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-devel-5.12.5-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-devel-5.12.5-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qt3d-5.12.5-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qt3d-5.12.5-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qt3d-devel-5.12.5-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qt3d-devel-5.12.5-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qt3d-examples-5.12.5-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qt3d-examples-5.12.5-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-5.12.5-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-5.12.5-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-common-5.12.5-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-common-5.12.5-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-devel-5.12.5-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-devel-5.12.5-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-examples-5.12.5-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-examples-5.12.5-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-gui-5.12.5-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-gui-5.12.5-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-mysql-5.12.5-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-mysql-5.12.5-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-odbc-5.12.5-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-odbc-5.12.5-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-postgresql-5.12.5-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-postgresql-5.12.5-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-private-devel-5.12.5-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-private-devel-5.12.5-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-static-5.12.5-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-static-5.12.5-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtcanvas3d-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtcanvas3d-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtcanvas3d-examples-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtcanvas3d-examples-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtconnectivity-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtconnectivity-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtconnectivity-devel-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtconnectivity-devel-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtconnectivity-examples-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtconnectivity-examples-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-devel-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-devel-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-examples-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-examples-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-static-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-static-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdoc-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdoc-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtgraphicaleffects-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtgraphicaleffects-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtimageformats-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtimageformats-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtlocation-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtlocation-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtlocation-devel-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtlocation-devel-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtlocation-examples-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtlocation-examples-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtmultimedia-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtmultimedia-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtmultimedia-devel-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtmultimedia-devel-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtmultimedia-examples-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtmultimedia-examples-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols-examples-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols-examples-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols2-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols2-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols2-devel-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols2-devel-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols2-examples-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols2-examples-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtscript-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtscript-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtscript-devel-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtscript-devel-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtscript-examples-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtscript-examples-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsensors-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsensors-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsensors-devel-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsensors-devel-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsensors-examples-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsensors-examples-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialbus-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialbus-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialbus-examples-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialbus-examples-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialport-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialport-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialport-devel-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialport-devel-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialport-examples-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialport-examples-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsvg-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsvg-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsvg-devel-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsvg-devel-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsvg-examples-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsvg-examples-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttranslations-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttranslations-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwayland-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwayland-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwayland-devel-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwayland-devel-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwayland-examples-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwayland-examples-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebchannel-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebchannel-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebchannel-devel-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebchannel-devel-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebchannel-examples-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebchannel-examples-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebsockets-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebsockets-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebsockets-devel-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebsockets-devel-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebsockets-examples-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebsockets-examples-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtx11extras-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtx11extras-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtx11extras-devel-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtx11extras-devel-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtxmlpatterns-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtxmlpatterns-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtxmlpatterns-devel-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtxmlpatterns-devel-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtxmlpatterns-examples-5.12.5-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtxmlpatterns-examples-5.12.5-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-rpm-macros-5.12.5-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-rpm-macros-5.12.5-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-srpm-macros-5.12.5-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-srpm-macros-5.12.5-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sip-4.19.19-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sip-4.19.19-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python-qt5-rpm-macros / python3-pyqt5-sip / python3-qt5 / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-26T14:19:08", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1665 advisory.\n\n - qt5-qtsvg: Invalid parsing of malformed url reference resulting in a denial of service (CVE-2018-19869)\n\n - qt5-qtimageformats: QTgaFile CPU exhaustion (CVE-2018-19871)\n\n - qt: Malformed PPM image causing division by zero and crash in qppmhandler.cpp (CVE-2018-19872)\n\n - qt5-qtbase: Out-of-bounds access in generateDirectionalRuns() function in qtextengine.cpp (CVE-2019-18281)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-04-29T00:00:00", "type": "nessus", "title": "RHEL 8 : qt5 (RHSA-2020:1665)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19869", "CVE-2018-19871", "CVE-2018-19872", "CVE-2019-18281"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.2", "cpe:/o:redhat:rhel_aus:8.4", "cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.2", "cpe:/o:redhat:rhel_e4s:8.4", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.2", "cpe:/o:redhat:rhel_eus:8.4", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.2", "cpe:/o:redhat:rhel_tus:8.4", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:python-qt5-rpm-macros", "p-cpe:/a:redhat:enterprise_linux:python3-pyqt5-sip", "p-cpe:/a:redhat:enterprise_linux:python3-qt5", "p-cpe:/a:redhat:enterprise_linux:python3-qt5-base", "p-cpe:/a:redhat:enterprise_linux:python3-qt5-devel", "p-cpe:/a:redhat:enterprise_linux:python3-sip-devel", "p-cpe:/a:redhat:enterprise_linux:qgnomeplatform", "p-cpe:/a:redhat:enterprise_linux:qt5-assistant", "p-cpe:/a:redhat:enterprise_linux:qt5-designer", "p-cpe:/a:redhat:enterprise_linux:qt5-devel", "p-cpe:/a:redhat:enterprise_linux:qt5-doctools", "p-cpe:/a:redhat:enterprise_linux:qt5-linguist", "p-cpe:/a:redhat:enterprise_linux:qt5-qdbusviewer", "p-cpe:/a:redhat:enterprise_linux:qt5-qt3d", "p-cpe:/a:redhat:enterprise_linux:qt5-qt3d-devel", "p-cpe:/a:redhat:enterprise_linux:qt5-qt3d-examples", "p-cpe:/a:redhat:enterprise_linux:qt5-qtbase", "p-cpe:/a:redhat:enterprise_linux:qt5-qtbase-common", "p-cpe:/a:redhat:enterprise_linux:qt5-qtlocation", "p-cpe:/a:redhat:enterprise_linux:qt5-qtlocation-devel", "p-cpe:/a:redhat:enterprise_linux:qt5-qtlocation-examples", "p-cpe:/a:redhat:enterprise_linux:qt5-qtmultimedia", "p-cpe:/a:redhat:enterprise_linux:qt5-qtmultimedia-devel", "p-cpe:/a:redhat:enterprise_linux:qt5-qtmultimedia-examples", "p-cpe:/a:redhat:enterprise_linux:qt5-qtquickcontrols", "p-cpe:/a:redhat:enterprise_linux:qt5-qtquickcontrols-examples", "p-cpe:/a:redhat:enterprise_linux:qt5-qtquickcontrols2", "p-cpe:/a:redhat:enterprise_linux:qt5-qtquickcontrols2-devel", "p-cpe:/a:redhat:enterprise_linux:qt5-qtquickcontrols2-examples", "p-cpe:/a:redhat:enterprise_linux:qt5-qtscript", "p-cpe:/a:redhat:enterprise_linux:qt5-qtsvg-examples", "p-cpe:/a:redhat:enterprise_linux:qt5-qttools", "p-cpe:/a:redhat:enterprise_linux:qt5-qttools-common", "p-cpe:/a:redhat:enterprise_linux:qt5-qttools-devel", "p-cpe:/a:redhat:enterprise_linux:qt5-qttools-examples", "p-cpe:/a:redhat:enterprise_linux:qt5-qttools-libs-designer", "p-cpe:/a:redhat:enterprise_linux:qt5-qttools-libs-designercomponents", "p-cpe:/a:redhat:enterprise_linux:qt5-qttools-libs-help", "p-cpe:/a:redhat:enterprise_linux:qt5-qttools-static", "p-cpe:/a:redhat:enterprise_linux:qt5-qttranslations", "p-cpe:/a:redhat:enterprise_linux:qt5-qtwayland", "p-cpe:/a:redhat:enterprise_linux:qt5-qtwayland-devel", "p-cpe:/a:redhat:enterprise_linux:qt5-qtwayland-examples", "p-cpe:/a:redhat:enterprise_linux:qt5-qtwebchannel", "p-cpe:/a:redhat:enterprise_linux:qt5-qtwebchannel-devel", "p-cpe:/a:redhat:enterprise_linux:qt5-qtwebchannel-examples", "p-cpe:/a:redhat:enterprise_linux:qt5-qtwebsockets", "p-cpe:/a:redhat:enterprise_linux:qt5-qtbase-devel", "p-cpe:/a:redhat:enterprise_linux:qt5-qtbase-examples", "p-cpe:/a:redhat:enterprise_linux:qt5-qtbase-gui", "p-cpe:/a:redhat:enterprise_linux:qt5-qtbase-mysql", "p-cpe:/a:redhat:enterprise_linux:qt5-qtbase-odbc", "p-cpe:/a:redhat:enterprise_linux:qt5-qtbase-postgresql", "p-cpe:/a:redhat:enterprise_linux:qt5-qtbase-private-devel", "p-cpe:/a:redhat:enterprise_linux:qt5-qtbase-static", "p-cpe:/a:redhat:enterprise_linux:qt5-qtcanvas3d", "p-cpe:/a:redhat:enterprise_linux:qt5-qtcanvas3d-examples", "p-cpe:/a:redhat:enterprise_linux:qt5-qtconnectivity", "p-cpe:/a:redhat:enterprise_linux:qt5-qtconnectivity-devel", "p-cpe:/a:redhat:enterprise_linux:qt5-qtconnectivity-examples", "p-cpe:/a:redhat:enterprise_linux:qt5-qtdeclarative", "p-cpe:/a:redhat:enterprise_linux:qt5-qtdeclarative-devel", "p-cpe:/a:redhat:enterprise_linux:qt5-qtdeclarative-examples", "p-cpe:/a:redhat:enterprise_linux:qt5-qtdeclarative-static", "p-cpe:/a:redhat:enterprise_linux:qt5-qtdoc", "p-cpe:/a:redhat:enterprise_linux:qt5-qtgraphicaleffects", "p-cpe:/a:redhat:enterprise_linux:qt5-qtimageformats", "p-cpe:/a:redhat:enterprise_linux:qt5-qtscript-devel", "p-cpe:/a:redhat:enterprise_linux:qt5-qtscript-examples", "p-cpe:/a:redhat:enterprise_linux:qt5-qtsensors", "p-cpe:/a:redhat:enterprise_linux:qt5-qtsensors-devel", "p-cpe:/a:redhat:enterprise_linux:qt5-qtsensors-examples", "p-cpe:/a:redhat:enterprise_linux:qt5-qtserialbus", "p-cpe:/a:redhat:enterprise_linux:qt5-qtserialbus-examples", "p-cpe:/a:redhat:enterprise_linux:qt5-qtserialport", "p-cpe:/a:redhat:enterprise_linux:qt5-qtserialport-devel", "p-cpe:/a:redhat:enterprise_linux:qt5-qtserialport-examples", "p-cpe:/a:redhat:enterprise_linux:qt5-qtsvg", "p-cpe:/a:redhat:enterprise_linux:qt5-qtsvg-devel", "p-cpe:/a:redhat:enterprise_linux:qt5-qtwebsockets-devel", "p-cpe:/a:redhat:enterprise_linux:qt5-qtwebsockets-examples", "p-cpe:/a:redhat:enterprise_linux:qt5-qtx11extras", "p-cpe:/a:redhat:enterprise_linux:qt5-qtx11extras-devel", "p-cpe:/a:redhat:enterprise_linux:qt5-qtxmlpatterns", "p-cpe:/a:redhat:enterprise_linux:qt5-qtxmlpatterns-devel", "p-cpe:/a:redhat:enterprise_linux:qt5-qtxmlpatterns-examples", "p-cpe:/a:redhat:enterprise_linux:qt5-rpm-macros", "p-cpe:/a:redhat:enterprise_linux:qt5-srpm-macros", "p-cpe:/a:redhat:enterprise_linux:sip"], "id": "REDHAT-RHSA-2020-1665.NASL", "href": "https://www.tenable.com/plugins/nessus/136117", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:1665. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136117);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\"CVE-2018-19869\", \"CVE-2018-19871\", \"CVE-2018-19872\");\n script_bugtraq_id(106338);\n script_xref(name:\"RHSA\", value:\"2020:1665\");\n\n script_name(english:\"RHEL 8 : qt5 (RHSA-2020:1665)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:1665 advisory.\n\n - qt5-qtsvg: Invalid parsing of malformed url reference resulting in a denial of service (CVE-2018-19869)\n\n - qt5-qtimageformats: QTgaFile CPU exhaustion (CVE-2018-19871)\n\n - qt: Malformed PPM image causing division by zero and crash in qppmhandler.cpp (CVE-2018-19872)\n\n - qt5-qtbase: Out-of-bounds access in generateDirectionalRuns() function in qtextengine.cpp (CVE-2019-18281)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-19869\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-19871\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-19872\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-18281\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:1665\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1661460\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1661465\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1691636\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1764742\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-19872\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2018-19871\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 119, 369, 400);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-qt5-rpm-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-pyqt5-sip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-qt5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-qt5-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-qt5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-sip-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qgnomeplatform\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-assistant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-designer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-doctools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-linguist\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qdbusviewer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qt3d\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qt3d-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qt3d-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtbase-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtbase-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtbase-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtbase-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtbase-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtbase-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtbase-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtbase-private-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtbase-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtcanvas3d\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtcanvas3d-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtconnectivity\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtconnectivity-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtconnectivity-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtdeclarative\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtdeclarative-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtdeclarative-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtdeclarative-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtgraphicaleffects\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtimageformats\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtlocation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtlocation-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtlocation-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtmultimedia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtmultimedia-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtmultimedia-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtquickcontrols\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtquickcontrols-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtquickcontrols2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtquickcontrols2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtquickcontrols2-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtscript-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtscript-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtsensors\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtsensors-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtsensors-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtserialbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtserialbus-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtserialport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtserialport-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtserialport-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtsvg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtsvg-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtsvg-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qttools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qttools-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qttools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qttools-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qttools-libs-designer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qttools-libs-designercomponents\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qttools-libs-help\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qttools-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qttranslations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtwayland\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtwayland-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtwayland-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtwebchannel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtwebchannel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtwebchannel-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtwebsockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtwebsockets-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtwebsockets-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtx11extras\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtx11extras-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtxmlpatterns\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtxmlpatterns-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtxmlpatterns-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-rpm-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-srpm-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sip\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.2/x86_64/appstream/debug',\n 'content/aus/rhel8/8.2/x86_64/appstream/os',\n 'content/aus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.2/x86_64/baseos/debug',\n 'content/aus/rhel8/8.2/x86_64/baseos/os',\n 'content/aus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.2/ppc64le/sap/os',\n 'content/e4s/rhel8/8.2/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.2/x86_64/appstream/os',\n 'content/e4s/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.2/x86_64/baseos/os',\n 'content/e4s/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/sap/debug',\n 'content/e4s/rhel8/8.2/x86_64/sap/os',\n 'content/e4s/rhel8/8.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/appstream/debug',\n 'content/eus/rhel8/8.2/aarch64/appstream/os',\n 'content/eus/rhel8/8.2/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/baseos/debug',\n 'content/eus/rhel8/8.2/aarch64/baseos/os',\n 'content/eus/rhel8/8.2/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.2/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.2/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.2/aarch64/highavailability/os',\n 'content/eus/rhel8/8.2/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.2/aarch64/supplementary/os',\n 'content/eus/rhel8/8.2/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.2/ppc64le/appstream/os',\n 'content/eus/rhel8/8.2/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.2/ppc64le/baseos/os',\n 'content/eus/rhel8/8.2/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/sap/debug',\n 'content/eus/rhel8/8.2/ppc64le/sap/os',\n 'content/eus/rhel8/8.2/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/appstream/debug',\n 'content/eus/rhel8/8.2/x86_64/appstream/os',\n 'content/eus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/baseos/debug',\n 'content/eus/rhel8/8.2/x86_64/baseos/os',\n 'content/eus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.2/x86_64/highavailability/os',\n 'content/eus/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/sap/debug',\n 'content/eus/rhel8/8.2/x86_64/sap/os',\n 'content/eus/rhel8/8.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.2/x86_64/supplementary/os',\n 'content/eus/rhel8/8.2/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/appstream/debug',\n 'content/tus/rhel8/8.2/x86_64/appstream/os',\n 'content/tus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/baseos/debug',\n 'content/tus/rhel8/8.2/x86_64/baseos/os',\n 'content/tus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.2/x86_64/highavailability/os',\n 'content/tus/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/nfv/debug',\n 'content/tus/rhel8/8.2/x86_64/nfv/os',\n 'content/tus/rhel8/8.2/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/rt/debug',\n 'content/tus/rhel8/8.2/x86_64/rt/os',\n 'content/tus/rhel8/8.2/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'python-qt5-rpm-macros-5.13.1-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-pyqt5-sip-4.19.19-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-qt5-5.13.1-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-qt5-base-5.13.1-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-qt5-devel-5.13.1-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-sip-devel-4.19.19-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qgnomeplatform-0.4-3.el8', 'sp':'2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qgnomeplatform-0.4-3.el8', 'sp':'2', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qgnomeplatform-0.4-3.el8', 'sp':'2', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qgnomeplatform-0.4-3.el8', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-assistant-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-designer-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-devel-5.12.5-3.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-doctools-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-linguist-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qdbusviewer-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qt3d-5.12.5-2.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qt3d-devel-5.12.5-2.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qt3d-examples-5.12.5-2.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-5.12.5-4.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-common-5.12.5-4.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-devel-5.12.5-4.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-examples-5.12.5-4.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-gui-5.12.5-4.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-mysql-5.12.5-4.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-odbc-5.12.5-4.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-postgresql-5.12.5-4.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-private-devel-5.12.5-4.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-static-5.12.5-4.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtcanvas3d-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtcanvas3d-examples-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtconnectivity-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtconnectivity-devel-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtconnectivity-examples-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-devel-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-examples-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-static-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdoc-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtgraphicaleffects-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtimageformats-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtlocation-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtlocation-devel-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtlocation-examples-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtmultimedia-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtmultimedia-devel-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtmultimedia-examples-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols-examples-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols2-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols2-devel-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols2-examples-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtscript-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtscript-devel-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtscript-examples-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsensors-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsensors-devel-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsensors-examples-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialbus-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialbus-examples-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialport-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialport-devel-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialport-examples-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsvg-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsvg-devel-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsvg-examples-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-common-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-devel-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-examples-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-libs-designer-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-libs-designercomponents-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-libs-help-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-static-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttranslations-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwayland-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwayland-devel-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwayland-examples-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebchannel-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebchannel-devel-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebchannel-examples-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebsockets-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebsockets-devel-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebsockets-examples-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtx11extras-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtx11extras-devel-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtxmlpatterns-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtxmlpatterns-devel-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtxmlpatterns-examples-5.12.5-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-rpm-macros-5.12.5-3.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-srpm-macros-5.12.5-3.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sip-4.19.19-1.el8', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.4/x86_64/appstream/debug',\n 'content/aus/rhel8/8.4/x86_64/appstream/os',\n 'content/aus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.4/x86_64/baseos/debug',\n 'content/aus/rhel8/8.4/x86_64/baseos/os',\n 'content/aus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.4/ppc64le/sap/os',\n 'content/e4s/rhel8/8.4/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.4/x86_64/appstream/os',\n 'content/e4s/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.4/x86_64/baseos/os',\n 'content/e4s/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap/os',\n 'content/e4s/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/appstream/debug',\n 'content/eus/rhel8/8.4/aarch64/appstream/os',\n 'content/eus/rhel8/8.4/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/baseos/debug',\n 'content/eus/rhel8/8.4/aarch64/baseos/os',\n 'content/eus/rhel8/8.4/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.4/aarch64/highavailability/os',\n 'content/eus/rhel8/8.4/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.4/aarch64/supplementary/os',\n 'content/eus/rhel8/8.4/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.4/ppc64le/appstream/os',\n 'content/eus/rhel8/8.4/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.4/ppc64le/baseos/os',\n 'content/eus/rhel8/8.4/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/sap/debug',\n 'content/eus/rhel8/8.4/ppc64le/sap/os',\n 'content/eus/rhel8/8.4/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/appstream/debug',\n 'content/eus/rhel8/8.4/x86_64/appstream/os',\n 'content/eus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/baseos/debug',\n 'content/eus/rhel8/8.4/x86_64/baseos/os',\n 'content/eus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.4/x86_64/highavailability/os',\n 'content/eus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap/debug',\n 'content/eus/rhel8/8.4/x86_64/sap/os',\n 'content/eus/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.4/x86_64/supplementary/os',\n 'content/eus/rhel8/8.4/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/appstream/debug',\n 'content/tus/rhel8/8.4/x86_64/appstream/os',\n 'content/tus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/baseos/debug',\n 'content/tus/rhel8/8.4/x86_64/baseos/os',\n 'content/tus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.4/x86_64/highavailability/os',\n 'content/tus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/nfv/debug',\n 'content/tus/rhel8/8.4/x86_64/nfv/os',\n 'content/tus/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/rt/debug',\n 'content/tus/rhel8/8.4/x86_64/rt/os',\n 'content/tus/rhel8/8.4/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'python-qt5-rpm-macros-5.13.1-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-pyqt5-sip-4.19.19-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-qt5-5.13.1-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-qt5-base-5.13.1-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-qt5-devel-5.13.1-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-sip-devel-4.19.19-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qgnomeplatform-0.4-3.el8', 'sp':'4', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qgnomeplatform-0.4-3.el8', 'sp':'4', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qgnomeplatform-0.4-3.el8', 'sp':'4', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qgnomeplatform-0.4-3.el8', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-assistant-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-designer-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-devel-5.12.5-3.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-doctools-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-linguist-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qdbusviewer-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qt3d-5.12.5-2.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qt3d-devel-5.12.5-2.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qt3d-examples-5.12.5-2.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-5.12.5-4.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-common-5.12.5-4.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-devel-5.12.5-4.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-examples-5.12.5-4.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-gui-5.12.5-4.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-mysql-5.12.5-4.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-odbc-5.12.5-4.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-postgresql-5.12.5-4.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-private-devel-5.12.5-4.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-static-5.12.5-4.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtcanvas3d-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtcanvas3d-examples-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtconnectivity-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtconnectivity-devel-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtconnectivity-examples-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-devel-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-examples-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-static-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdoc-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtgraphicaleffects-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtimageformats-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtlocation-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtlocation-devel-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtlocation-examples-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtmultimedia-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtmultimedia-devel-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtmultimedia-examples-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols-examples-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols2-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols2-devel-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols2-examples-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtscript-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtscript-devel-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtscript-examples-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsensors-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsensors-devel-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsensors-examples-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialbus-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialbus-examples-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialport-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialport-devel-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialport-examples-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsvg-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsvg-devel-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsvg-examples-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-common-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-devel-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-examples-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-libs-designer-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-libs-designercomponents-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-libs-help-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-static-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttranslations-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwayland-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwayland-devel-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwayland-examples-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebchannel-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebchannel-devel-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebchannel-examples-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebsockets-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebsockets-devel-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebsockets-examples-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtx11extras-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtx11extras-devel-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtxmlpatterns-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtxmlpatterns-devel-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtxmlpatterns-examples-5.12.5-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-rpm-macros-5.12.5-3.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-srpm-macros-5.12.5-3.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sip-4.19.19-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/appstream/debug',\n 'content/eus/rhel8/8.6/aarch64/appstream/os',\n 'content/eus/rhel8/8.6/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/baseos/debug',\n 'content/eus/rhel8/8.6/aarch64/baseos/os',\n 'content/eus/rhel8/8.6/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.6/aarch64/highavailability/os',\n 'content/eus/rhel8/8.6/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.6/aarch64/supplementary/os',\n 'content/eus/rhel8/8.6/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.6/ppc64le/appstream/os',\n 'content/eus/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.6/ppc64le/baseos/os',\n 'content/eus/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap/os',\n 'content/eus/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'python-qt5-rpm-macros-5.13.1-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-pyqt5-sip-4.19.19-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-qt5-5.13.1-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-qt5-base-5.13.1-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-qt5-devel-5.13.1-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-sip-devel-4.19.19-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qgnomeplatform-0.4-3.el8', 'sp':'6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qgnomeplatform-0.4-3.el8', 'sp':'6', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qgnomeplatform-0.4-3.el8', 'sp':'6', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qgnomeplatform-0.4-3.el8', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-assistant-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-designer-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-devel-5.12.5-3.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-doctools-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-linguist-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qdbusviewer-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qt3d-5.12.5-2.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qt3d-devel-5.12.5-2.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qt3d-examples-5.12.5-2.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-5.12.5-4.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-common-5.12.5-4.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-devel-5.12.5-4.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-examples-5.12.5-4.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-gui-5.12.5-4.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-mysql-5.12.5-4.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-odbc-5.12.5-4.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-postgresql-5.12.5-4.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-private-devel-5.12.5-4.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-static-5.12.5-4.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtcanvas3d-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtcanvas3d-examples-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtconnectivity-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtconnectivity-devel-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtconnectivity-examples-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-devel-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-examples-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-static-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdoc-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtgraphicaleffects-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtimageformats-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtlocation-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtlocation-devel-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtlocation-examples-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtmultimedia-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtmultimedia-devel-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtmultimedia-examples-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols-examples-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols2-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols2-devel-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols2-examples-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtscript-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtscript-devel-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtscript-examples-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsensors-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsensors-devel-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsensors-examples-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialbus-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialbus-examples-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialport-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialport-devel-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialport-examples-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsvg-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsvg-devel-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsvg-examples-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-common-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-devel-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-examples-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-libs-designer-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-libs-designercomponents-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-libs-help-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-static-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttranslations-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwayland-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwayland-devel-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwayland-examples-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebchannel-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebchannel-devel-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebchannel-examples-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebsockets-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebsockets-devel-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebsockets-examples-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtx11extras-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtx11extras-devel-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtxmlpatterns-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtxmlpatterns-devel-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtxmlpatterns-examples-5.12.5-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-rpm-macros-5.12.5-3.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-srpm-macros-5.12.5-3.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sip-4.19.19-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/aarch64/appstream/debug',\n 'content/dist/rhel8/8/aarch64/appstream/os',\n 'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/baseos/debug',\n 'content/dist/rhel8/8/aarch64/baseos/os',\n 'content/dist/rhel8/8/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/codeready-builder/debug',\n 'content/dist/rhel8/8/aarch64/codeready-builder/os',\n 'content/dist/rhel8/8/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/highavailability/debug',\n 'content/dist/rhel8/8/aarch64/highavailability/os',\n 'content/dist/rhel8/8/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/supplementary/debug',\n 'content/dist/rhel8/8/aarch64/supplementary/os',\n 'content/dist/rhel8/8/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/appstream/debug',\n 'content/dist/rhel8/8/ppc64le/appstream/os',\n 'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/baseos/debug',\n 'content/dist/rhel8/8/ppc64le/baseos/os',\n 'content/dist/rhel8/8/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/debug',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/os',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/highavailability/debug',\n 'content/dist/rhel8/8/ppc64le/highavailability/os',\n 'content/dist/rhel8/8/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/debug',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/os',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/debug',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/os',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap/debug',\n 'content/dist/rhel8/8/ppc64le/sap/os',\n 'content/dist/rhel8/8/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/supplementary/debug',\n 'content/dist/rhel8/8/ppc64le/supplementary/os',\n 'content/dist/rhel8/8/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'python-qt5-rpm-macros-5.13.1-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-pyqt5-sip-4.19.19-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-qt5-5.13.1-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-qt5-base-5.13.1-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-qt5-devel-5.13.1-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-sip-devel-4.19.19-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qgnomeplatform-0.4-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qgnomeplatform-0.4-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qgnomeplatform-0.4-3.el8', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qgnomeplatform-0.4-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-assistant-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-designer-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-devel-5.12.5-3.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-doctools-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-linguist-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qdbusviewer-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qt3d-5.12.5-2.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qt3d-devel-5.12.5-2.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qt3d-examples-5.12.5-2.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-5.12.5-4.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-common-5.12.5-4.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-devel-5.12.5-4.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-examples-5.12.5-4.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-gui-5.12.5-4.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-mysql-5.12.5-4.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-odbc-5.12.5-4.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-postgresql-5.12.5-4.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-private-devel-5.12.5-4.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-static-5.12.5-4.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtcanvas3d-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtcanvas3d-examples-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtconnectivity-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtconnectivity-devel-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtconnectivity-examples-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-devel-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-examples-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-static-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdoc-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtgraphicaleffects-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtimageformats-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtlocation-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtlocation-devel-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtlocation-examples-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtmultimedia-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtmultimedia-devel-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtmultimedia-examples-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols-examples-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols2-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols2-devel-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols2-examples-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtscript-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtscript-devel-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtscript-examples-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsensors-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsensors-devel-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsensors-examples-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialbus-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialbus-examples-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialport-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialport-devel-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialport-examples-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsvg-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsvg-devel-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsvg-examples-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-common-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-devel-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-examples-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-libs-designer-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-libs-designercomponents-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-libs-help-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-static-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttranslations-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwayland-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwayland-devel-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwayland-examples-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebchannel-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebchannel-devel-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebchannel-examples-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebsockets-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebsockets-devel-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebsockets-examples-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtx11extras-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtx11extras-devel-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtxmlpatterns-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtxmlpatterns-devel-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtxmlpatterns-examples-5.12.5-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-rpm-macros-5.12.5-3.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-srpm-macros-5.12.5-3.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sip-4.19.19-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python-qt5-rpm-macros / python3-pyqt5-sip / python3-qt5 / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:28:16", "description": "An update is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nQt is a software toolkit for developing applications. The qt5-base packages contain base tools for string, xml, and network handling in Qt.\n\nThe following packages have been upgraded to a later upstream version:\nqt5-qt3d (5.9.7), qt5-qtbase (5.9.7), qt5-qtcanvas3d (5.9.7), qt5-qtconnectivity (5.9.7), qt5-qtdeclarative (5.9.7), qt5-qtdoc (5.9.7), qt5-qtgraphicaleffects (5.9.7), qt5-qtimageformats (5.9.7), qt5-qtlocation (5.9.7), qt5-qtmultimedia (5.9.7), qt5-qtquickcontrols (5.9.7), qt5-qtquickcontrols2 (5.9.7), qt5-qtscript (5.9.7), qt5-qtsensors (5.9.7), qt5-qtserialbus (5.9.7), qt5-qtserialport (5.9.7), qt5-qtsvg (5.9.7), qt5-qttools (5.9.7), qt5-qttranslations (5.9.7), qt5-qtwayland (5.9.7), qt5-qtwebchannel (5.9.7), qt5-qtwebsockets (5.9.7), qt5-qtx11extras (5.9.7), qt5-qtxmlpatterns (5.9.7). (BZ#1564000, BZ#1564001, BZ#1564002, BZ#1564003, BZ#1564004, BZ#1564006, BZ# 1564007, BZ#1564008, BZ#1564009, BZ#1564010, BZ#1564011, BZ#1564012, BZ# 1564013, BZ#1564014, BZ#1564015, BZ#1564016, BZ#1564017, BZ#1564018, BZ# 1564019, BZ#1564020, BZ#1564021, BZ#1564022, BZ#1564023, BZ#1564024)\n\nSecurity Fix(es) :\n\n* qt5-qtbase: Double free in QXmlStreamReader (CVE-2018-15518)\n\n* qt5-qtsvg: Invalid parsing of malformed url reference resulting in a denial of service (CVE-2018-19869)\n\n* qt5-qtbase: QImage allocation failure in qgifhandler (CVE-2018-19870)\n\n* qt5-qtimageformats: QTgaFile CPU exhaustion (CVE-2018-19871)\n\n* qt5-qtbase: QBmpHandler segmentation fault on malformed BMP file (CVE-2018-19873)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.", "cvss3": {}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "RHEL 7 : qt5 (RHSA-2019:2135)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15518", "CVE-2018-19869", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19873"], "modified": "2020-01-06T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:qt5-qtgraphicaleffects-doc", "p-cpe:/a:redhat:enterprise_linux:qt5-assistant", "p-cpe:/a:redhat:enterprise_linux:qt5-qtimageformats", "p-cpe:/a:redhat:enterprise_linux:qt5-designer", "p-cpe:/a:redhat:enterprise_linux:qt5-doctools", "p-cpe:/a:redhat:enterprise_linux:qt5-qtimageformats-debuginfo", "p-cpe:/a:redhat:enterprise_linux:qt5-linguist", "p-cpe:/a:redhat:enterprise_linux:qt5-qtimageformats-doc", "p-cpe:/a:redhat:enterprise_linux:qt5-qdbusviewer", "p-cpe:/a:redhat:enterprise_linux:qt5-qt3d", "p-cpe:/a:redhat:enterprise_linux:qt5-qtlocation", "p-cpe:/a:redhat:enterprise_linux:qt5-qtlocation-debuginfo", "p-cpe:/a:redhat:enterprise_linux:qt5-qt3d-debuginfo", "p-cpe:/a:redhat:enterprise_linux:qt5-qtlocation-devel", "p-cpe:/a:redhat:enterprise_linux:qt5-qt3d-devel", "p-cpe:/a:redhat:enterprise_linux:qt5-qt3d-doc", "p-cpe:/a:redhat:enterprise_linux:qt5-qtlocation-doc", "p-cpe:/a:redhat:enterprise_linux:qt5-qt3d-examples", "p-cpe:/a:redhat:enterprise_linux:qt5-qtlocation-examples", "p-cpe:/a:redhat:enterprise_linux:qt5-qtbase", "p-cpe:/a:redhat:enterprise_linux:qt5-qtbase-common", "p-cpe:/a:redhat:enterprise_linux:qt5-qtbase-debuginfo", "p-cpe:/a:redhat:enterprise_linux:qt5-qtbase-devel", "p-cpe:/a:redhat:enterprise_linux:qt5-qtbase-doc", "p-cpe:/a:redhat:enterprise_linux:qt5-qtbase-examples", "p-cpe:/a:redhat:enterprise_linux:qt5-qtbase-gui", "p-cpe:/a:redhat:enterprise_linux:qt5-qtbase-mysql", "p-cpe:/a:redhat:enterprise_linux:qt5-qtbase-odbc", "p-cpe:/a:redhat:enterprise_linux:qt5-qtbase-postgresql", "p-cpe:/a:redhat:enterprise_linux:qt5-qtbase-static", "p-cpe:/a:redhat:enterprise_linux:qt5-qtcanvas3d", "p-cpe:/a:redhat:enterprise_linux:qt5-qtcanvas3d-debuginfo", "p-cpe:/a:redhat:enterprise_linux:qt5-qtcanvas3d-doc", "p-cpe:/a:redhat:enterprise_linux:qt5-qtcanvas3d-examples", "p-cpe:/a:redhat:enterprise_linux:qt5-qtconnectivity", "p-cpe:/a:redhat:enterprise_linux:qt5-qtconnectivity-debuginfo", "p-cpe:/a:redhat:enterprise_linux:qt5-qtconnectivity-devel", "p-cpe:/a:redhat:enterprise_linux:qt5-qtconnectivity-doc", "p-cpe:/a:redhat:enterprise_linux:qt5-qtconnectivity-examples", "p-cpe:/a:redhat:enterprise_linux:qt5-qtdeclarative", "p-cpe:/a:redhat:enterprise_linux:qt5-qtdeclarative-debuginfo", "p-cpe:/a:redhat:enterprise_linux:qt5-qtdeclarative-devel", "p-cpe:/a:redhat:enterprise_linux:qt5-qtdeclarative-doc", "p-cpe:/a:redhat:enterprise_linux:qt5-qtdeclarative-examples", "p-cpe:/a:redhat:enterprise_linux:qt5-qtdeclarative-static", "p-cpe:/a:redhat:enterprise_linux:qt5-qtdoc", "p-cpe:/a:redhat:enterprise_linux:qt5-qtgraphicaleffects", "p-cpe:/a:redhat:enterprise_linux:qt5-qtgraphicaleffects-debuginfo", "p-cpe:/a:redhat:enterprise_linux:qt5-qtscript-examples", "p-cpe:/a:redhat:enterprise_linux:qt5-qtsensors", "p-cpe:/a:redhat:enterprise_linux:qt5-qtsensors-debuginfo", "p-cpe:/a:redhat:enterprise_linux:qt5-qtsensors-devel", "p-cpe:/a:redhat:enterprise_linux:qt5-qtsensors-doc", "p-cpe:/a:redhat:enterprise_linux:qt5-qtsensors-examples", "p-cpe:/a:redhat:enterprise_linux:qt5-qtserialbus", "p-cpe:/a:redhat:enterprise_linux:qt5-qtserialbus-debuginfo", "p-cpe:/a:redhat:enterprise_linux:qt5-qtserialbus-devel", "p-cpe:/a:redhat:enterprise_linux:qt5-qtserialbus-doc", "p-cpe:/a:redhat:enterprise_linux:qt5-qtserialbus-examples", "p-cpe:/a:redhat:enterprise_linux:qt5-qtserialport", "p-cpe:/a:redhat:enterprise_linux:qt5-qtserialport-debuginfo", "p-cpe:/a:redhat:enterprise_linux:qt5-qtserialport-devel", "p-cpe:/a:redhat:enterprise_linux:qt5-qtserialport-doc", "p-cpe:/a:redhat:enterprise_linux:qt5-qtserialport-examples", "p-cpe:/a:redhat:enterprise_linux:qt5-qtsvg", "p-cpe:/a:redhat:enterprise_linux:qt5-qtsvg-debuginfo", "p-cpe:/a:redhat:enterprise_linux:qt5-qtsvg-devel", "p-cpe:/a:redhat:enterprise_linux:qt5-qtsvg-doc", "p-cpe:/a:redhat:enterprise_linux:qt5-qtsvg-examples", "p-cpe:/a:redhat:enterprise_linux:qt5-qttools", "p-cpe:/a:redhat:enterprise_linux:qt5-qttools-common", "p-cpe:/a:redhat:enterprise_linux:qt5-qttools-debuginfo", "p-cpe:/a:redhat:enterprise_linux:qt5-qttools-devel", "p-cpe:/a:redhat:enterprise_linux:qt5-qttools-doc", "p-cpe:/a:redhat:enterprise_linux:qt5-qttools-examples", "p-cpe:/a:redhat:enterprise_linux:qt5-qttools-libs-designer", "p-cpe:/a:redhat:enterprise_linux:qt5-qttools-libs-designercomponents", "p-cpe:/a:redhat:enterprise_linux:qt5-qttools-libs-help", "p-cpe:/a:redhat:enterprise_linux:qt5-qttools-static", "p-cpe:/a:redhat:enterprise_linux:qt5-qttranslations", "p-cpe:/a:redhat:enterprise_linux:qt5-qtwayland", "p-cpe:/a:redhat:enterprise_linux:qt5-qtwayland-debuginfo", "p-cpe:/a:redhat:enterprise_linux:qt5-qtwayland-devel", "p-cpe:/a:redhat:enterprise_linux:qt5-qtwayland-doc", "p-cpe:/a:redhat:enterprise_linux:qt5-qtwayland-examples", "p-cpe:/a:redhat:enterprise_linux:qt5-qtwebchannel", "p-cpe:/a:redhat:enterprise_linux:qt5-qtwebchannel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:qt5-qtwebchannel-devel", "p-cpe:/a:redhat:enterprise_linux:qt5-qtwebchannel-doc", "p-cpe:/a:redhat:enterprise_linux:qt5-qtwebchannel-examples", "p-cpe:/a:redhat:enterprise_linux:qt5-qtwebsockets", "p-cpe:/a:redhat:enterprise_linux:qt5-qtwebsockets-debuginfo", "p-cpe:/a:redhat:enterprise_linux:qt5-qtwebsockets-devel", "p-cpe:/a:redhat:enterprise_linux:qt5-qtwebsockets-doc", "p-cpe:/a:redhat:enterprise_linux:qt5-qtwebsockets-examples", "p-cpe:/a:redhat:enterprise_linux:qt5-qtx11extras", "p-cpe:/a:redhat:enterprise_linux:qt5-qtx11extras-debuginfo", "p-cpe:/a:redhat:enterprise_linux:qt5-qtx11extras-devel", "p-cpe:/a:redhat:enterprise_linux:qt5-qtx11extras-doc", "p-cpe:/a:redhat:enterprise_linux:qt5-qtxmlpatterns", "p-cpe:/a:redhat:enterprise_linux:qt5-qtxmlpatterns-debuginfo", "p-cpe:/a:redhat:enterprise_linux:qt5-qtxmlpatterns-devel", "p-cpe:/a:redhat:enterprise_linux:qt5-qtxmlpatterns-doc", "p-cpe:/a:redhat:enterprise_linux:qt5-qtxmlpatterns-examples", "p-cpe:/a:redhat:enterprise_linux:qt5-rpm-macros", "cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:qt5-qtmultimedia", "p-cpe:/a:redhat:enterprise_linux:qt5-qtmultimedia-debuginfo", "p-cpe:/a:redhat:enterprise_linux:qt5-qtmultimedia-devel", "p-cpe:/a:redhat:enterprise_linux:qt5-qtmultimedia-doc", "p-cpe:/a:redhat:enterprise_linux:qt5-qtmultimedia-examples", "p-cpe:/a:redhat:enterprise_linux:qt5-qtquickcontrols", "p-cpe:/a:redhat:enterprise_linux:qt5-qtquickcontrols-debuginfo", "p-cpe:/a:redhat:enterprise_linux:qt5-qtquickcontrols-doc", "p-cpe:/a:redhat:enterprise_linux:qt5-qtquickcontrols-examples", "p-cpe:/a:redhat:enterprise_linux:qt5-qtquickcontrols2", "p-cpe:/a:redhat:enterprise_linux:qt5-qtquickcontrols2-debuginfo", "p-cpe:/a:redhat:enterprise_linux:qt5-qtquickcontrols2-devel", "p-cpe:/a:redhat:enterprise_linux:qt5-qtquickcontrols2-doc", "p-cpe:/a:redhat:enterprise_linux:qt5-qtquickcontrols2-examples", "p-cpe:/a:redhat:enterprise_linux:qt5-qtscript", "p-cpe:/a:redhat:enterprise_linux:qt5-qtscript-debuginfo", "p-cpe:/a:redhat:enterprise_linux:qt5-qtscript-devel", "p-cpe:/a:redhat:enterprise_linux:qt5-qtscript-doc"], "id": "REDHAT-RHSA-2019-2135.NASL", "href": "https://www.tenable.com/plugins/nessus/127679", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:2135. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127679);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2020/01/06\");\n\n script_cve_id(\"CVE-2018-15518\", \"CVE-2018-19869\", \"CVE-2018-19870\", \"CVE-2018-19871\", \"CVE-2018-19873\");\n script_xref(name:\"RHSA\", value:\"2019:2135\");\n\n script_name(english:\"RHEL 7 : qt5 (RHSA-2019:2135)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nQt is a software toolkit for developing applications. The qt5-base\npackages contain base tools for string, xml, and network handling in\nQt.\n\nThe following packages have been upgraded to a later upstream version:\nqt5-qt3d (5.9.7), qt5-qtbase (5.9.7), qt5-qtcanvas3d (5.9.7),\nqt5-qtconnectivity (5.9.7), qt5-qtdeclarative (5.9.7), qt5-qtdoc\n(5.9.7), qt5-qtgraphicaleffects (5.9.7), qt5-qtimageformats (5.9.7),\nqt5-qtlocation (5.9.7), qt5-qtmultimedia (5.9.7), qt5-qtquickcontrols\n(5.9.7), qt5-qtquickcontrols2 (5.9.7), qt5-qtscript (5.9.7),\nqt5-qtsensors (5.9.7), qt5-qtserialbus (5.9.7), qt5-qtserialport\n(5.9.7), qt5-qtsvg (5.9.7), qt5-qttools (5.9.7), qt5-qttranslations\n(5.9.7), qt5-qtwayland (5.9.7), qt5-qtwebchannel (5.9.7),\nqt5-qtwebsockets (5.9.7), qt5-qtx11extras (5.9.7), qt5-qtxmlpatterns\n(5.9.7). (BZ#1564000, BZ#1564001, BZ#1564002, BZ#1564003, BZ#1564004,\nBZ#1564006, BZ# 1564007, BZ#1564008, BZ#1564009, BZ#1564010,\nBZ#1564011, BZ#1564012, BZ# 1564013, BZ#1564014, BZ#1564015,\nBZ#1564016, BZ#1564017, BZ#1564018, BZ# 1564019, BZ#1564020,\nBZ#1564021, BZ#1564022, BZ#1564023, BZ#1564024)\n\nSecurity Fix(es) :\n\n* qt5-qtbase: Double free in QXmlStreamReader (CVE-2018-15518)\n\n* qt5-qtsvg: Invalid parsing of malformed url reference resulting in a\ndenial of service (CVE-2018-19869)\n\n* qt5-qtbase: QImage allocation failure in qgifhandler\n(CVE-2018-19870)\n\n* qt5-qtimageformats: QTgaFile CPU exhaustion (CVE-2018-19871)\n\n* qt5-qtbase: QBmpHandler segmentation fault on malformed BMP file\n(CVE-2018-19873)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.7 Release Notes linked from the References section.\"\n );\n # https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3395ff0b\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:2135\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-15518\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-19869\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-19870\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-19871\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-19873\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-assistant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-designer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-doctools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-linguist\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qdbusviewer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qt3d\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qt3d-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qt3d-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qt3d-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qt3d-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtbase-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtbase-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtbase-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtbase-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtbase-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtbase-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtbase-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtbase-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtbase-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtbase-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtcanvas3d\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtcanvas3d-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtcanvas3d-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtcanvas3d-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtconnectivity\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtconnectivity-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtconnectivity-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtconnectivity-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtconnectivity-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtdeclarative\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtdeclarative-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtdeclarative-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtdeclarative-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtdeclarative-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtdeclarative-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtgraphicaleffects\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtgraphicaleffects-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtgraphicaleffects-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtimageformats\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtimageformats-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtimageformats-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtlocation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtlocation-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtlocation-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtlocation-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtlocation-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtmultimedia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtmultimedia-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtmultimedia-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtmultimedia-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtmultimedia-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtquickcontrols\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtquickcontrols-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtquickcontrols-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtquickcontrols-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtquickcontrols2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtquickcontrols2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtquickcontrols2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtquickcontrols2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtquickcontrols2-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtscript-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtscript-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtscript-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtscript-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtsensors\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtsensors-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtsensors-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtsensors-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtsensors-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtserialbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtserialbus-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtserialbus-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtserialbus-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtserialbus-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtserialport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtserialport-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtserialport-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtserialport-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtserialport-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtsvg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtsvg-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtsvg-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtsvg-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtsvg-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qttools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qttools-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qttools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qttools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qttools-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qttools-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qttools-libs-designer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qttools-libs-designercomponents\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qttools-libs-help\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qttools-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qttranslations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtwayland\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtwayland-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtwayland-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtwayland-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtwayland-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtwebchannel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtwebchannel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtwebchannel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtwebchannel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtwebchannel-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtwebsockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtwebsockets-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtwebsockets-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtwebsockets-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtwebsockets-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtx11extras\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtx11extras-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtx11extras-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtx11extras-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtxmlpatterns\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtxmlpatterns-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtxmlpatterns-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtxmlpatterns-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-qtxmlpatterns-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt5-rpm-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:2135\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"qt5-assistant-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qt5-assistant-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-designer-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"qt5-doctools-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qt5-doctools-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"qt5-linguist-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qt5-linguist-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"qt5-qdbusviewer-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qt5-qdbusviewer-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qt3d-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qt3d-debuginfo-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qt3d-devel-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qt3d-doc-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"qt5-qt3d-examples-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qt5-qt3d-examples-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtbase-5.9.7-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtbase-common-5.9.7-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtbase-debuginfo-5.9.7-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtbase-devel-5.9.7-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"qt5-qtbase-doc-5.9.7-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qt5-qtbase-doc-5.9.7-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"qt5-qtbase-examples-5.9.7-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qt5-qtbase-examples-5.9.7-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtbase-gui-5.9.7-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtbase-mysql-5.9.7-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtbase-odbc-5.9.7-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtbase-postgresql-5.9.7-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtbase-static-5.9.7-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"qt5-qtcanvas3d-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qt5-qtcanvas3d-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"qt5-qtcanvas3d-debuginfo-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qt5-qtcanvas3d-debuginfo-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtcanvas3d-doc-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"qt5-qtcanvas3d-examples-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qt5-qtcanvas3d-examples-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtconnectivity-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtconnectivity-debuginfo-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtconnectivity-devel-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtconnectivity-doc-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"qt5-qtconnectivity-examples-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qt5-qtconnectivity-examples-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtdeclarative-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtdeclarative-debuginfo-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtdeclarative-devel-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"qt5-qtdeclarative-doc-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qt5-qtdeclarative-doc-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"qt5-qtdeclarative-examples-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qt5-qtdeclarative-examples-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtdeclarative-static-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtdoc-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtgraphicaleffects-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtgraphicaleffects-debuginfo-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtgraphicaleffects-doc-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtimageformats-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtimageformats-debuginfo-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtimageformats-doc-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtlocation-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtlocation-debuginfo-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtlocation-devel-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtlocation-doc-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"qt5-qtlocation-examples-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qt5-qtlocation-examples-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtmultimedia-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtmultimedia-debuginfo-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtmultimedia-devel-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtmultimedia-doc-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtmultimedia-examples-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"qt5-qtquickcontrols-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qt5-qtquickcontrols-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"qt5-qtquickcontrols-debuginfo-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qt5-qtquickcontrols-debuginfo-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtquickcontrols-doc-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"qt5-qtquickcontrols-examples-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qt5-qtquickcontrols-examples-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtquickcontrols2-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtquickcontrols2-debuginfo-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtquickcontrols2-devel-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"qt5-qtquickcontrols2-doc-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qt5-qtquickcontrols2-doc-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"qt5-qtquickcontrols2-examples-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qt5-qtquickcontrols2-examples-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtscript-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtscript-debuginfo-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtscript-devel-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtscript-doc-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"qt5-qtscript-examples-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qt5-qtscript-examples-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtsensors-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtsensors-debuginfo-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtsensors-devel-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtsensors-doc-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtsensors-examples-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtserialbus-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtserialbus-debuginfo-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtserialbus-devel-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtserialbus-doc-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"qt5-qtserialbus-examples-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qt5-qtserialbus-examples-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtserialport-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtserialport-debuginfo-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtserialport-devel-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtserialport-doc-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"qt5-qtserialport-examples-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qt5-qtserialport-examples-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtsvg-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtsvg-debuginfo-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtsvg-devel-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtsvg-doc-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"qt5-qtsvg-examples-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qt5-qtsvg-examples-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"qt5-qttools-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qt5-qttools-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qttools-common-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qttools-debuginfo-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qttools-devel-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qttools-doc-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"qt5-qttools-examples-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qt5-qttools-examples-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qttools-libs-designer-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qttools-libs-designercomponents-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qttools-libs-help-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qttools-static-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qttranslations-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"i686\", reference:\"qt5-qtwayland-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qt5-qtwayland-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"i686\", reference:\"qt5-qtwayland-debuginfo-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qt5-qtwayland-debuginfo-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"i686\", reference:\"qt5-qtwayland-devel-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qt5-qtwayland-devel-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtwayland-doc-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qt5-qtwayland-examples-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtwebchannel-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtwebchannel-debuginfo-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtwebchannel-devel-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtwebchannel-doc-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"qt5-qtwebchannel-examples-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qt5-qtwebchannel-examples-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtwebsockets-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtwebsockets-debuginfo-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtwebsockets-devel-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtwebsockets-doc-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"qt5-qtwebsockets-examples-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qt5-qtwebsockets-examples-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtx11extras-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtx11extras-debuginfo-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtx11extras-devel-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtx11extras-doc-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtxmlpatterns-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtxmlpatterns-debuginfo-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtxmlpatterns-devel-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-qtxmlpatterns-doc-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"qt5-qtxmlpatterns-examples-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qt5-qtxmlpatterns-examples-5.9.7-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"qt5-rpm-macros-5.9.7-2.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qt5-assistant / qt5-designer / qt5-doctools / qt5-linguist / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:46:03", "description": "The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has qt5-qtdoc packages installed that are affected by multiple vulnerabilities:\n\n - QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document. (CVE-2018-15518)\n\n - An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in qsvghandler.cpp. (CVE-2018-19869)\n\n - An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in QGifHandler resulting in a segmentation fault. (CVE-2018-19870)\n\n - An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.\n (CVE-2018-19871)\n\n - An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data.\n (CVE-2018-19873)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-04-11T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.05 / MAIN 5.05 : qt5-qtdoc Multiple Vulnerabilities (NS-SA-2023-0018)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15518", "CVE-2018-19869", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19873"], "modified": "2023-04-11T00:00:00", "cpe": ["p-cpe:/a:zte:cgsl_core:qt5-qtdoc", "p-cpe:/a:zte:cgsl_main:qt5-qtdoc", "cpe:/o:zte:cgsl_core:5", "cpe:/o:zte:cgsl_main:5"], "id": "NEWSTART_CGSL_NS-SA-2023-0018_QT5-QTDOC.NASL", "href": "https://www.tenable.com/plugins/nessus/174069", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2023-0018. The text\n# itself is copyright (C) ZTE, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(174069);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/11\");\n\n script_cve_id(\n \"CVE-2018-15518\",\n \"CVE-2018-19869\",\n \"CVE-2018-19870\",\n \"CVE-2018-19871\",\n \"CVE-2018-19873\"\n );\n\n script_name(english:\"NewStart CGSL CORE 5.05 / MAIN 5.05 : qt5-qtdoc Multiple Vulnerabilities (NS-SA-2023-0018)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote NewStart CGSL host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has qt5-qtdoc packages installed that are affected\nby multiple vulnerabilities:\n\n - QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted\n illegal XML document. (CVE-2018-15518)\n\n - An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in\n qsvghandler.cpp. (CVE-2018-19869)\n\n - An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in\n QGifHandler resulting in a segmentation fault. (CVE-2018-19870)\n\n - An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.\n (CVE-2018-19871)\n\n - An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data.\n (CVE-2018-19873)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2023-0018\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2018-15518\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2018-19869\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2018-19870\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2018-19871\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2018-19873\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL qt5-qtdoc packages. Note that updated packages may not be available yet. Please contact ZTE\nfor more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-19873\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/04/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/04/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:qt5-qtdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:qt5-qtdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:zte:cgsl_core:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:zte:cgsl_main:5\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar os_release = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(os_release) || os_release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (os_release !~ \"CGSL CORE 5.05\" &&\n os_release !~ \"CGSL MAIN 5.05\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.05 / NewStart CGSL MAIN 5.05');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nvar flag = 0;\n\nvar pkgs = {\n 'CGSL CORE 5.05': [\n 'qt5-qtdoc-5.9.7-1.el7'\n ],\n 'CGSL MAIN 5.05': [\n 'qt5-qtdoc-5.9.7-1.el7'\n ]\n};\nvar pkg_list = pkgs[os_release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + os_release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'qt5-qtdoc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:46:03", "description": "The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has qt5-qttranslations packages installed that are affected by multiple vulnerabilities:\n\n - QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document. (CVE-2018-15518)\n\n - An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in qsvghandler.cpp. (CVE-2018-19869)\n\n - An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in QGifHandler resulting in a segmentation fault. (CVE-2018-19870)\n\n - An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.\n (CVE-2018-19871)\n\n - An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data.\n (CVE-2018-19873)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-04-11T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.05 / MAIN 5.05 : qt5-qttranslations Multiple Vulnerabilities (NS-SA-2023-0014)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15518", "CVE-2018-19869", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19873"], "modified": "2023-04-11T00:00:00", "cpe": ["p-cpe:/a:zte:cgsl_core:qt5-qttranslations", "p-cpe:/a:zte:cgsl_main:qt5-qttranslations", "cpe:/o:zte:cgsl_core:5", "cpe:/o:zte:cgsl_main:5"], "id": "NEWSTART_CGSL_NS-SA-2023-0014_QT5-QTTRANSLATIONS.NASL", "href": "https://www.tenable.com/plugins/nessus/174088", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2023-0014. The text\n# itself is copyright (C) ZTE, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(174088);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/11\");\n\n script_cve_id(\n \"CVE-2018-15518\",\n \"CVE-2018-19869\",\n \"CVE-2018-19870\",\n \"CVE-2018-19871\",\n \"CVE-2018-19873\"\n );\n\n script_name(english:\"NewStart CGSL CORE 5.05 / MAIN 5.05 : qt5-qttranslations Multiple Vulnerabilities (NS-SA-2023-0014)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote NewStart CGSL host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has qt5-qttranslations packages installed that are\naffected by multiple vulnerabilities:\n\n - QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted\n illegal XML document. (CVE-2018-15518)\n\n - An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in\n qsvghandler.cpp. (CVE-2018-19869)\n\n - An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in\n QGifHandler resulting in a segmentation fault. (CVE-2018-19870)\n\n - An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.\n (CVE-2018-19871)\n\n - An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data.\n (CVE-2018-19873)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2023-0014\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2018-15518\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2018-19869\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2018-19870\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2018-19871\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2018-19873\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL qt5-qttranslations packages. Note that updated packages may not be available yet. Please\ncontact ZTE for more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-19873\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/04/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/04/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:qt5-qttranslations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:qt5-qttranslations\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:zte:cgsl_core:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:zte:cgsl_main:5\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar os_release = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(os_release) || os_release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (os_release !~ \"CGSL CORE 5.05\" &&\n os_release !~ \"CGSL MAIN 5.05\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.05 / NewStart CGSL MAIN 5.05');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nvar flag = 0;\n\nvar pkgs = {\n 'CGSL CORE 5.05': [\n 'qt5-qttranslations-5.9.7-1.el7'\n ],\n 'CGSL MAIN 5.05': [\n 'qt5-qttranslations-5.9.7-1.el7'\n ]\n};\nvar pkg_list = pkgs[os_release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + os_release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'qt5-qttranslations');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-26T14:19:33", "description": "An update is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nQt is a software toolkit for developing applications. The qt5-base packages contain base tools for string, xml, and network handling in Qt.\n\nThe following packages have been upgraded to a later upstream version:\nqt5-qt3d (5.9.7), qt5-qtbase (5.9.7), qt5-qtcanvas3d (5.9.7), qt5-qtconnectivity (5.9.7), qt5-qtdeclarative (5.9.7), qt5-qtdoc (5.9.7), qt5-qtgraphicaleffects (5.9.7), qt5-qtimageformats (5.9.7), qt5-qtlocation (5.9.7), qt5-qtmultimedia (5.9.7), qt5-qtquickcontrols (5.9.7), qt5-qtquickcontrols2 (5.9.7), qt5-qtscript (5.9.7), qt5-qtsensors (5.9.7), qt5-qtserialbus (5.9.7), qt5-qtserialport (5.9.7), qt5-qtsvg (5.9.7), qt5-qttools (5.9.7), qt5-qttranslations (5.9.7), qt5-qtwayland (5.9.7), qt5-qtwebchannel (5.9.7), qt5-qtwebsockets (5.9.7), qt5-qtx11extras (5.9.7), qt5-qtxmlpatterns (5.9.7). (BZ#1564000, BZ#1564001, BZ#1564002, BZ#1564003, BZ#1564004, BZ#1564006, BZ# 1564007, BZ#1564008, BZ#1564009, BZ#1564010, BZ#1564011, BZ#1564012, BZ# 1564013, BZ#1564014, BZ#1564015, BZ#1564016, BZ#1564017, BZ#1564018, BZ# 1564019, BZ#1564020, BZ#1564021, BZ#1564022, BZ#1564023, BZ#1564024)\n\nSecurity Fix(es) :\n\n* qt5-qtbase: Double free in QXmlStreamReader (CVE-2018-15518)\n\n* qt5-qtsvg: Invalid parsing of malformed url reference resulting in a denial of service (CVE-2018-19869)\n\n* qt5-qtbase: QImage allocation failure in qgifhandler (CVE-2018-19870)\n\n* qt5-qtimageformats: QTgaFile CPU exhaustion (CVE-2018-19871)\n\n* qt5-qtbase: QBmpHandler segmentation fault on malformed BMP file (CVE-2018-19873)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.", "cvss3": {}, "published": "2019-08-30T00:00:00", "type": "nessus", "title": "CentOS 7 : qt5-qt3d / qt5-qtbase / qt5-qtcanvas3d / qt5-qtconnectivity / qt5-qtdeclarative / etc (CESA-2019:2135)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15518", "CVE-2018-19869", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19873"], "modified": "2019-12-31T00:00:00", "cpe": ["p-cpe:/a:centos:centos:qt5-assistant", "p-cpe:/a:centos:centos:qt5-designer", "p-cpe:/a:centos:centos:qt5-doctools", "p-cpe:/a:centos:centos:qt5-linguist", "p-cpe:/a:centos:centos:qt5-qdbusviewer", "p-cpe:/a:centos:centos:qt5-qt3d", "p-cpe:/a:centos:centos:qt5-qt3d-devel", "p-cpe:/a:centos:centos:qt5-qt3d-doc", "p-cpe:/a:centos:centos:qt5-qt3d-examples", "p-cpe:/a:centos:centos:qt5-qtbase", "p-cpe:/a:centos:centos:qt5-qtbase-common", "p-cpe:/a:centos:centos:qt5-qtbase-devel", "p-cpe:/a:centos:centos:qt5-qtbase-doc", "p-cpe:/a:centos:centos:qt5-qtbase-examples", "p-cpe:/a:centos:centos:qt5-qtbase-gui", "p-cpe:/a:centos:centos:qt5-qtbase-mysql", "p-cpe:/a:centos:centos:qt5-qtbase-odbc", "p-cpe:/a:centos:centos:qt5-qtbase-postgresql", "p-cpe:/a:centos:centos:qt5-qtbase-static", "p-cpe:/a:centos:centos:qt5-qtcanvas3d", "p-cpe:/a:centos:centos:qt5-qtcanvas3d-doc", "p-cpe:/a:centos:centos:qt5-qtcanvas3d-examples", "p-cpe:/a:centos:centos:qt5-qtconnectivity", "p-cpe:/a:centos:centos:qt5-qtconnectivity-devel", "p-cpe:/a:centos:centos:qt5-qtconnectivity-doc", "p-cpe:/a:centos:centos:qt5-qtconnectivity-examples", "p-cpe:/a:centos:centos:qt5-qtdeclarative", "p-cpe:/a:centos:centos:qt5-qtdeclarative-devel", "p-cpe:/a:centos:centos:qt5-qtdeclarative-doc", "p-cpe:/a:centos:centos:qt5-qtdeclarative-examples", "p-cpe:/a:centos:centos:qt5-qtdeclarative-static", "p-cpe:/a:centos:centos:qt5-qtdoc", "p-cpe:/a:centos:centos:qt5-qtgraphicaleffects", "p-cpe:/a:centos:centos:qt5-qtgraphicaleffects-doc", "p-cpe:/a:centos:centos:qt5-qtimageformats", "p-cpe:/a:centos:centos:qt5-qtimageformats-doc", "p-cpe:/a:centos:centos:qt5-qtlocation", "p-cpe:/a:centos:centos:qt5-qtlocation-devel", "p-cpe:/a:centos:centos:qt5-qtlocation-doc", "p-cpe:/a:centos:centos:qt5-qtlocation-examples", "p-cpe:/a:centos:centos:qt5-qtmultimedia", "p-cpe:/a:centos:centos:qt5-qtmultimedia-devel", "p-cpe:/a:centos:centos:qt5-qtmultimedia-doc", "p-cpe:/a:centos:centos:qt5-qtmultimedia-examples", "p-cpe:/a:centos:centos:qt5-qtquickcontrols", "p-cpe:/a:centos:centos:qt5-qtquickcontrols-doc", "p-cpe:/a:centos:centos:qt5-qtquickcontrols-examples", "p-cpe:/a:centos:centos:qt5-qtquickcontrols2", "p-cpe:/a:centos:centos:qt5-qtquickcontrols2-devel", "p-cpe:/a:centos:centos:qt5-qtquickcontrols2-doc", "p-cpe:/a:centos:centos:qt5-qtquickcontrols2-examples", "p-cpe:/a:centos:centos:qt5-qtscript", "p-cpe:/a:centos:centos:qt5-qtscript-devel", "p-cpe:/a:centos:centos:qt5-qtscript-doc", "p-cpe:/a:centos:centos:qt5-qtscript-examples", "p-cpe:/a:centos:centos:qt5-qtsensors", "p-cpe:/a:centos:centos:qt5-qtsensors-devel", "p-cpe:/a:centos:centos:qt5-qtsensors-doc", "p-cpe:/a:centos:centos:qt5-qtsensors-examples", "p-cpe:/a:centos:centos:qt5-qtserialbus", "p-cpe:/a:centos:centos:qt5-qtserialbus-devel", "p-cpe:/a:centos:centos:qt5-qtserialbus-doc", "p-cpe:/a:centos:centos:qt5-qtserialbus-examples", "p-cpe:/a:centos:centos:qt5-qtserialport", "p-cpe:/a:centos:centos:qt5-qtserialport-devel", "p-cpe:/a:centos:centos:qt5-qtserialport-doc", "p-cpe:/a:centos:centos:qt5-qtserialport-examples", "p-cpe:/a:centos:centos:qt5-qtsvg", "p-cpe:/a:centos:centos:qt5-qtsvg-devel", "p-cpe:/a:centos:centos:qt5-qtsvg-doc", "p-cpe:/a:centos:centos:qt5-qtsvg-examples", "p-cpe:/a:centos:centos:qt5-qttools", "p-cpe:/a:centos:centos:qt5-qttools-common", "p-cpe:/a:centos:centos:qt5-qttools-devel", "p-cpe:/a:centos:centos:qt5-qttools-doc", "p-cpe:/a:centos:centos:qt5-qttools-examples", "p-cpe:/a:centos:centos:qt5-qttools-libs-designer", "p-cpe:/a:centos:centos:qt5-qttools-libs-designercomponents", "p-cpe:/a:centos:centos:qt5-qttools-libs-help", "p-cpe:/a:centos:centos:qt5-qttools-static", "p-cpe:/a:centos:centos:qt5-qttranslations", "p-cpe:/a:centos:centos:qt5-qtwayland", "p-cpe:/a:centos:centos:qt5-qtwayland-devel", "p-cpe:/a:centos:centos:qt5-qtwebsockets-devel", "p-cpe:/a:centos:centos:qt5-qtwayland-doc", "p-cpe:/a:centos:centos:qt5-qtwayland-examples", "p-cpe:/a:centos:centos:qt5-qtwebchannel", "p-cpe:/a:centos:centos:qt5-qtwebchannel-devel", "p-cpe:/a:centos:centos:qt5-qtwebsockets-doc", "p-cpe:/a:centos:centos:qt5-qtwebchannel-doc", "p-cpe:/a:centos:centos:qt5-qtwebsockets-examples", "p-cpe:/a:centos:centos:qt5-qtwebchannel-examples", "p-cpe:/a:centos:centos:qt5-qtwebsockets", "p-cpe:/a:centos:centos:qt5-qtx11extras", "p-cpe:/a:centos:centos:qt5-qtx11extras-devel", "p-cpe:/a:centos:centos:qt5-qtx11extras-doc", "p-cpe:/a:centos:centos:qt5-qtxmlpatterns", "p-cpe:/a:centos:centos:qt5-qtxmlpatterns-devel", "p-cpe:/a:centos:centos:qt5-qtxmlpatterns-doc", "p-cpe:/a:centos:centos:qt5-qtxmlpatterns-examples", "p-cpe:/a:centos:centos:qt5-rpm-macros", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2019-2135.NASL", "href": "https://www.tenable.com/plugins/nessus/128359", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:2135 and \n# CentOS Errata and Security Advisory 2019:2135 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128359);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/12/31\");\n\n script_cve_id(\"CVE-2018-15518\", \"CVE-2018-19869\", \"CVE-2018-19870\", \"CVE-2018-19871\", \"CVE-2018-19873\");\n script_xref(name:\"RHSA\", value:\"2019:2135\");\n\n script_name(english:\"CentOS 7 : qt5-qt3d / qt5-qtbase / qt5-qtcanvas3d / qt5-qtconnectivity / qt5-qtdeclarative / etc (CESA-2019:2135)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nQt is a software toolkit for developing applications. The qt5-base\npackages contain base tools for string, xml, and network handling in\nQt.\n\nThe following packages have been upgraded to a later upstream version:\nqt5-qt3d (5.9.7), qt5-qtbase (5.9.7), qt5-qtcanvas3d (5.9.7),\nqt5-qtconnectivity (5.9.7), qt5-qtdeclarative (5.9.7), qt5-qtdoc\n(5.9.7), qt5-qtgraphicaleffects (5.9.7), qt5-qtimageformats (5.9.7),\nqt5-qtlocation (5.9.7), qt5-qtmultimedia (5.9.7), qt5-qtquickcontrols\n(5.9.7), qt5-qtquickcontrols2 (5.9.7), qt5-qtscript (5.9.7),\nqt5-qtsensors (5.9.7), qt5-qtserialbus (5.9.7), qt5-qtserialport\n(5.9.7), qt5-qtsvg (5.9.7), qt5-qttools (5.9.7), qt5-qttranslations\n(5.9.7), qt5-qtwayland (5.9.7), qt5-qtwebchannel (5.9.7),\nqt5-qtwebsockets (5.9.7), qt5-qtx11extras (5.9.7), qt5-qtxmlpatterns\n(5.9.7). (BZ#1564000, BZ#1564001, BZ#1564002, BZ#1564003, BZ#1564004,\nBZ#1564006, BZ# 1564007, BZ#1564008, BZ#1564009, BZ#1564010,\nBZ#1564011, BZ#1564012, BZ# 1564013, BZ#1564014, BZ#1564015,\nBZ#1564016, BZ#1564017, BZ#1564018, BZ# 1564019, BZ#1564020,\nBZ#1564021, BZ#1564022, BZ#1564023, BZ#1564024)\n\nSecurity Fix(es) :\n\n* qt5-qtbase: Double free in QXmlStreamReader (CVE-2018-15518)\n\n* qt5-qtsvg: Invalid parsing of malformed url reference resulting in a\ndenial of service (CVE-2018-19869)\n\n* qt5-qtbase: QImage allocation failure in qgifhandler\n(CVE-2018-19870)\n\n* qt5-qtimageformats: QTgaFile CPU exhaustion (CVE-2018-19871)\n\n* qt5-qtbase: QBmpHandler segmentation fault on malformed BMP file\n(CVE-2018-19873)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.7 Release Notes linked from the References section.\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2019-August/006082.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?cf56f728\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2019-August/006083.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5727a200\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2019-August/006084.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?aabd21d6\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2019-August/006085.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9330f2cf\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2019-August/006086.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bdf74c91\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2019-August/006087.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7d6c971b\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2019-August/006088.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f86c2d09\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2019-August/006089.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?454a41b6\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2019-August/006090.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1c1c5365\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2019-August/006091.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c3782cd4\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2019-August/006092.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5623576d\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2019-August/006093.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7211c3a9\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2019-August/006094.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?57f30089\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2019-August/006095.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?26d7e0e8\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2019-August/006096.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?105fea91\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2019-August/006097.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f3ad8483\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2019-August/006098.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ce89c712\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2019-August/006099.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?edda3ff8\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2019-August/006100.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7c905578\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2019-August/006101.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5ddcd928\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2019-August/006102.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fdbd8efb\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2019-August/006108.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?06c1b723\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2019-August/006109.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?37932487\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2019-August/006110.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?762704d9\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-19873\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-assistant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-designer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-doctools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-linguist\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qdbusviewer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qt3d\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qt3d-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qt3d-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qt3d-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtbase-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtbase-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtbase-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtbase-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtbase-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtbase-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtbase-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtbase-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtbase-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtcanvas3d\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtcanvas3d-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtcanvas3d-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtconnectivity\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtconnectivity-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtconnectivity-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtconnectivity-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtdeclarative\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtdeclarative-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtdeclarative-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtdeclarative-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtdeclarative-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtgraphicaleffects\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtgraphicaleffects-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtimageformats\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtimageformats-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtlocation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtlocation-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtlocation-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtlocation-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtmultimedia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtmultimedia-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtmultimedia-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtmultimedia-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtquickcontrols\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtquickcontrols-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtquickcontrols-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtquickcontrols2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtquickcontrols2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtquickcontrols2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtquickcontrols2-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtscript-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtscript-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtscript-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtsensors\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtsensors-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtsensors-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtsensors-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtserialbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtserialbus-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtserialbus-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtserialbus-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtserialport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtserialport-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtserialport-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtserialport-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtsvg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtsvg-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtsvg-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtsvg-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qttools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qttools-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qttools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qttools-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qttools-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qttools-libs-designer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qttools-libs-designercomponents\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qttools-libs-help\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qttools-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qttranslations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtwayland\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtwayland-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtwayland-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtwayland-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtwebchannel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtwebchannel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtwebchannel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtwebchannel-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtwebsockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtwebsockets-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtwebsockets-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtwebsockets-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtx11extras\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtx11extras-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtx11extras-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtxmlpatterns\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtxmlpatterns-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtxmlpatterns-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-qtxmlpatterns-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt5-rpm-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-assistant-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-designer-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-doctools-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-linguist-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qdbusviewer-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qt3d-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qt3d-devel-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qt3d-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qt3d-examples-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtbase-5.9.7-2.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtbase-common-5.9.7-2.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtbase-devel-5.9.7-2.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtbase-doc-5.9.7-2.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtbase-examples-5.9.7-2.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtbase-gui-5.9.7-2.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtbase-mysql-5.9.7-2.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtbase-odbc-5.9.7-2.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtbase-postgresql-5.9.7-2.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtbase-static-5.9.7-2.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtcanvas3d-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtcanvas3d-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtcanvas3d-examples-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtconnectivity-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtconnectivity-devel-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtconnectivity-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtconnectivity-examples-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtdeclarative-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtdeclarative-devel-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtdeclarative-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtdeclarative-examples-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtdeclarative-static-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtdoc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtgraphicaleffects-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtgraphicaleffects-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtimageformats-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtimageformats-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtlocation-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtlocation-devel-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtlocation-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtlocation-examples-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtmultimedia-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtmultimedia-devel-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtmultimedia-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtmultimedia-examples-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtquickcontrols-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtquickcontrols-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtquickcontrols-examples-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtquickcontrols2-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtquickcontrols2-devel-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtquickcontrols2-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtquickcontrols2-examples-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtscript-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtscript-devel-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtscript-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtscript-examples-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtsensors-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtsensors-devel-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtsensors-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtsensors-examples-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtserialbus-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtserialbus-devel-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtserialbus-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtserialbus-examples-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtserialport-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtserialport-devel-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtserialport-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtserialport-examples-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtsvg-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtsvg-devel-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtsvg-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtsvg-examples-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qttools-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qttools-common-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qttools-devel-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qttools-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qttools-examples-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qttools-libs-designer-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qttools-libs-designercomponents-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qttools-libs-help-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qttools-static-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qttranslations-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtwayland-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtwayland-devel-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtwayland-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtwayland-examples-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtwebchannel-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtwebchannel-devel-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtwebchannel-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtwebchannel-examples-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtwebsockets-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtwebsockets-devel-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtwebsockets-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtwebsockets-examples-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtx11extras-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtx11extras-devel-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtx11extras-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtxmlpatterns-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtxmlpatterns-devel-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtxmlpatterns-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-qtxmlpatterns-examples-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt5-rpm-macros-5.9.7-2.el7\")) flag++;\n\n\nif (flag)\n{\n cr_plugin_caveat = '\\n' +\n 'NOTE: The security advisory associated with this vulnerability has a\\n' +\n 'fixed package version that may only be available in the continuous\\n' +\n 'release (CR) repository for CentOS, until it is present in the next\\n' +\n 'point release of CentOS.\\n\\n' +\n\n 'If an equal or higher package level does not exist in the baseline\\n' +\n 'repository for your major version of CentOS, then updates from the CR\\n' +\n 'repository will need to be applied in order to address the\\n' +\n 'vulnerability.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + cr_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qt5-assistant / qt5-designer / qt5-doctools / qt5-linguist / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:45:28", "description": "The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has qt5-qtxmlpatterns packages installed that are affected by multiple vulnerabilities:\n\n - QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document. (CVE-2018-15518)\n\n - An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in qsvghandler.cpp. (CVE-2018-19869)\n\n - An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in QGifHandler resulting in a segmentation fault. (CVE-2018-19870)\n\n - An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.\n (CVE-2018-19871)\n\n - An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data.\n (CVE-2018-19873)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-04-11T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.05 / MAIN 5.05 : qt5-qtxmlpatterns Multiple Vulnerabilities (NS-SA-2023-0020)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15518", "CVE-2018-19869", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19873"], "modified": "2023-04-11T00:00:00", "cpe": ["p-cpe:/a:zte:cgsl_core:qt5-qtxmlpatterns", "p-cpe:/a:zte:cgsl_core:qt5-qtxmlpatterns-debuginfo", "p-cpe:/a:zte:cgsl_core:qt5-qtxmlpatterns-devel", "p-cpe:/a:zte:cgsl_core:qt5-qtxmlpatterns-doc", "p-cpe:/a:zte:cgsl_core:qt5-qtxmlpatterns-examples", "p-cpe:/a:zte:cgsl_main:qt5-qtxmlpatterns", "p-cpe:/a:zte:cgsl_main:qt5-qtxmlpatterns-debuginfo", "p-cpe:/a:zte:cgsl_main:qt5-qtxmlpatterns-devel", "p-cpe:/a:zte:cgsl_main:qt5-qtxmlpatterns-doc", "p-cpe:/a:zte:cgsl_main:qt5-qtxmlpatterns-examples", "cpe:/o:zte:cgsl_core:5", "cpe:/o:zte:cgsl_main:5"], "id": "NEWSTART_CGSL_NS-SA-2023-0020_QT5-QTXMLPATTERNS.NASL", "href": "https://www.tenable.com/plugins/nessus/174096", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2023-0020. The text\n# itself is copyright (C) ZTE, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(174096);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/11\");\n\n script_cve_id(\n \"CVE-2018-15518\",\n \"CVE-2018-19869\",\n \"CVE-2018-19870\",\n \"CVE-2018-19871\",\n \"CVE-2018-19873\"\n );\n\n script_name(english:\"NewStart CGSL CORE 5.05 / MAIN 5.05 : qt5-qtxmlpatterns Multiple Vulnerabilities (NS-SA-2023-0020)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote NewStart CGSL host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has qt5-qtxmlpatterns packages installed that are\naffected by multiple vulnerabilities:\n\n - QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted\n illegal XML document. (CVE-2018-15518)\n\n - An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in\n qsvghandler.cpp. (CVE-2018-19869)\n\n - An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in\n QGifHandler resulting in a segmentation fault. (CVE-2018-19870)\n\n - An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.\n (CVE-2018-19871)\n\n - An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data.\n (CVE-2018-19873)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2023-0020\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2018-15518\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2018-19869\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2018-19870\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2018-19871\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2018-19873\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL qt5-qtxmlpatterns packages. Note that updated packages may not be available yet. Please\ncontact ZTE for more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-19873\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/04/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/04/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:qt5-qtxmlpatterns\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:qt5-qtxmlpatterns-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:qt5-qtxmlpatterns-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:qt5-qtxmlpatterns-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:qt5-qtxmlpatterns-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:qt5-qtxmlpatterns\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:qt5-qtxmlpatterns-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:qt5-qtxmlpatterns-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:qt5-qtxmlpatterns-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:qt5-qtxmlpatterns-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:zte:cgsl_core:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:zte:cgsl_main:5\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar os_release = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(os_release) || os_release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (os_release !~ \"CGSL CORE 5.05\" &&\n os_release !~ \"CGSL MAIN 5.05\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.05 / NewStart CGSL MAIN 5.05');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nvar flag = 0;\n\nvar pkgs = {\n 'CGSL CORE 5.05': [\n 'qt5-qtxmlpatterns-5.9.7-1.el7',\n 'qt5-qtxmlpatterns-debuginfo-5.9.7-1.el7',\n 'qt5-qtxmlpatterns-devel-5.9.7-1.el7',\n 'qt5-qtxmlpatterns-doc-5.9.7-1.el7',\n 'qt5-qtxmlpatterns-examples-5.9.7-1.el7'\n ],\n 'CGSL MAIN 5.05': [\n 'qt5-qtxmlpatterns-5.9.7-1.el7',\n 'qt5-qtxmlpatterns-debuginfo-5.9.7-1.el7',\n 'qt5-qtxmlpatterns-devel-5.9.7-1.el7',\n 'qt5-qtxmlpatterns-doc-5.9.7-1.el7',\n 'qt5-qtxmlpatterns-examples-5.9.7-1.el7'\n ]\n};\nvar pkg_list = pkgs[os_release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + os_release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'qt5-qtxmlpatterns');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-10T16:45:47", "description": "The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-2135 advisory.\n\n - QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document. (CVE-2018-15518)\n\n - An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in qsvghandler.cpp. (CVE-2018-19869)\n\n - An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data.\n (CVE-2018-19873)\n\n - An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in QGifHandler resulting in a segmentation fault. (CVE-2018-19870)\n\n - An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.\n (CVE-2018-19871)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-09-07T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : qt5 (ELSA-2019-2135)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15518", "CVE-2018-19869", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19873"], "modified": "2023-09-07T00:00:00", "cpe": ["cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:qt5-assistant", "p-cpe:/a:oracle:linux:qt5-designer", "p-cpe:/a:oracle:linux:qt5-doctools", "p-cpe:/a:oracle:linux:qt5-linguist", "p-cpe:/a:oracle:linux:qt5-qdbusviewer", "p-cpe:/a:oracle:linux:qt5-qt3d", "p-cpe:/a:oracle:linux:qt5-qt3d-devel", "p-cpe:/a:oracle:linux:qt5-qt3d-doc", "p-cpe:/a:oracle:linux:qt5-qt3d-examples", "p-cpe:/a:oracle:linux:qt5-qtbase", "p-cpe:/a:oracle:linux:qt5-qtbase-common", "p-cpe:/a:oracle:linux:qt5-qtbase-devel", "p-cpe:/a:oracle:linux:qt5-qtbase-doc", "p-cpe:/a:oracle:linux:qt5-qtbase-examples", "p-cpe:/a:oracle:linux:qt5-qtbase-gui", "p-cpe:/a:oracle:linux:qt5-qtbase-mysql", "p-cpe:/a:oracle:linux:qt5-qtbase-odbc", "p-cpe:/a:oracle:linux:qt5-qtbase-postgresql", "p-cpe:/a:oracle:linux:qt5-qtbase-static", "p-cpe:/a:oracle:linux:qt5-qtcanvas3d", "p-cpe:/a:oracle:linux:qt5-qtcanvas3d-doc", "p-cpe:/a:oracle:linux:qt5-qtcanvas3d-examples", "p-cpe:/a:oracle:linux:qt5-qtconnectivity", "p-cpe:/a:oracle:linux:qt5-qtconnectivity-devel", "p-cpe:/a:oracle:linux:qt5-qtconnectivity-doc", "p-cpe:/a:oracle:linux:qt5-qtconnectivity-examples", "p-cpe:/a:oracle:linux:qt5-qtdeclarative", "p-cpe:/a:oracle:linux:qt5-qtdeclarative-devel", "p-cpe:/a:oracle:linux:qt5-qtdeclarative-doc", "p-cpe:/a:oracle:linux:qt5-qtdeclarative-examples", "p-cpe:/a:oracle:linux:qt5-qtdeclarative-static", "p-cpe:/a:oracle:linux:qt5-qtdoc", "p-cpe:/a:oracle:linux:qt5-qtgraphicaleffects", "p-cpe:/a:oracle:linux:qt5-qtgraphicaleffects-doc", "p-cpe:/a:oracle:linux:qt5-qtimageformats", "p-cpe:/a:oracle:linux:qt5-qtimageformats-doc", "p-cpe:/a:oracle:linux:qt5-qtlocation", "p-cpe:/a:oracle:linux:qt5-qtlocation-devel", "p-cpe:/a:oracle:linux:qt5-qtlocation-doc", "p-cpe:/a:oracle:linux:qt5-qtlocation-examples", "p-cpe:/a:oracle:linux:qt5-qtmultimedia", "p-cpe:/a:oracle:linux:qt5-qtmultimedia-devel", "p-cpe:/a:oracle:linux:qt5-qtmultimedia-doc", "p-cpe:/a:oracle:linux:qt5-qtmultimedia-examples", "p-cpe:/a:oracle:linux:qt5-qtquickcontrols", "p-cpe:/a:oracle:linux:qt5-qtquickcontrols-doc", "p-cpe:/a:oracle:linux:qt5-qtquickcontrols-examples", "p-cpe:/a:oracle:linux:qt5-qtquickcontrols2", "p-cpe:/a:oracle:linux:qt5-qtquickcontrols2-devel", "p-cpe:/a:oracle:linux:qt5-qtquickcontrols2-doc", "p-cpe:/a:oracle:linux:qt5-qtquickcontrols2-examples", "p-cpe:/a:oracle:linux:qt5-qtscript", "p-cpe:/a:oracle:linux:qt5-qtscript-devel", "p-cpe:/a:oracle:linux:qt5-qtscript-doc", "p-cpe:/a:oracle:linux:qt5-qtscript-examples", "p-cpe:/a:oracle:linux:qt5-qtsensors", "p-cpe:/a:oracle:linux:qt5-qtsensors-devel", "p-cpe:/a:oracle:linux:qt5-qtsensors-doc", "p-cpe:/a:oracle:linux:qt5-qtsensors-examples", "p-cpe:/a:oracle:linux:qt5-qtserialbus", "p-cpe:/a:oracle:linux:qt5-qtserialbus-devel", "p-cpe:/a:oracle:linux:qt5-qtserialbus-doc", "p-cpe:/a:oracle:linux:qt5-qtserialbus-examples", "p-cpe:/a:oracle:linux:qt5-qtserialport", "p-cpe:/a:oracle:linux:qt5-qtserialport-devel", "p-cpe:/a:oracle:linux:qt5-qtserialport-doc", "p-cpe:/a:oracle:linux:qt5-qtserialport-examples", "p-cpe:/a:oracle:linux:qt5-qtsvg", "p-cpe:/a:oracle:linux:qt5-qtsvg-devel", "p-cpe:/a:oracle:linux:qt5-qtsvg-doc", "p-cpe:/a:oracle:linux:qt5-qtsvg-examples", "p-cpe:/a:oracle:linux:qt5-qttools", "p-cpe:/a:oracle:linux:qt5-qttools-common", "p-cpe:/a:oracle:linux:qt5-qttools-devel", "p-cpe:/a:oracle:linux:qt5-qttools-doc", "p-cpe:/a:oracle:linux:qt5-qttools-examples", "p-cpe:/a:oracle:linux:qt5-qttools-libs-designer", "p-cpe:/a:oracle:linux:qt5-qttools-libs-designercomponents", "p-cpe:/a:oracle:linux:qt5-qttools-libs-help", "p-cpe:/a:oracle:linux:qt5-qttools-static", "p-cpe:/a:oracle:linux:qt5-qttranslations", "p-cpe:/a:oracle:linux:qt5-qtwayland", "p-cpe:/a:oracle:linux:qt5-qtwayland-devel", "p-cpe:/a:oracle:linux:qt5-qtwayland-doc", "p-cpe:/a:oracle:linux:qt5-qtwayland-examples", "p-cpe:/a:oracle:linux:qt5-qtwebchannel", "p-cpe:/a:oracle:linux:qt5-qtwebchannel-devel", "p-cpe:/a:oracle:linux:qt5-qtwebchannel-doc", "p-cpe:/a:oracle:linux:qt5-qtwebchannel-examples", "p-cpe:/a:oracle:linux:qt5-qtwebsockets", "p-cpe:/a:oracle:linux:qt5-qtwebsockets-devel", "p-cpe:/a:oracle:linux:qt5-qtwebsockets-doc", "p-cpe:/a:oracle:linux:qt5-qtwebsockets-examples", "p-cpe:/a:oracle:linux:qt5-qtx11extras", "p-cpe:/a:oracle:linux:qt5-qtx11extras-devel", "p-cpe:/a:oracle:linux:qt5-qtx11extras-doc", "p-cpe:/a:oracle:linux:qt5-qtxmlpatterns", "p-cpe:/a:oracle:linux:qt5-qtxmlpatterns-devel", "p-cpe:/a:oracle:linux:qt5-qtxmlpatterns-doc", "p-cpe:/a:oracle:linux:qt5-qtxmlpatterns-examples", "p-cpe:/a:oracle:linux:qt5-rpm-macros"], "id": "ORACLELINUX_ELSA-2019-2135.NASL", "href": "https://www.tenable.com/plugins/nessus/180876", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2019-2135.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(180876);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/07\");\n\n script_cve_id(\n \"CVE-2018-15518\",\n \"CVE-2018-19869\",\n \"CVE-2018-19870\",\n \"CVE-2018-19871\",\n \"CVE-2018-19873\"\n );\n\n script_name(english:\"Oracle Linux 7 : qt5 (ELSA-2019-2135)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2019-2135 advisory.\n\n - QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted\n illegal XML document. (CVE-2018-15518)\n\n - An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in\n qsvghandler.cpp. (CVE-2018-19869)\n\n - An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data.\n (CVE-2018-19873)\n\n - An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in\n QGifHandler resulting in a segmentation fault. (CVE-2018-19870)\n\n - An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.\n (CVE-2018-19871)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2019-2135.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-19873\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/09/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-assistant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-designer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-doctools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-linguist\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qdbusviewer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qt3d\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qt3d-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qt3d-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qt3d-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtbase-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtbase-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtbase-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtbase-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtbase-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtbase-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtbase-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtbase-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtbase-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtcanvas3d\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtcanvas3d-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtcanvas3d-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtconnectivity\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtconnectivity-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtconnectivity-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtconnectivity-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtdeclarative\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtdeclarative-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtdeclarative-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtdeclarative-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtdeclarative-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtgraphicaleffects\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtgraphicaleffects-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtimageformats\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtimageformats-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtlocation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtlocation-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtlocation-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtlocation-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtmultimedia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtmultimedia-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtmultimedia-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtmultimedia-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtquickcontrols\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtquickcontrols-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtquickcontrols-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtquickcontrols2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtquickcontrols2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtquickcontrols2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtquickcontrols2-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtscript-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtscript-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtscript-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtsensors\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtsensors-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtsensors-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtsensors-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtserialbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtserialbus-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtserialbus-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtserialbus-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtserialport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtserialport-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtserialport-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtserialport-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtsvg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtsvg-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtsvg-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtsvg-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qttools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qttools-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qttools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qttools-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qttools-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qttools-libs-designer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qttools-libs-designercomponents\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qttools-libs-help\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qttools-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qttranslations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtwayland\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtwayland-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtwayland-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtwayland-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtwebchannel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtwebchannel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtwebchannel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtwebchannel-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtwebsockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtwebsockets-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtwebsockets-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtwebsockets-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtx11extras\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtx11extras-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtx11extras-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtxmlpatterns\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtxmlpatterns-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtxmlpatterns-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-qtxmlpatterns-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt5-rpm-macros\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(os_release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:os_release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar pkgs = [\n {'reference':'qt5-qt3d-doc-5.9.7-1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-common-5.9.7-2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtcanvas3d-doc-5.9.7-1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtconnectivity-doc-5.9.7-1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdoc-5.9.7-1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtgraphicaleffects-doc-5.9.7-1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtimageformats-doc-5.9.7-1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtlocation-doc-5.9.7-1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtmultimedia-doc-5.9.7-1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols-doc-5.9.7-1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtscript-doc-5.9.7-1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsensors-doc-5.9.7-1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialbus-doc-5.9.7-1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialport-doc-5.9.7-1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsvg-doc-5.9.7-1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-common-5.9.7-1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-doc-5.9.7-1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttranslations-5.9.7-1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwayland-doc-5.9.7-1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebchannel-doc-5.9.7-1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebsockets-doc-5.9.7-1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtx11extras-doc-5.9.7-1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtxmlpatterns-doc-5.9.7-1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-rpm-macros-5.9.7-2.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-assistant-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-designer-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-doctools-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-linguist-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qdbusviewer-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qt3d-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qt3d-devel-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qt3d-examples-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-5.9.7-2.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-devel-5.9.7-2.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-doc-5.9.7-2.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-examples-5.9.7-2.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-gui-5.9.7-2.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-mysql-5.9.7-2.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-odbc-5.9.7-2.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-postgresql-5.9.7-2.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-static-5.9.7-2.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtcanvas3d-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtcanvas3d-examples-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtconnectivity-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtconnectivity-devel-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtconnectivity-examples-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-devel-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-doc-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-examples-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-static-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtgraphicaleffects-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtimageformats-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtlocation-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtlocation-devel-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtlocation-examples-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtmultimedia-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtmultimedia-devel-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtmultimedia-examples-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols-examples-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols2-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols2-devel-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols2-doc-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols2-examples-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtscript-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtscript-devel-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtscript-examples-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsensors-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsensors-devel-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsensors-examples-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialbus-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialbus-devel-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialbus-examples-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialport-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialport-devel-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialport-examples-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsvg-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsvg-devel-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsvg-examples-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-devel-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-examples-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-libs-designer-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-libs-designercomponents-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-libs-help-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-static-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwayland-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwayland-devel-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwayland-examples-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebchannel-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebchannel-devel-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebchannel-examples-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebsockets-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebsockets-devel-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebsockets-examples-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtx11extras-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtx11extras-devel-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtxmlpatterns-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtxmlpatterns-devel-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtxmlpatterns-examples-5.9.7-1.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-designer-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qt3d-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qt3d-devel-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-5.9.7-2.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-devel-5.9.7-2.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-gui-5.9.7-2.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-mysql-5.9.7-2.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-odbc-5.9.7-2.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-postgresql-5.9.7-2.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-static-5.9.7-2.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtconnectivity-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtconnectivity-devel-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-devel-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-static-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtgraphicaleffects-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtimageformats-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtlocation-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtlocation-devel-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtmultimedia-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtmultimedia-devel-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtmultimedia-examples-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols2-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols2-devel-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtscript-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtscript-devel-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsensors-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsensors-devel-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsensors-examples-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialbus-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialbus-devel-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialport-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialport-devel-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsvg-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsvg-devel-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-devel-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-libs-designer-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-libs-designercomponents-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-libs-help-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-static-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwayland-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwayland-devel-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebchannel-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebchannel-devel-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebsockets-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebsockets-devel-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtx11extras-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtx11extras-devel-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtxmlpatterns-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtxmlpatterns-devel-5.9.7-1.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-assistant-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-designer-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-doctools-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-linguist-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qdbusviewer-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qt3d-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qt3d-devel-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qt3d-examples-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-5.9.7-2.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-devel-5.9.7-2.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-doc-5.9.7-2.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-examples-5.9.7-2.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-gui-5.9.7-2.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-mysql-5.9.7-2.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-odbc-5.9.7-2.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-postgresql-5.9.7-2.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtbase-static-5.9.7-2.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtcanvas3d-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtcanvas3d-examples-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtconnectivity-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtconnectivity-devel-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtconnectivity-examples-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-devel-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-doc-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-examples-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtdeclarative-static-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtgraphicaleffects-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtimageformats-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtlocation-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtlocation-devel-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtlocation-examples-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtmultimedia-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtmultimedia-devel-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtmultimedia-examples-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols-examples-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols2-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols2-devel-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols2-doc-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtquickcontrols2-examples-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtscript-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtscript-devel-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtscript-examples-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsensors-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsensors-devel-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsensors-examples-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialbus-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialbus-devel-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialbus-examples-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialport-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialport-devel-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtserialport-examples-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsvg-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsvg-devel-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtsvg-examples-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-devel-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-examples-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-libs-designer-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-libs-designercomponents-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-libs-help-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qttools-static-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwayland-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwayland-devel-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwayland-examples-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebchannel-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebchannel-devel-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebchannel-examples-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebsockets-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebsockets-devel-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtwebsockets-examples-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtx11extras-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtx11extras-devel-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtxmlpatterns-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtxmlpatterns-devel-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'qt5-qtxmlpatterns-examples-5.9.7-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release) {\n if (exists_check) {\n if (rpm_exists(release:_release, rpm:exists_check) && rpm_check(release:_release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'qt5-assistant / qt5-designer / qt5-doctools / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:46:50", "description": "The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has qt5-qtserialport packages installed that are affected by multiple vulnerabilities:\n\n - QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document. (CVE-2018-15518)\n\n - An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in qsvghandler.cpp. (CVE-2018-19869)\n\n - An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in QGifHandler resulting in a segmentation fault. (CVE-2018-19870)\n\n - An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.\n (CVE-2018-19871)\n\n - An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data.\n (CVE-2018-19873)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-04-11T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.05 / MAIN 5.05 : qt5-qtserialport Multiple Vulnerabilities (NS-SA-2023-0011)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15518", "CVE-2018-19869", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19873"], "modified": "2023-04-11T00:00:00", "cpe": ["p-cpe:/a:zte:cgsl_core:qt5-qtserialport", "p-cpe:/a:zte:cgsl_core:qt5-qtserialport-debuginfo", "p-cpe:/a:zte:cgsl_core:qt5-qtserialport-devel", "p-cpe:/a:zte:cgsl_core:qt5-qtserialport-doc", "p-cpe:/a:zte:cgsl_core:qt5-qtserialport-examples", "p-cpe:/a:zte:cgsl_main:qt5-qtserialport", "p-cpe:/a:zte:cgsl_main:qt5-qtserialport-debuginfo", "p-cpe:/a:zte:cgsl_main:qt5-qtserialport-devel", "p-cpe:/a:zte:cgsl_main:qt5-qtserialport-doc", "p-cpe:/a:zte:cgsl_main:qt5-qtserialport-examples", "cpe:/o:zte:cgsl_core:5", "cpe:/o:zte:cgsl_main:5"], "id": "NEWSTART_CGSL_NS-SA-2023-0011_QT5-QTSERIALPORT.NASL", "href": "https://www.tenable.com/plugins/nessus/174084", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2023-0011. The text\n# itself is copyright (C) ZTE, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(174084);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/11\");\n\n script_cve_id(\n \"CVE-2018-15518\",\n \"CVE-2018-19869\",\n \"CVE-2018-19870\",\n \"CVE-2018-19871\",\n \"CVE-2018-19873\"\n );\n\n script_name(english:\"NewStart CGSL CORE 5.05 / MAIN 5.05 : qt5-qtserialport Multiple Vulnerabilities (NS-SA-2023-0011)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote NewStart CGSL host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has qt5-qtserialport packages installed that are\naffected by multiple vulnerabilities:\n\n - QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted\n illegal XML document. (CVE-2018-15518)\n\n - An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in\n qsvghandler.cpp. (CVE-2018-19869)\n\n - An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in\n QGifHandler resulting in a segmentation fault. (CVE-2018-19870)\n\n - An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.\n (CVE-2018-19871)\n\n - An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data.\n (CVE-2018-19873)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2023-0011\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2018-15518\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2018-19869\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2018-19870\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2018-19871\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2018-19873\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL qt5-qtserialport packages. Note that updated packages may not be available yet. Please\ncontact ZTE for more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-19873\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/04/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/04/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:qt5-qtserialport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:qt5-qtserialport-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:qt5-qtserialport-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:qt5-qtserialport-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:qt5-qtserialport-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:qt5-qtserialport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:qt5-qtserialport-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:qt5-qtserialport-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:qt5-qtserialport-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:qt5-qtserialport-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:zte:cgsl_core:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:zte:cgsl_main:5\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar os_release = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(os_release) || os_release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (os_release !~ \"CGSL CORE 5.05\" &&\n os_release !~ \"CGSL MAIN 5.05\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.05 / NewStart CGSL MAIN 5.05');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nvar flag = 0;\n\nvar pkgs = {\n 'CGSL CORE 5.05': [\n 'qt5-qtserialport-5.9.7-1.el7',\n 'qt5-qtserialport-debuginfo-5.9.7-1.el7',\n 'qt5-qtserialport-devel-5.9.7-1.el7',\n 'qt5-qtserialport-doc-5.9.7-1.el7',\n 'qt5-qtserialport-examples-5.9.7-1.el7'\n ],\n 'CGSL MAIN 5.05': [\n 'qt5-qtserialport-5.9.7-1.el7',\n 'qt5-qtserialport-debuginfo-5.9.7-1.el7',\n 'qt5-qtserialport-devel-5.9.7-1.el7',\n 'qt5-qtserialport-doc-5.9.7-1.el7',\n 'qt5-qtserialport-examples-5.9.7-1.el7'\n ]\n};\nvar pkg_list = pkgs[os_release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + os_release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'qt5-qtserialport');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:28:13", "description": "The following packages have been upgraded to a later upstream version:\nqt5-qt3d (5.9.7), qt5-qtbase (5.9.7), qt5-qtcanvas3d (5.9.7), qt5-qtconnectivity (5.9.7), qt5-qtdeclarative (5.9.7), qt5-qtdoc (5.9.7), qt5-qtgraphicaleffects (5.9.7), qt5-qtimageformats (5.9.7), qt5-qtlocation (5.9.7), qt5-qtmultimedia (5.9.7), qt5-qtquickcontrols (5.9.7), qt5-qtquickcontrols2 (5.9.7), qt5-qtscript (5.9.7), qt5-qtsensors (5.9.7), qt5-qtserialbus (5.9.7), qt5-qtserialport (5.9.7), qt5-qtsvg (5.9.7), qt5-qttools (5.9.7), qt5-qttranslations (5.9.7), qt5-qtwayland (5.9.7), qt5-qtwebchannel (5.9.7), qt5-qtwebsockets (5.9.7), qt5-qtx11extras (5.9.7), qt5-qtxmlpatterns (5.9.7).\n\nSecurity Fix(es) :\n\n - qt5-qtbase: Double free in QXmlStreamReader (CVE-2018-15518)\n\n - qt5-qtsvg: Invalid parsing of malformed url reference resulting in a denial of service (CVE-2018-19869)\n\n - qt5-qtbase: QImage allocation failure in qgifhandler (CVE-2018-19870)\n\n - qt5-qtimageformats: QTgaFile CPU exhaustion (CVE-2018-19871)\n\n - qt5-qtbase: QBmpHandler segmentation fault on malformed BMP file (CVE-2018-19873)", "cvss3": {}, "published": "2019-08-27T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : qt5 on SL7.x x86_64 (20190806)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15518", "CVE-2018-19869", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19873"], "modified": "2020-02-24T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:qt5-assistant", "p-cpe:/a:fermilab:scientific_linux:qt5-designer", "p-cpe:/a:fermilab:scientific_linux:qt5-doctools", "p-cpe:/a:fermilab:scientific_linux:qt5-linguist", "p-cpe:/a:fermilab:scientific_linux:qt5-qdbusviewer", "p-cpe:/a:fermilab:scientific_linux:qt5-qt3d", "p-cpe:/a:fermilab:scientific_linux:qt5-qt3d-debuginfo", "p-cpe:/a:fermilab:scientific_linux:qt5-qt3d-devel", "p-cpe:/a:fermilab:scientific_linux:qt5-qt3d-doc", "p-cpe:/a:fermilab:scientific_linux:qt5-qt3d-examples", "p-cpe:/a:fermilab:scientific_linux:qt5-qtbase", "p-cpe:/a:fermilab:scientific_linux:qt5-qtbase-common", "p-cpe:/a:fermilab:scientific_linux:qt5-qtbase-debuginfo", "p-cpe:/a:fermilab:scientific_linux:qt5-qtbase-devel", "p-cpe:/a:fermilab:scientific_linux:qt5-qtbase-doc", "p-cpe:/a:fermilab:scientific_linux:qt5-qtbase-examples", "p-cpe:/a:fermilab:scientific_linux:qt5-qtbase-gui", "p-cpe:/a:fermilab:scientific_linux:qt5-qtbase-mysql", "p-cpe:/a:fermilab:scientific_linux:qt5-qtbase-odbc", "p-cpe:/a:fermilab:scientific_linux:qt5-qtbase-postgresql", "p-cpe:/a:fermilab:scientific_linux:qt5-qtbase-static", "p-cpe:/a:fermilab:scientific_linux:qt5-qtcanvas3d", "p-cpe:/a:fermilab:scientific_linux:qt5-qtcanvas3d-debuginfo", "p-cpe:/a:fermilab:scientific_linux:qt5-qtcanvas3d-doc", "p-cpe:/a:fermilab:scientific_linux:qt5-qtcanvas3d-examples", "p-cpe:/a:fermilab:scientific_linux:qt5-qtconnectivity", "p-cpe:/a:fermilab:scientific_linux:qt5-qtconnectivity-debuginfo", "p-cpe:/a:fermilab:scientific_linux:qt5-qtconnectivity-devel", "p-cpe:/a:fermilab:scientific_linux:qt5-qtconnectivity-doc", "p-cpe:/a:fermilab:scientific_linux:qt5-qtconnectivity-examples", "p-cpe:/a:fermilab:scientific_linux:qt5-qtdeclarative", "p-cpe:/a:fermilab:scientific_linux:qt5-qtdeclarative-debuginfo", "p-cpe:/a:fermilab:scientific_linux:qt5-qtdeclarative-devel", "p-cpe:/a:fermilab:scientific_linux:qt5-qtdeclarative-doc", "p-cpe:/a:fermilab:scientific_linux:qt5-qtdeclarative-examples", "p-cpe:/a:fermilab:scientific_linux:qt5-qtdeclarative-static", "p-cpe:/a:fermilab:scientific_linux:qt5-qtdoc", "p-cpe:/a:fermilab:scientific_linux:qt5-qtgraphicaleffects", "p-cpe:/a:fermilab:scientific_linux:qt5-qtgraphicaleffects-debuginfo", "p-cpe:/a:fermilab:scientific_linux:qt5-qtgraphicaleffects-doc", "p-cpe:/a:fermilab:scientific_linux:qt5-qtimageformats", "p-cpe:/a:fermilab:scientific_linux:qt5-qtimageformats-debuginfo", "p-cpe:/a:fermilab:scientific_linux:qt5-qtimageformats-doc", "p-cpe:/a:fermilab:scientific_linux:qt5-qtlocation", "p-cpe:/a:fermilab:scientific_linux:qt5-qtlocation-debuginfo", "p-cpe:/a:fermilab:scientific_linux:qt5-qtlocation-devel", "p-cpe:/a:fermilab:scientific_linux:qt5-qtlocation-doc", "p-cpe:/a:fermilab:scientific_linux:qt5-qtlocation-examples", "p-cpe:/a:fermilab:scientific_linux:qt5-qtmultimedia", "p-cpe:/a:fermilab:scientific_linux:qt5-qtmultimedia-debuginfo", "p-cpe:/a:fermilab:scientific_linux:qt5-qtmultimedia-devel", "p-cpe:/a:fermilab:scientific_linux:qt5-qtmultimedia-doc", "p-cpe:/a:fermilab:scientific_linux:qt5-qtmultimedia-examples", "p-cpe:/a:fermilab:scientific_linux:qt5-qtquickcontrols", "p-cpe:/a:fermilab:scientific_linux:qt5-qtquickcontrols-debuginfo", "p-cpe:/a:fermilab:scientific_linux:qt5-qtquickcontrols-doc", "p-cpe:/a:fermilab:scientific_linux:qt5-qtquickcontrols-examples", "p-cpe:/a:fermilab:scientific_linux:qt5-qtquickcontrols2", "p-cpe:/a:fermilab:scientific_linux:qt5-qtquickcontrols2-debuginfo", "p-cpe:/a:fermilab:scientific_linux:qt5-qtquickcontrols2-devel", "p-cpe:/a:fermilab:scientific_linux:qt5-qtquickcontrols2-doc", "p-cpe:/a:fermilab:scientific_linux:qt5-qtquickcontrols2-examples", "p-cpe:/a:fermilab:scientific_linux:qt5-qtscript", "p-cpe:/a:fermilab:scientific_linux:qt5-qtscript-debuginfo", "p-cpe:/a:fermilab:scientific_linux:qt5-qtscript-devel", "p-cpe:/a:fermilab:scientific_linux:qt5-qtscript-doc", "p-cpe:/a:fermilab:scientific_linux:qt5-qtscript-examples", "p-cpe:/a:fermilab:scientific_linux:qt5-qtsensors", "p-cpe:/a:fermilab:scientific_linux:qt5-qtsensors-debuginfo", "p-cpe:/a:fermilab:scientific_linux:qt5-qtsensors-devel", "p-cpe:/a:fermilab:scientific_linux:qt5-qtsensors-doc", "p-cpe:/a:fermilab:scientific_linux:qt5-qtsensors-examples", "p-cpe:/a:fermilab:scientific_linux:qt5-qtserialbus", "p-cpe:/a:fermilab:scientific_linux:qt5-qtserialbus-debuginfo", "p-cpe:/a:fermilab:scientific_linux:qt5-qtserialbus-devel", "p-cpe:/a:fermilab:scientific_linux:qt5-qtserialbus-doc", "p-cpe:/a:fermilab:scientific_linux:qt5-qtserialbus-examples", "p-cpe:/a:fermilab:scientific_linux:qt5-qtserialport", "p-cpe:/a:fermilab:scientific_linux:qt5-qtserialport-debuginfo", "p-cpe:/a:fermilab:scientific_linux:qt5-qtserialport-devel", "p-cpe:/a:fermilab:scientific_linux:qt5-qtserialport-doc", "p-cpe:/a:fermilab:scientific_linux:qt5-qtserialport-examples", "p-cpe:/a:fermilab:scientific_linux:qt5-qtsvg", "p-cpe:/a:fermilab:scientific_linux:qt5-qtsvg-debuginfo", "p-cpe:/a:fermilab:scientific_linux:qt5-qtsvg-devel", "p-cpe:/a:fermilab:scientific_linux:qt5-qtsvg-doc", "p-cpe:/a:fermilab:scientific_linux:qt5-qtsvg-examples", "p-cpe:/a:fermilab:scientific_linux:qt5-qttools", "p-cpe:/a:fermilab:scientific_linux:qt5-qttools-common", "p-cpe:/a:fermilab:scientific_linux:qt5-qttools-debuginfo", "p-cpe:/a:fermilab:scientific_linux:qt5-qttools-devel", "p-cpe:/a:fermilab:scientific_linux:qt5-qttools-doc", "p-cpe:/a:fermilab:scientific_linux:qt5-qttools-examples", "p-cpe:/a:fermilab:scientific_linux:qt5-qttools-libs-designer", "p-cpe:/a:fermilab:scientific_linux:qt5-qttools-libs-designercomponents", "p-cpe:/a:fermilab:scientific_linux:qt5-qttools-libs-help", "p-cpe:/a:fermilab:scientific_linux:qt5-qttools-static", "p-cpe:/a:fermilab:scientific_linux:qt5-qttranslations", "p-cpe:/a:fermilab:scientific_linux:qt5-qtwayland", "p-cpe:/a:fermilab:scientific_linux:qt5-qtwayland-debuginfo", "p-cpe:/a:fermilab:scientific_linux:qt5-qtwayland-devel", "p-cpe:/a:fermilab:scientific_linux:qt5-qtwayland-doc", "p-cpe:/a:fermilab:scientific_linux:qt5-qtwayland-examples", "p-cpe:/a:fermilab:scientific_linux:qt5-qtwebchannel", "p-cpe:/a:fermilab:scientific_linux:qt5-qtwebchannel-debuginfo", "p-cpe:/a:fermilab:scientific_linux:qt5-qtwebchannel-devel", "p-cpe:/a:fermilab:scientific_linux:qt5-qtwebchannel-doc", "p-cpe:/a:fermilab:scientific_linux:qt5-qtwebchannel-examples", "p-cpe:/a:fermilab:scientific_linux:qt5-qtwebsockets", "p-cpe:/a:fermilab:scientific_linux:qt5-qtwebsockets-debuginfo", "p-cpe:/a:fermilab:scientific_linux:qt5-qtwebsockets-devel", "p-cpe:/a:fermilab:scientific_linux:qt5-qtwebsockets-doc", "p-cpe:/a:fermilab:scientific_linux:qt5-qtwebsockets-examples", "p-cpe:/a:fermilab:scientific_linux:qt5-qtx11extras", "p-cpe:/a:fermilab:scientific_linux:qt5-qtx11extras-debuginfo", "p-cpe:/a:fermilab:scientific_linux:qt5-qtx11extras-devel", "p-cpe:/a:fermilab:scientific_linux:qt5-qtx11extras-doc", "p-cpe:/a:fermilab:scientific_linux:qt5-qtxmlpatterns", "p-cpe:/a:fermilab:scientific_linux:qt5-qtxmlpatterns-debuginfo", "p-cpe:/a:fermilab:scientific_linux:qt5-qtxmlpatterns-devel", "p-cpe:/a:fermilab:scientific_linux:qt5-qtxmlpatterns-doc", "p-cpe:/a:fermilab:scientific_linux:qt5-qtxmlpatterns-examples", "p-cpe:/a:fermilab:scientific_linux:qt5-rpm-macros", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20190806_QT5_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/128258", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128258);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/24\");\n\n script_cve_id(\"CVE-2018-15518\", \"CVE-2018-19869\", \"CVE-2018-19870\", \"CVE-2018-19871\", \"CVE-2018-19873\");\n\n script_name(english:\"Scientific Linux Security Update : qt5 on SL7.x x86_64 (20190806)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The following packages have been upgraded to a later upstream version:\nqt5-qt3d (5.9.7), qt5-qtbase (5.9.7), qt5-qtcanvas3d (5.9.7),\nqt5-qtconnectivity (5.9.7), qt5-qtdeclarative (5.9.7), qt5-qtdoc\n(5.9.7), qt5-qtgraphicaleffects (5.9.7), qt5-qtimageformats (5.9.7),\nqt5-qtlocation (5.9.7), qt5-qtmultimedia (5.9.7), qt5-qtquickcontrols\n(5.9.7), qt5-qtquickcontrols2 (5.9.7), qt5-qtscript (5.9.7),\nqt5-qtsensors (5.9.7), qt5-qtserialbus (5.9.7), qt5-qtserialport\n(5.9.7), qt5-qtsvg (5.9.7), qt5-qttools (5.9.7), qt5-qttranslations\n(5.9.7), qt5-qtwayland (5.9.7), qt5-qtwebchannel (5.9.7),\nqt5-qtwebsockets (5.9.7), qt5-qtx11extras (5.9.7), qt5-qtxmlpatterns\n(5.9.7).\n\nSecurity Fix(es) :\n\n - qt5-qtbase: Double free in QXmlStreamReader\n (CVE-2018-15518)\n\n - qt5-qtsvg: Invalid parsing of malformed url reference\n resulting in a denial of service (CVE-2018-19869)\n\n - qt5-qtbase: QImage allocation failure in qgifhandler\n (CVE-2018-19870)\n\n - qt5-qtimageformats: QTgaFile CPU exhaustion\n (CVE-2018-19871)\n\n - qt5-qtbase: QBmpHandler segmentation fault on malformed\n BMP file (CVE-2018-19873)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1908&L=SCIENTIFIC-LINUX-ERRATA&P=19876\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b1d81f52\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-assistant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-designer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-doctools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-linguist\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qdbusviewer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qt3d\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qt3d-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qt3d-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qt3d-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qt3d-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtbase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtbase-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtbase-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtbase-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtbase-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtbase-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtbase-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtbase-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtbase-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtbase-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtbase-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtcanvas3d\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtcanvas3d-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtcanvas3d-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtcanvas3d-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtconnectivity\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtconnectivity-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtconnectivity-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtconnectivity-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtconnectivity-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtdeclarative\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtdeclarative-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtdeclarative-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtdeclarative-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtdeclarative-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtdeclarative-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtgraphicaleffects\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtgraphicaleffects-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtgraphicaleffects-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtimageformats\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtimageformats-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtimageformats-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtlocation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtlocation-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtlocation-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtlocation-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtlocation-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtmultimedia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtmultimedia-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtmultimedia-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtmultimedia-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtmultimedia-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtquickcontrols\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtquickcontrols-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtquickcontrols-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtquickcontrols-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtquickcontrols2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtquickcontrols2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtquickcontrols2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtquickcontrols2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtquickcontrols2-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtscript\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtscript-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtscript-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtscript-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtscript-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtsensors\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtsensors-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtsensors-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtsensors-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtsensors-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtserialbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtserialbus-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtserialbus-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtserialbus-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtserialbus-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtserialport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtserialport-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtserialport-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtserialport-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtserialport-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtsvg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtsvg-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtsvg-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtsvg-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtsvg-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qttools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qttools-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qttools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qttools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qttools-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qttools-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qttools-libs-designer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qttools-libs-designercomponents\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qttools-libs-help\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qttools-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qttranslations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtwayland\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtwayland-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtwayland-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtwayland-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtwayland-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtwebchannel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtwebchannel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtwebchannel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtwebchannel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtwebchannel-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtwebsockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtwebsockets-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtwebsockets-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtwebsockets-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtwebsockets-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtx11extras\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtx11extras-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtx11extras-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtx11extras-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtxmlpatterns\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtxmlpatterns-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtxmlpatterns-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtxmlpatterns-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-qtxmlpatterns-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt5-rpm-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-assistant-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-designer-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-doctools-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-linguist-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qdbusviewer-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qt3d-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qt3d-debuginfo-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qt3d-devel-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"qt5-qt3d-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qt3d-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qt3d-examples-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtbase-5.9.7-2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"qt5-qtbase-common-5.9.7-2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtbase-common-5.9.7-2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtbase-debuginfo-5.9.7-2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtbase-devel-5.9.7-2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtbase-doc-5.9.7-2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtbase-examples-5.9.7-2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtbase-gui-5.9.7-2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtbase-mysql-5.9.7-2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtbase-odbc-5.9.7-2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtbase-postgresql-5.9.7-2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtbase-static-5.9.7-2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtcanvas3d-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtcanvas3d-debuginfo-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"qt5-qtcanvas3d-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtcanvas3d-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtcanvas3d-examples-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtconnectivity-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtconnectivity-debuginfo-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtconnectivity-devel-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"qt5-qtconnectivity-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtconnectivity-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtconnectivity-examples-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtdeclarative-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtdeclarative-debuginfo-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtdeclarative-devel-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtdeclarative-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtdeclarative-examples-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtdeclarative-static-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"qt5-qtdoc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtdoc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtgraphicaleffects-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtgraphicaleffects-debuginfo-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"qt5-qtgraphicaleffects-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtgraphicaleffects-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtimageformats-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtimageformats-debuginfo-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"qt5-qtimageformats-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtimageformats-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtlocation-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtlocation-debuginfo-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtlocation-devel-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"qt5-qtlocation-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtlocation-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtlocation-examples-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtmultimedia-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtmultimedia-debuginfo-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtmultimedia-devel-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"qt5-qtmultimedia-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtmultimedia-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtmultimedia-examples-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtquickcontrols-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtquickcontrols-debuginfo-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"qt5-qtquickcontrols-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtquickcontrols-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtquickcontrols-examples-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtquickcontrols2-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtquickcontrols2-debuginfo-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtquickcontrols2-devel-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtquickcontrols2-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtquickcontrols2-examples-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtscript-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtscript-debuginfo-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtscript-devel-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"qt5-qtscript-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtscript-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtscript-examples-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtsensors-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtsensors-debuginfo-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtsensors-devel-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"qt5-qtsensors-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtsensors-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtsensors-examples-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtserialbus-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtserialbus-debuginfo-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtserialbus-devel-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"qt5-qtserialbus-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtserialbus-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtserialbus-examples-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtserialport-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtserialport-debuginfo-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtserialport-devel-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"qt5-qtserialport-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtserialport-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtserialport-examples-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtsvg-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtsvg-debuginfo-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtsvg-devel-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"qt5-qtsvg-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtsvg-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtsvg-examples-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qttools-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"qt5-qttools-common-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qttools-common-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qttools-debuginfo-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qttools-devel-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"qt5-qttools-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qttools-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qttools-examples-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qttools-libs-designer-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qttools-libs-designercomponents-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qttools-libs-help-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qttools-static-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"qt5-qttranslations-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qttranslations-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtwayland-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtwayland-debuginfo-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtwayland-devel-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"qt5-qtwayland-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtwayland-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtwayland-examples-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtwebchannel-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtwebchannel-debuginfo-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtwebchannel-devel-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"qt5-qtwebchannel-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtwebchannel-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtwebchannel-examples-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtwebsockets-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtwebsockets-debuginfo-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtwebsockets-devel-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"qt5-qtwebsockets-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtwebsockets-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtwebsockets-examples-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtx11extras-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtx11extras-debuginfo-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtx11extras-devel-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"qt5-qtx11extras-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtx11extras-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtxmlpatterns-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtxmlpatterns-debuginfo-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtxmlpatterns-devel-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"qt5-qtxmlpatterns-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtxmlpatterns-doc-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-qtxmlpatterns-examples-5.9.7-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"qt5-rpm-macros-5.9.7-2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt5-rpm-macros-5.9.7-2.el7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qt5-assistant / qt5-designer / qt5-doctools / qt5-linguist / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-08-19T12:22:51", "description": "Multiple issues have been addressed in Qt4.\n\nCVE-2018-15518\n\nA double-free or corruption during parsing of a specially crafted illegal XML document.\n\nCVE-2018-19869\n\nA malformed SVG image could cause a segmentation fault in qsvghandler.cpp.\n\nCVE-2018-19870\n\nA malformed GIF image might have caused a NULL pointer dereference in QGifHandler resulting in a segmentation fault.\n\nCVE-2018-19871\n\nThere was an uncontrolled resource consumption in QTgaFile.\n\nCVE-2018-19873\n\nQBmpHandler had a buffer overflow via BMP data.\n\nFor Debian 8 'Jessie', these problems have been fixed in version 4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2.\n\nWe recommend that you upgrade your qt4-x11 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-05-14T00:00:00", "type": "nessus", "title": "Debian DLA-1786-1 : qt4-x11 security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15518", "CVE-2018-19869", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19873"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libqt4-assistant", "p-cpe:/a:debian:debian_linux:libqt4-core", "p-cpe:/a:debian:debian_linux:libqt4-dbg", "p-cpe:/a:debian:debian_linux:libqt4-dbus", "p-cpe:/a:debian:debian_linux:libqt4-declarative", "p-cpe:/a:debian:debian_linux:libqt4-declarative-folderlistmodel", "p-cpe:/a:debian:debian_linux:libqt4-declarative-gestures", "p-cpe:/a:debian:debian_linux:libqt4-declarative-particles", "p-cpe:/a:debian:debian_linux:libqt4-declarative-shaders", "p-cpe:/a:debian:debian_linux:libqt4-designer", "p-cpe:/a:debian:debian_linux:libqt4-designer-dbg", "p-cpe:/a:debian:debian_linux:libqt4-dev", "p-cpe:/a:debian:debian_linux:libqt4-dev-bin", "p-cpe:/a:debian:debian_linux:libqt4-gui", "p-cpe:/a:debian:debian_linux:libqt4-help", "p-cpe:/a:debian:debian_linux:libqt4-network", "p-cpe:/a:debian:debian_linux:libqt4-opengl", "p-cpe:/a:debian:debian_linux:libqt4-opengl-dev", "p-cpe:/a:debian:debian_linux:libqt4-phonon", "p-cpe:/a:debian:debian_linux:libqt4-private-dev", "p-cpe:/a:debian:debian_linux:libqt4-qt3support", "p-cpe:/a:debian:debian_linux:libqt4-qt3support-dbg", "p-cpe:/a:debian:debian_linux:libqt4-script", "p-cpe:/a:debian:debian_linux:libqt4-script-dbg", "p-cpe:/a:debian:debian_linux:libqt4-scripttools", "p-cpe:/a:debian:debian_linux:libqt4-sql", "p-cpe:/a:debian:debian_linux:libqt4-sql-ibase", "p-cpe:/a:debian:debian_linux:libqt4-sql-mysql", "p-cpe:/a:debian:debian_linux:libqt4-sql-odbc", "p-cpe:/a:debian:debian_linux:libqt4-sql-psql", "p-cpe:/a:debian:debian_linux:libqt4-sql-sqlite", "p-cpe:/a:debian:debian_linux:libqt4-sql-sqlite2", "p-cpe:/a:debian:debian_linux:libqt4-sql-tds", "p-cpe:/a:debian:debian_linux:libqt4-svg", "p-cpe:/a:debian:debian_linux:libqt4-test", "p-cpe:/a:debian:debian_linux:libqt4-webkit", "p-cpe:/a:debian:debian_linux:libqt4-webkit-dbg", "p-cpe:/a:debian:debian_linux:libqt4-xml", "p-cpe:/a:debian:debian_linux:libqt4-xmlpatterns", "p-cpe:/a:debian:debian_linux:libqt4-xmlpatterns-dbg", "p-cpe:/a:debian:debian_linux:libqtcore4", "p-cpe:/a:debian:debian_linux:libqtdbus4", "p-cpe:/a:debian:debian_linux:libqtgui4", "p-cpe:/a:debian:debian_linux:qdbus", "p-cpe:/a:debian:debian_linux:qt4-bin-dbg", "p-cpe:/a:debian:debian_linux:qt4-default", "p-cpe:/a:debian:debian_linux:qt4-demos", "p-cpe:/a:debian:debian_linux:qt4-demos-dbg", "p-cpe:/a:debian:debian_linux:qt4-designer", "p-cpe:/a:debian:debian_linux:qt4-dev-tools", "p-cpe:/a:debian:debian_linux:qt4-doc", "p-cpe:/a:debian:debian_linux:qt4-doc-html", "p-cpe:/a:debian:debian_linux:qt4-linguist-tools", "p-cpe:/a:debian:debian_linux:qt4-qmake", "p-cpe:/a:debian:debian_linux:qt4-qmlviewer", "p-cpe:/a:debian:debian_linux:qt4-qtconfig", "p-cpe:/a:debian:debian_linux:qtcore4-l10n", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-1786.NASL", "href": "https://www.tenable.com/plugins/nessus/124875", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1786-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124875);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2018-15518\", \"CVE-2018-19869\", \"CVE-2018-19870\", \"CVE-2018-19871\", \"CVE-2018-19873\");\n\n script_name(english:\"Debian DLA-1786-1 : qt4-x11 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple issues have been addressed in Qt4.\n\nCVE-2018-15518\n\nA double-free or corruption during parsing of a specially crafted\nillegal XML document.\n\nCVE-2018-19869\n\nA malformed SVG image could cause a segmentation fault in\nqsvghandler.cpp.\n\nCVE-2018-19870\n\nA malformed GIF image might have caused a NULL pointer dereference in\nQGifHandler resulting in a segmentation fault.\n\nCVE-2018-19871\n\nThere was an uncontrolled resource consumption in QTgaFile.\n\nCVE-2018-19873\n\nQBmpHandler had a buffer overflow via BMP data.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2.\n\nWe recommend that you upgrade your qt4-x11 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2019/05/msg00014.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/qt4-x11\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-assistant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-declarative\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-declarative-folderlistmodel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-declarative-gestures\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-declarative-particles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-declarative-shaders\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-designer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-designer-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-dev-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-help\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-opengl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-opengl-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-phonon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-private-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-qt3support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-qt3support-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-script\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-script-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-scripttools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-sql-ibase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-sql-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-sql-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-sql-psql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-sql-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-sql-sqlite2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-sql-tds\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-svg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-webkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-webkit-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-xmlpatterns\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-xmlpatterns-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqtcore4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqtdbus4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqtgui4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qdbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qt4-bin-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qt4-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qt4-demos\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qt4-demos-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qt4-designer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qt4-dev-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qt4-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qt4-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qt4-linguist-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qt4-qmake\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qt4-qmlviewer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qt4-qtconfig\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qtcore4-l10n\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libqt4-assistant\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqt4-core\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqt4-dbg\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqt4-dbus\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqt4-declarative\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqt4-declarative-folderlistmodel\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqt4-declarative-gestures\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqt4-declarative-particles\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqt4-declarative-shaders\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqt4-designer\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqt4-designer-dbg\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqt4-dev\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqt4-dev-bin\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqt4-gui\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqt4-help\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqt4-network\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqt4-opengl\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqt4-opengl-dev\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqt4-phonon\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqt4-private-dev\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqt4-qt3support\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqt4-qt3support-dbg\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqt4-script\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqt4-script-dbg\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqt4-scripttools\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqt4-sql\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqt4-sql-ibase\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqt4-sql-mysql\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqt4-sql-odbc\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqt4-sql-psql\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqt4-sql-sqlite\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqt4-sql-sqlite2\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqt4-sql-tds\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqt4-svg\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqt4-test\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqt4-webkit\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqt4-webkit-dbg\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqt4-xml\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqt4-xmlpatterns\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqt4-xmlpatterns-dbg\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqtcore4\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqtdbus4\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libqtgui4\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"qdbus\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"qt4-bin-dbg\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"qt4-default\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"qt4-demos\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"qt4-demos-dbg\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"qt4-designer\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"qt4-dev-tools\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"qt4-doc\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"qt4-doc-html\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"qt4-linguist-tools\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"qt4-qmake\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"qt4-qmlviewer\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"qt4-qtconfig\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"qtcore4-l10n\", reference:\"4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-17T16:46:50", "description": "The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has qt5-qtx11extras packages installed that are affected by multiple vulnerabilities:\n\n - QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document. (CVE-2018-15518)\n\n - An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in qsvghandler.cpp. (CVE-2018-19869)\n\n - An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in QGifHandler resulting in a segmentation fault. (CVE-2018-19870)\n\n - An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.\n (CVE-2018-19871)\n\n - An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data.\n (CVE-2018-19873)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-04-11T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.05 / MAIN 5.05 : qt5-qtx11extras Multiple Vulnerabilities (NS-SA-2023-0023)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15518", "CVE-2018-19869", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19873"], "modified": "2023-04-11T00:00:00", "cpe": ["p-cpe:/a:zte:cgsl_core:qt5-qtx11extras", "p-cpe:/a:zte:cgsl_core:qt5-qtx11extras-debuginfo", "p-cpe:/a:zte:cgsl_core:qt5-qtx11extras-devel", "p-cpe:/a:zte:cgsl_core:qt5-qtx11extras-doc", "p-cpe:/a:zte:cgsl_main:qt5-qtx11extras", "p-cpe:/a:zte:cgsl_main:qt5-qtx11extras-debuginfo", "p-cpe:/a:zte:cgsl_main:qt5-qtx11extras-devel", "p-cpe:/a:zte:cgsl_main:qt5-qtx11extras-doc", "cpe:/o:zte:cgsl_core:5", "cpe:/o:zte:cgsl_main:5"], "id": "NEWSTART_CGSL_NS-SA-2023-0023_QT5-QTX11EXTRAS.NASL", "href": "https://www.tenable.com/plugins/nessus/174094", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2023-0023. The text\n# itself is copyright (C) ZTE, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(174094);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/11\");\n\n script_cve_id(\n \"CVE-2018-15518\",\n \"CVE-2018-19869\",\n \"CVE-2018-19870\",\n \"CVE-2018-19871\",\n \"CVE-2018-19873\"\n );\n\n script_name(english:\"NewStart CGSL CORE 5.05 / MAIN 5.05 : qt5-qtx11extras Multiple Vulnerabilities (NS-SA-2023-0023)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote NewStart CGSL host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has qt5-qtx11extras packages installed that are\naffected by multiple vulnerabilities:\n\n - QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted\n illegal XML document. (CVE-2018-15518)\n\n - An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in\n qsvghandler.cpp. (CVE-2018-19869)\n\n - An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in\n QGifHandler resulting in a segmentation fault. (CVE-2018-19870)\n\n - An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.\n (CVE-2018-19871)\n\n - An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data.\n (CVE-2018-19873)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2023-0023\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2018-15518\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2018-19869\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2018-19870\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2018-19871\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2018-19873\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL qt5-qtx11extras packages. Note that updated packages may not be available yet. Please\ncontact ZTE for more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-19873\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/04/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/04/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:qt5-qtx11extras\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:qt5-qtx11extras-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:qt5-qtx11extras-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:qt5-qtx11extras-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:qt5-qtx11extras\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:qt5-qtx11extras-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:qt5-qtx11extras-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:qt5-qtx11extras-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:zte:cgsl_core:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:zte:cgsl_main:5\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar os_release = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(os_release) || os_release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (os_release !~ \"CGSL CORE 5.05\" &&\n os_release !~ \"CGSL MAIN 5.05\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.05 / NewStart CGSL MAIN 5.05');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nvar flag = 0;\n\nvar pkgs = {\n 'CGSL CORE 5.05': [\n 'qt5-qtx11extras-5.9.7-1.el7',\n 'qt5-qtx11extras-debuginfo-5.9.7-1.el7',\n 'qt5-qtx11extras-devel-5.9.7-1.el7',\n 'qt5-qtx11extras-doc-5.9.7-1.el7'\n ],\n 'CGSL MAIN 5.05': [\n 'qt5-qtx11extras-5.9.7-1.el7',\n 'qt5-qtx11extras-debuginfo-5.9.7-1.el7',\n 'qt5-qtx11extras-devel-5.9.7-1.el7',\n 'qt5-qtx11extras-doc-5.9.7-1.el7'\n ]\n};\nvar pkg_list = pkgs[os_release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + os_release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'qt5-qtx11extras');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:26:32", "description": "The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has qt packages installed that are affected by multiple vulnerabilities:\n\n - An issue was discovered in Qt 5.11. A malformed PPM image causes a division by zero and a crash in qppmhandler.cpp. (CVE-2018-19872)\n\n - An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in QGifHandler resulting in a segmentation fault. (CVE-2018-19870)\n\n - An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data.\n (CVE-2018-19873)\n\n - An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.\n (CVE-2018-19871)\n\n - QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document. (CVE-2018-15518)\n\n - An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in qsvghandler.cpp. (CVE-2018-19869)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-12-09T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.05 / MAIN 5.05 : qt Multiple Vulnerabilities (NS-SA-2020-0092)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15518", "CVE-2018-19869", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19872", "CVE-2018-19873"], "modified": "2020-12-10T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2020-0092_QT.NASL", "href": "https://www.tenable.com/plugins/nessus/143935", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2020-0092. The text\n# itself is copyright (C) ZTE, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143935);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/10\");\n\n script_cve_id(\n \"CVE-2018-15518\",\n \"CVE-2018-19869\",\n \"CVE-2018-19870\",\n \"CVE-2018-19871\",\n \"CVE-2018-19872\",\n \"CVE-2018-19873\"\n );\n script_bugtraq_id(106286, 106327, 106338);\n\n script_name(english:\"NewStart CGSL CORE 5.05 / MAIN 5.05 : qt Multiple Vulnerabilities (NS-SA-2020-0092)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has qt packages installed that are affected by\nmultiple vulnerabilities:\n\n - An issue was discovered in Qt 5.11. A malformed PPM image causes a division by zero and a crash in\n qppmhandler.cpp. (CVE-2018-19872)\n\n - An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in\n QGifHandler resulting in a segmentation fault. (CVE-2018-19870)\n\n - An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data.\n (CVE-2018-19873)\n\n - An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.\n (CVE-2018-19871)\n\n - QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted\n illegal XML document. (CVE-2018-15518)\n\n - An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in\n qsvghandler.cpp. (CVE-2018-19869)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2020-0092\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL qt packages. Note that updated packages may not be available yet. Please contact ZTE for\nmore information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-19873\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (release !~ \"CGSL CORE 5.05\" &&\n release !~ \"CGSL MAIN 5.05\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.05 / NewStart CGSL MAIN 5.05');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nflag = 0;\n\npkgs = {\n 'CGSL CORE 5.05': [\n 'qt-4.8.7-8.el7',\n 'qt-assistant-4.8.7-8.el7',\n 'qt-config-4.8.7-8.el7',\n 'qt-debuginfo-4.8.7-8.el7',\n 'qt-demos-4.8.7-8.el7',\n 'qt-devel-4.8.7-8.el7',\n 'qt-devel-private-4.8.7-8.el7',\n 'qt-doc-4.8.7-8.el7',\n 'qt-examples-4.8.7-8.el7',\n 'qt-mysql-4.8.7-8.el7',\n 'qt-odbc-4.8.7-8.el7',\n 'qt-postgresql-4.8.7-8.el7',\n 'qt-qdbusviewer-4.8.7-8.el7',\n 'qt-qvfb-4.8.7-8.el7',\n 'qt-x11-4.8.7-8.el7'\n ],\n 'CGSL MAIN 5.05': [\n 'qt-4.8.7-8.el7',\n 'qt-assistant-4.8.7-8.el7',\n 'qt-config-4.8.7-8.el7',\n 'qt-debuginfo-4.8.7-8.el7',\n 'qt-demos-4.8.7-8.el7',\n 'qt-devel-4.8.7-8.el7',\n 'qt-devel-private-4.8.7-8.el7',\n 'qt-doc-4.8.7-8.el7',\n 'qt-examples-4.8.7-8.el7',\n 'qt-mysql-4.8.7-8.el7',\n 'qt-odbc-4.8.7-8.el7',\n 'qt-postgresql-4.8.7-8.el7',\n 'qt-qdbusviewer-4.8.7-8.el7',\n 'qt-qvfb-4.8.7-8.el7',\n 'qt-x11-4.8.7-8.el7'\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'qt');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:13:42", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has qt packages installed that are affected by multiple vulnerabilities:\n\n - An issue was discovered in Qt 5.11. A malformed PPM image causes a division by zero and a crash in qppmhandler.cpp. (CVE-2018-19872)\n\n - An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in QGifHandler resulting in a segmentation fault. (CVE-2018-19870)\n\n - An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data.\n (CVE-2018-19873)\n\n - An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.\n (CVE-2018-19871)\n\n - QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document. (CVE-2018-15518)\n\n - An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in qsvghandler.cpp. (CVE-2018-19869)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-12-09T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : qt Multiple Vulnerabilities (NS-SA-2020-0062)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15518", "CVE-2018-19869", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19872", "CVE-2018-19873"], "modified": "2020-12-10T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2020-0062_QT.NASL", "href": "https://www.tenable.com/plugins/nessus/143909", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2020-0062. The text\n# itself is copyright (C) ZTE, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143909);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/10\");\n\n script_cve_id(\n \"CVE-2018-15518\",\n \"CVE-2018-19869\",\n \"CVE-2018-19870\",\n \"CVE-2018-19871\",\n \"CVE-2018-19872\",\n \"CVE-2018-19873\"\n );\n script_bugtraq_id(106286, 106327, 106338);\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : qt Multiple Vulnerabilities (NS-SA-2020-0062)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has qt packages installed that are affected by\nmultiple vulnerabilities:\n\n - An issue was discovered in Qt 5.11. A malformed PPM image causes a division by zero and a crash in\n qppmhandler.cpp. (CVE-2018-19872)\n\n - An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in\n QGifHandler resulting in a segmentation fault. (CVE-2018-19870)\n\n - An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data.\n (CVE-2018-19873)\n\n - An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.\n (CVE-2018-19871)\n\n - QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted\n illegal XML document. (CVE-2018-15518)\n\n - An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in\n qsvghandler.cpp. (CVE-2018-19869)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2020-0062\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL qt packages. Note that updated packages may not be available yet. Please contact ZTE for\nmore information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-19873\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nflag = 0;\n\npkgs = {\n 'CGSL CORE 5.04': [\n 'qt-4.8.7-8.el7',\n 'qt-assistant-4.8.7-8.el7',\n 'qt-config-4.8.7-8.el7',\n 'qt-debuginfo-4.8.7-8.el7',\n 'qt-demos-4.8.7-8.el7',\n 'qt-devel-4.8.7-8.el7',\n 'qt-devel-private-4.8.7-8.el7',\n 'qt-doc-4.8.7-8.el7',\n 'qt-examples-4.8.7-8.el7',\n 'qt-mysql-4.8.7-8.el7',\n 'qt-odbc-4.8.7-8.el7',\n 'qt-postgresql-4.8.7-8.el7',\n 'qt-qdbusviewer-4.8.7-8.el7',\n 'qt-qvfb-4.8.7-8.el7',\n 'qt-x11-4.8.7-8.el7'\n ],\n 'CGSL MAIN 5.04': [\n 'qt-4.8.7-8.el7',\n 'qt-assistant-4.8.7-8.el7',\n 'qt-config-4.8.7-8.el7',\n 'qt-debuginfo-4.8.7-8.el7',\n 'qt-demos-4.8.7-8.el7',\n 'qt-devel-4.8.7-8.el7',\n 'qt-devel-private-4.8.7-8.el7',\n 'qt-doc-4.8.7-8.el7',\n 'qt-examples-4.8.7-8.el7',\n 'qt-mysql-4.8.7-8.el7',\n 'qt-odbc-4.8.7-8.el7',\n 'qt-postgresql-4.8.7-8.el7',\n 'qt-qdbusviewer-4.8.7-8.el7',\n 'qt-qvfb-4.8.7-8.el7',\n 'qt-x11-4.8.7-8.el7'\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'qt');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:58:38", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1172 advisory.\n\n - qt5-qtbase: Double free in QXmlStreamReader (CVE-2018-15518)\n\n - qt5-qtsvg: Invalid parsing of malformed url reference resulting in a denial of service (CVE-2018-19869)\n\n - qt5-qtbase: QImage allocation failure in qgifhandler (CVE-2018-19870)\n\n - qt5-qtimageformats: QTgaFile CPU exhaustion (CVE-2018-19871)\n\n - qt: Malformed PPM image causing division by zero and crash in qppmhandler.cpp (CVE-2018-19872)\n\n - qt5-qtbase: QBmpHandler segmentation fault on malformed BMP file (CVE-2018-19873)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-04-10T00:00:00", "type": "nessus", "title": "CentOS 7 : qt (CESA-2020:1172)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15518", "CVE-2018-19869", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19872", "CVE-2018-19873"], "modified": "2020-06-05T00:00:00", "cpe": ["p-cpe:/a:centos:centos:qt", "p-cpe:/a:centos:centos:qt-assistant", "p-cpe:/a:centos:centos:qt-config", "p-cpe:/a:centos:centos:qt-demos", "p-cpe:/a:centos:centos:qt-devel", "p-cpe:/a:centos:centos:qt-devel-private", "p-cpe:/a:centos:centos:qt-doc", "p-cpe:/a:centos:centos:qt-examples", "p-cpe:/a:centos:centos:qt-mysql", "p-cpe:/a:centos:centos:qt-odbc", "p-cpe:/a:centos:centos:qt-postgresql", "p-cpe:/a:centos:centos:qt-qdbusviewer", "p-cpe:/a:centos:centos:qt-qvfb", "p-cpe:/a:centos:centos:qt-x11", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2020-1172.NASL", "href": "https://www.tenable.com/plugins/nessus/135349", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2020:1172 and \n# CentOS Errata and Security Advisory 2020:1172 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(135349);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/05\");\n\n script_cve_id(\"CVE-2018-15518\", \"CVE-2018-19869\", \"CVE-2018-19870\", \"CVE-2018-19871\", \"CVE-2018-19872\", \"CVE-2018-19873\");\n script_xref(name:\"RHSA\", value:\"2020:1172\");\n\n script_name(english:\"CentOS 7 : qt (CESA-2020:1172)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:1172 advisory.\n\n - qt5-qtbase: Double free in QXmlStreamReader\n (CVE-2018-15518)\n\n - qt5-qtsvg: Invalid parsing of malformed url reference\n resulting in a denial of service (CVE-2018-19869)\n\n - qt5-qtbase: QImage allocation failure in qgifhandler\n (CVE-2018-19870)\n\n - qt5-qtimageformats: QTgaFile CPU exhaustion\n (CVE-2018-19871)\n\n - qt: Malformed PPM image causing division by zero and\n crash in qppmhandler.cpp (CVE-2018-19872)\n\n - qt5-qtbase: QBmpHandler segmentation fault on malformed\n BMP file (CVE-2018-19873)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2020-April/012582.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?10286b0f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected qt packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-19873\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt-assistant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt-demos\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt-devel-private\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt-qdbusviewer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt-qvfb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qt-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt-4.8.7-8.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt-assistant-4.8.7-8.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt-config-4.8.7-8.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt-demos-4.8.7-8.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt-devel-4.8.7-8.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt-devel-private-4.8.7-8.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt-doc-4.8.7-8.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt-examples-4.8.7-8.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt-mysql-4.8.7-8.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt-odbc-4.8.7-8.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt-postgresql-4.8.7-8.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt-qdbusviewer-4.8.7-8.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt-qvfb-4.8.7-8.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qt-x11-4.8.7-8.el7\")) flag++;\n\n\nif (flag)\n{\n cr_plugin_caveat = '\\n' +\n 'NOTE: The security advisory associated with this vulnerability has a\\n' +\n 'fixed package version that may only be available in the continuous\\n' +\n 'release (CR) repository for CentOS, until it is present in the next\\n' +\n 'point release of CentOS.\\n\\n' +\n\n 'If an equal or higher package level does not exist in the baseline\\n' +\n 'repository for your major version of CentOS, then updates from the CR\\n' +\n 'repository will need to be applied in order to address the\\n' +\n 'vulnerability.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + cr_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qt / qt-assistant / qt-config / qt-demos / qt-devel / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-28T14:08:48", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1172 advisory.\n\n - qt5-qtbase: Double free in QXmlStreamReader (CVE-2018-15518)\n\n - qt5-qtsvg: Invalid parsing of malformed url reference resulting in a denial of service (CVE-2018-19869)\n\n - qt5-qtbase: QImage allocation failure in qgifhandler (CVE-2018-19870)\n\n - qt5-qtimageformats: QTgaFile CPU exhaustion (CVE-2018-19871)\n\n - qt: Malformed PPM image causing division by zero and crash in qppmhandler.cpp (CVE-2018-19872)\n\n - qt5-qtbase: QBmpHandler segmentation fault on malformed BMP file (CVE-2018-19873)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-03-31T00:00:00", "type": "nessus", "title": "RHEL 7 : qt (RHSA-2020:1172)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15518", "CVE-2018-19869", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19872", "CVE-2018-19873"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:qt", "p-cpe:/a:redhat:enterprise_linux:qt-assistant", "p-cpe:/a:redhat:enterprise_linux:qt-config", "p-cpe:/a:redhat:enterprise_linux:qt-demos", "p-cpe:/a:redhat:enterprise_linux:qt-devel", "p-cpe:/a:redhat:enterprise_linux:qt-devel-private", "p-cpe:/a:redhat:enterprise_linux:qt-doc", "p-cpe:/a:redhat:enterprise_linux:qt-examples", "p-cpe:/a:redhat:enterprise_linux:qt-mysql", "p-cpe:/a:redhat:enterprise_linux:qt-odbc", "p-cpe:/a:redhat:enterprise_linux:qt-postgresql", "p-cpe:/a:redhat:enterprise_linux:qt-qdbusviewer", "p-cpe:/a:redhat:enterprise_linux:qt-qvfb", "p-cpe:/a:redhat:enterprise_linux:qt-x11"], "id": "REDHAT-RHSA-2020-1172.NASL", "href": "https://www.tenable.com/plugins/nessus/135039", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:1172. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135039);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\n \"CVE-2018-15518\",\n \"CVE-2018-19869\",\n \"CVE-2018-19870\",\n \"CVE-2018-19871\",\n \"CVE-2018-19872\",\n \"CVE-2018-19873\"\n );\n script_bugtraq_id(106286, 106327, 106338);\n script_xref(name:\"RHSA\", value:\"2020:1172\");\n\n script_name(english:\"RHEL 7 : qt (RHSA-2020:1172)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:1172 advisory.\n\n - qt5-qtbase: Double free in QXmlStreamReader (CVE-2018-15518)\n\n - qt5-qtsvg: Invalid parsing of malformed url reference resulting in a denial of service (CVE-2018-19869)\n\n - qt5-qtbase: QImage allocation failure in qgifhandler (CVE-2018-19870)\n\n - qt5-qtimageformats: QTgaFile CPU exhaustion (CVE-2018-19871)\n\n - qt: Malformed PPM image causing division by zero and crash in qppmhandler.cpp (CVE-2018-19872)\n\n - qt5-qtbase: QBmpHandler segmentation fault on malformed BMP file (CVE-2018-19873)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-15518\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-19869\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-19870\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-19871\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-19872\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-19873\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:1172\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1658996\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1658998\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1659000\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1661460\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1661465\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1691636\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-19873\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 369, 400, 416);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt-assistant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt-demos\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt-devel-private\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt-qdbusviewer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt-qvfb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qt-x11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/supplementary/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/os',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/client/7/7Client/x86_64/os',\n 'content/dist/rhel/client/7/7Client/x86_64/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/os',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/os',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/os',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/os',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/os',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/os',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/os',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/os',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/server/7/7Server/x86_64/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/os',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/os',\n 'content/fastrack/rhel/client/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/os',\n 'content/fastrack/rhel/client/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/os',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/os',\n 'content/fastrack/rhel/computenode/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/power/7/ppc64/debug',\n 'content/fastrack/rhel/power/7/ppc64/optional/debug',\n 'content/fastrack/rhel/power/7/ppc64/optional/os',\n 'content/fastrack/rhel/power/7/ppc64/optional/source/SRPMS',\n 'content/fastrack/rhel/power/7/ppc64/os',\n 'content/fastrack/rhel/power/7/ppc64/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/os',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/optional/debug',\n 'content/fastrack/rhel/server/7/x86_64/optional/os',\n 'content/fastrack/rhel/server/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/debug',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/system-z/7/s390x/debug',\n 'content/fastrack/rhel/system-z/7/s390x/optional/debug',\n 'content/fastrack/rhel/system-z/7/s390x/optional/os',\n 'content/fastrack/rhel/system-z/7/s390x/optional/source/SRPMS',\n 'content/fastrack/rhel/system-z/7/s390x/os',\n 'content/fastrack/rhel/system-z/7/s390x/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/os',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/os',\n 'content/fastrack/rhel/workstation/7/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'qt-4.8.7-8.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-assistant-4.8.7-8.el7', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-assistant-4.8.7-8.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-assistant-4.8.7-8.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-assistant-4.8.7-8.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-config-4.8.7-8.el7', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-config-4.8.7-8.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-config-4.8.7-8.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-config-4.8.7-8.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-demos-4.8.7-8.el7', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-demos-4.8.7-8.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-demos-4.8.7-8.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-demos-4.8.7-8.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-devel-4.8.7-8.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-devel-private-4.8.7-8.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-doc-4.8.7-8.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-examples-4.8.7-8.el7', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-examples-4.8.7-8.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-examples-4.8.7-8.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-examples-4.8.7-8.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-mysql-4.8.7-8.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-odbc-4.8.7-8.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-postgresql-4.8.7-8.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-qdbusviewer-4.8.7-8.el7', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-qdbusviewer-4.8.7-8.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-qdbusviewer-4.8.7-8.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-qdbusviewer-4.8.7-8.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-qvfb-4.8.7-8.el7', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-qvfb-4.8.7-8.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-qvfb-4.8.7-8.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-qvfb-4.8.7-8.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-x11-4.8.7-8.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'qt / qt-assistant / qt-config / qt-demos / qt-devel / qt-devel-private / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:05:36", "description": "An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in qsvghandler.cpp. (CVE-2018-19869)\n\nAn issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in QGifHandler resulting in a segmentation fault. (CVE-2018-19870)\n\nAn issue was discovered in Qt 5.11. A malformed PPM image causes a division by zero and a crash in qppmhandler.cpp. (CVE-2018-19872)\n\nQXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document.\n(CVE-2018-15518)\n\nAn issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data. (CVE-2018-19873)\n\nAn issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption. (CVE-2018-19871)", "cvss3": {}, "published": "2020-07-20T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : qt (ALAS-2020-1458)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15518", "CVE-2018-19869", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19872", "CVE-2018-19873"], "modified": "2020-07-22T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:qt", "p-cpe:/a:amazon:linux:qt-assistant", "p-cpe:/a:amazon:linux:qt-config", "p-cpe:/a:amazon:linux:qt-debuginfo", "p-cpe:/a:amazon:linux:qt-demos", "p-cpe:/a:amazon:linux:qt-devel", "p-cpe:/a:amazon:linux:qt-devel-private", "p-cpe:/a:amazon:linux:qt-doc", "p-cpe:/a:amazon:linux:qt-examples", "p-cpe:/a:amazon:linux:qt-mysql", "p-cpe:/a:amazon:linux:qt-odbc", "p-cpe:/a:amazon:linux:qt-postgresql", "p-cpe:/a:amazon:linux:qt-qdbusviewer", "p-cpe:/a:amazon:linux:qt-qvfb", "p-cpe:/a:amazon:linux:qt-x11", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2020-1458.NASL", "href": "https://www.tenable.com/plugins/nessus/138624", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2020-1458.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(138624);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/07/22\");\n\n script_cve_id(\"CVE-2018-15518\", \"CVE-2018-19869\", \"CVE-2018-19870\", \"CVE-2018-19871\", \"CVE-2018-19872\", \"CVE-2018-19873\");\n script_xref(name:\"ALAS\", value:\"2020-1458\");\n\n script_name(english:\"Amazon Linux 2 : qt (ALAS-2020-1458)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Amazon Linux 2 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"An issue was discovered in Qt before 5.11.3. A malformed SVG image\ncauses a segmentation fault in qsvghandler.cpp. (CVE-2018-19869)\n\nAn issue was discovered in Qt before 5.11.3. A malformed GIF image\ncauses a NULL pointer dereference in QGifHandler resulting in a\nsegmentation fault. (CVE-2018-19870)\n\nAn issue was discovered in Qt 5.11. A malformed PPM image causes a\ndivision by zero and a crash in qppmhandler.cpp. (CVE-2018-19872)\n\nQXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption\nduring parsing of a specially crafted illegal XML document.\n(CVE-2018-15518)\n\nAn issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer\noverflow via BMP data. (CVE-2018-19873)\n\nAn issue was discovered in Qt before 5.11.3. There is QTgaFile\nUncontrolled Resource Consumption. (CVE-2018-19871)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/AL2/ALAS-2020-1458.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Run 'yum update qt' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qt-assistant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qt-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qt-demos\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qt-devel-private\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qt-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qt-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qt-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qt-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qt-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qt-qdbusviewer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qt-qvfb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qt-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"AL2\", reference:\"qt-4.8.5-15.amzn2.0.4\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qt-assistant-4.8.5-15.amzn2.0.4\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qt-config-4.8.5-15.amzn2.0.4\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qt-debuginfo-4.8.5-15.amzn2.0.4\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qt-demos-4.8.5-15.amzn2.0.4\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qt-devel-4.8.5-15.amzn2.0.4\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qt-devel-private-4.8.5-15.amzn2.0.4\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qt-doc-4.8.5-15.amzn2.0.4\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qt-examples-4.8.5-15.amzn2.0.4\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qt-mysql-4.8.5-15.amzn2.0.4\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qt-odbc-4.8.5-15.amzn2.0.4\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qt-postgresql-4.8.5-15.amzn2.0.4\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qt-qdbusviewer-4.8.5-15.amzn2.0.4\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qt-qvfb-4.8.5-15.amzn2.0.4\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qt-x11-4.8.5-15.amzn2.0.4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qt / qt-assistant / qt-config / qt-debuginfo / qt-demos / qt-devel / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:58:26", "description": "* qt5-qtbase: Double free in QXmlStreamReader * qt: Malformed PPM image causing division by zero and crash in qppmhandler.cpp * qt5-qtsvg: Invalid parsing of malformed url reference resulting in a denial of service * qt5-qtbase: QImage allocation failure in qgifhandler * qt5-qtimageformats: QTgaFile CPU exhaustion * qt5-qtbase: QBmpHandler segmentation fault on malformed BMP file", "cvss3": {}, "published": "2020-04-21T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : qt on SL7.x x86_64 (20200407)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15518", "CVE-2018-19869", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19872", "CVE-2018-19873"], "modified": "2020-04-24T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:qt", "p-cpe:/a:fermilab:scientific_linux:qt-assistant", "p-cpe:/a:fermilab:scientific_linux:qt-config", "p-cpe:/a:fermilab:scientific_linux:qt-debuginfo", "p-cpe:/a:fermilab:scientific_linux:qt-demos", "p-cpe:/a:fermilab:scientific_linux:qt-devel", "p-cpe:/a:fermilab:scientific_linux:qt-devel-private", "p-cpe:/a:fermilab:scientific_linux:qt-doc", "p-cpe:/a:fermilab:scientific_linux:qt-examples", "p-cpe:/a:fermilab:scientific_linux:qt-mysql", "p-cpe:/a:fermilab:scientific_linux:qt-odbc", "p-cpe:/a:fermilab:scientific_linux:qt-postgresql", "p-cpe:/a:fermilab:scientific_linux:qt-qdbusviewer", "p-cpe:/a:fermilab:scientific_linux:qt-qvfb", "p-cpe:/a:fermilab:scientific_linux:qt-x11", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20200407_QT_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/135834", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(135834);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/04/24\");\n\n script_cve_id(\"CVE-2018-15518\", \"CVE-2018-19869\", \"CVE-2018-19870\", \"CVE-2018-19871\", \"CVE-2018-19872\", \"CVE-2018-19873\");\n\n script_name(english:\"Scientific Linux Security Update : qt on SL7.x x86_64 (20200407)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"* qt5-qtbase: Double free in QXmlStreamReader * qt: Malformed PPM\nimage causing division by zero and crash in qppmhandler.cpp *\nqt5-qtsvg: Invalid parsing of malformed url reference resulting in a\ndenial of service * qt5-qtbase: QImage allocation failure in\nqgifhandler * qt5-qtimageformats: QTgaFile CPU exhaustion *\nqt5-qtbase: QBmpHandler segmentation fault on malformed BMP file\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind2004&L=SCIENTIFIC-LINUX-ERRATA&P=11193\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2394a5e8\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt-assistant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt-demos\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt-devel-private\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt-qdbusviewer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt-qvfb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qt-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt-4.8.7-8.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt-assistant-4.8.7-8.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt-config-4.8.7-8.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt-debuginfo-4.8.7-8.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt-demos-4.8.7-8.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt-devel-4.8.7-8.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"qt-devel-private-4.8.7-8.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"qt-doc-4.8.7-8.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt-examples-4.8.7-8.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt-mysql-4.8.7-8.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt-odbc-4.8.7-8.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt-postgresql-4.8.7-8.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt-qdbusviewer-4.8.7-8.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt-qvfb-4.8.7-8.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qt-x11-4.8.7-8.el7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qt / qt-assistant / qt-config / qt-debuginfo / qt-demos / qt-devel / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-10T16:46:31", "description": "The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1172 advisory.\n\n - QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document. (CVE-2018-15518)\n\n - An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in qsvghandler.cpp. (CVE-2018-19869)\n\n - An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data.\n (CVE-2018-19873)\n\n - An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in QGifHandler resulting in a segmentation fault. (CVE-2018-19870)\n\n - An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.\n (CVE-2018-19871)\n\n - An issue was discovered in Qt 5.11. A malformed PPM image causes a division by zero and a crash in qppmhandler.cpp. (CVE-2018-19872)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-09-07T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : qt (ELSA-2020-1172)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15518", "CVE-2018-19869", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19872", "CVE-2018-19873"], "modified": "2023-09-07T00:00:00", "cpe": ["cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:qt", "p-cpe:/a:oracle:linux:qt-assistant", "p-cpe:/a:oracle:linux:qt-config", "p-cpe:/a:oracle:linux:qt-demos", "p-cpe:/a:oracle:linux:qt-devel", "p-cpe:/a:oracle:linux:qt-devel-private", "p-cpe:/a:oracle:linux:qt-doc", "p-cpe:/a:oracle:linux:qt-examples", "p-cpe:/a:oracle:linux:qt-mysql", "p-cpe:/a:oracle:linux:qt-odbc", "p-cpe:/a:oracle:linux:qt-postgresql", "p-cpe:/a:oracle:linux:qt-qdbusviewer", "p-cpe:/a:oracle:linux:qt-qvfb", "p-cpe:/a:oracle:linux:qt-x11"], "id": "ORACLELINUX_ELSA-2020-1172.NASL", "href": "https://www.tenable.com/plugins/nessus/180669", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2020-1172.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(180669);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/07\");\n\n script_cve_id(\n \"CVE-2018-15518\",\n \"CVE-2018-19869\",\n \"CVE-2018-19870\",\n \"CVE-2018-19871\",\n \"CVE-2018-19872\",\n \"CVE-2018-19873\"\n );\n\n script_name(english:\"Oracle Linux 7 : qt (ELSA-2020-1172)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2020-1172 advisory.\n\n - QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted\n illegal XML document. (CVE-2018-15518)\n\n - An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in\n qsvghandler.cpp. (CVE-2018-19869)\n\n - An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data.\n (CVE-2018-19873)\n\n - An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in\n QGifHandler resulting in a segmentation fault. (CVE-2018-19870)\n\n - An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.\n (CVE-2018-19871)\n\n - An issue was discovered in Qt 5.11. A malformed PPM image causes a division by zero and a crash in\n qppmhandler.cpp. (CVE-2018-19872)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2020-1172.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-19873\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/09/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt-assistant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt-demos\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt-devel-private\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt-qdbusviewer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt-qvfb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qt-x11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(os_release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:os_release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar pkgs = [\n {'reference':'qt-devel-private-4.8.7-8.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-doc-4.8.7-8.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-4.8.7-8.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-assistant-4.8.7-8.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-config-4.8.7-8.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-demos-4.8.7-8.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-devel-4.8.7-8.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-examples-4.8.7-8.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-mysql-4.8.7-8.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-odbc-4.8.7-8.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-postgresql-4.8.7-8.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-qdbusviewer-4.8.7-8.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-qvfb-4.8.7-8.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-x11-4.8.7-8.el7', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-4.8.7-8.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-devel-4.8.7-8.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-mysql-4.8.7-8.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-odbc-4.8.7-8.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-postgresql-4.8.7-8.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-x11-4.8.7-8.el7', 'cpu':'i686', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-4.8.7-8.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-assistant-4.8.7-8.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-config-4.8.7-8.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-demos-4.8.7-8.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-devel-4.8.7-8.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-examples-4.8.7-8.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-mysql-4.8.7-8.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-odbc-4.8.7-8.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-postgresql-4.8.7-8.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-qdbusviewer-4.8.7-8.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-qvfb-4.8.7-8.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'qt-x11-4.8.7-8.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release) {\n if (exists_check) {\n if (rpm_exists(release:_release, rpm:exists_check) && rpm_check(release:_release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'qt / qt-assistant / qt-config / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:07:32", "description": "Several vulnerabilities were fixed in qt4-x11, the legacy version of the Qt toolkit.\n\nCVE-2018-15518\n\nDouble-free or corruption in QXmlStreamReader during parsing of a specially crafted illegal XML document.\n\nCVE-2018-19869\n\nA malformed SVG image causes a segmentation fault.\n\nCVE-2018-19870\n\nA malformed GIF image causes a NULL pointer dereference in QGifHandler resulting in a segmentation fault.\n\nCVE-2018-19871\n\nUncontrolled Resource Consumption in QTgaFile.\n\nCVE-2018-19872\n\nA malformed PPM image causes a crash.\n\nCVE-2018-19873\n\nQBmpHandler segfault on malformed BMP file.\n\nCVE-2020-17507\n\nBuffer over-read in the XBM parser.\n\nFor Debian 9 stretch, these problems have been fixed in version 4:4.8.7+dfsg-11+deb9u1.\n\nWe recommend that you upgrade your qt4-x11 packages.\n\nFor the detailed security status of qt4-x11 please refer to its security tracker page at:\nhttps://security-tracker.debian.org/tracker/qt4-x11\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-09-29T00:00:00", "type": "nessus", "title": "Debian DLA-2377-1 : qt4-x11 security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15518", "CVE-2018-19869", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19872", "CVE-2018-19873", "CVE-2020-17507"], "modified": "2020-10-05T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libqt4-declarative-shaders", "p-cpe:/a:debian:debian_linux:libqt4-designer", "p-cpe:/a:debian:debian_linux:libqt4-designer-dbg", "p-cpe:/a:debian:debian_linux:libqt4-dev", "p-cpe:/a:debian:debian_linux:libqt4-dev-bin", "p-cpe:/a:debian:debian_linux:libqt4-help", "p-cpe:/a:debian:debian_linux:libqt4-network", "p-cpe:/a:debian:debian_linux:libqt4-opengl", "p-cpe:/a:debian:debian_linux:libqt4-opengl-dev", "p-cpe:/a:debian:debian_linux:libqt4-phonon", "p-cpe:/a:debian:debian_linux:libqt4-qt3support", "p-cpe:/a:debian:debian_linux:libqt4-qt3support-dbg", "p-cpe:/a:debian:debian_linux:libqt4-script", "p-cpe:/a:debian:debian_linux:libqt4-script-dbg", "p-cpe:/a:debian:debian_linux:libqt4-scripttools", "p-cpe:/a:debian:debian_linux:libqt4-sql", "p-cpe:/a:debian:debian_linux:libqt4-sql-ibase", "p-cpe:/a:debian:debian_linux:libqt4-sql-mysql", "p-cpe:/a:debian:debian_linux:libqt4-sql-odbc", "p-cpe:/a:debian:debian_linux:libqt4-sql-psql", "p-cpe:/a:debian:debian_linux:libqt4-sql-sqlite", "p-cpe:/a:debian:debian_linux:libqt4-sql-sqlite2", "p-cpe:/a:debian:debian_linux:libqt4-sql-tds", "p-cpe:/a:debian:debian_linux:libqt4-svg", "p-cpe:/a:debian:debian_linux:libqt4-test", "p-cpe:/a:debian:debian_linux:libqt4-xml", "p-cpe:/a:debian:debian_linux:libqt4-xmlpatterns", "p-cpe:/a:debian:debian_linux:libqt4-xmlpatterns-dbg", "p-cpe:/a:debian:debian_linux:libqtcore4", "p-cpe:/a:debian:debian_linux:libqtdbus4", "p-cpe:/a:debian:debian_linux:libqtgui4", "p-cpe:/a:debian:debian_linux:qdbus", "p-cpe:/a:debian:debian_linux:qt4-bin-dbg", "p-cpe:/a:debian:debian_linux:qt4-default", "p-cpe:/a:debian:debian_linux:qt4-demos", "p-cpe:/a:debian:debian_linux:qt4-demos-dbg", "p-cpe:/a:debian:debian_linux:qt4-designer", "p-cpe:/a:debian:debian_linux:qt4-dev-tools", "p-cpe:/a:debian:debian_linux:qt4-doc", "p-cpe:/a:debian:debian_linux:qt4-doc-html", "p-cpe:/a:debian:debian_linux:qt4-linguist-tools", "p-cpe:/a:debian:debian_linux:qt4-qmake", "p-cpe:/a:debian:debian_linux:qt4-qmlviewer", "p-cpe:/a:debian:debian_linux:qt4-qtconfig", "p-cpe:/a:debian:debian_linux:qtcore4-l10n", "cpe:/o:debian:debian_linux:9.0", "p-cpe:/a:debian:debian_linux:libqt4-dbg", "p-cpe:/a:debian:debian_linux:libqt4-dbus", "p-cpe:/a:debian:debian_linux:libqt4-declarative", "p-cpe:/a:debian:debian_linux:libqt4-declarative-folderlistmodel", "p-cpe:/a:debian:debian_linux:libqt4-declarative-gestures", "p-cpe:/a:debian:debian_linux:libqt4-declarative-particles"], "id": "DEBIAN_DLA-2377.NASL", "href": "https://www.tenable.com/plugins/nessus/140932", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-2377-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(140932);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/10/05\");\n\n script_cve_id(\"CVE-2018-15518\", \"CVE-2018-19869\", \"CVE-2018-19870\", \"CVE-2018-19871\", \"CVE-2018-19872\", \"CVE-2018-19873\", \"CVE-2020-17507\");\n\n script_name(english:\"Debian DLA-2377-1 : qt4-x11 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Several vulnerabilities were fixed in qt4-x11, the legacy version of\nthe Qt toolkit.\n\nCVE-2018-15518\n\nDouble-free or corruption in QXmlStreamReader during parsing of a\nspecially crafted illegal XML document.\n\nCVE-2018-19869\n\nA malformed SVG image causes a segmentation fault.\n\nCVE-2018-19870\n\nA malformed GIF image causes a NULL pointer dereference in QGifHandler\nresulting in a segmentation fault.\n\nCVE-2018-19871\n\nUncontrolled Resource Consumption in QTgaFile.\n\nCVE-2018-19872\n\nA malformed PPM image causes a crash.\n\nCVE-2018-19873\n\nQBmpHandler segfault on malformed BMP file.\n\nCVE-2020-17507\n\nBuffer over-read in the XBM parser.\n\nFor Debian 9 stretch, these problems have been fixed in version\n4:4.8.7+dfsg-11+deb9u1.\n\nWe recommend that you upgrade your qt4-x11 packages.\n\nFor the detailed security status of qt4-x11 please refer to its\nsecurity tracker page at:\nhttps://security-tracker.debian.org/tracker/qt4-x11\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2020/09/msg00023.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/qt4-x11\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/qt4-x11\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-declarative\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-declarative-folderlistmodel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-declarative-gestures\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-declarative-particles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-declarative-shaders\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-designer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-designer-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-dev-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-help\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-opengl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-opengl-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-phonon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-qt3support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-qt3support-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-script\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-script-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-scripttools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-sql-ibase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-sql-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-sql-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-sql-psql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-sql-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-sql-sqlite2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-sql-tds\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-svg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-xmlpatterns\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqt4-xmlpatterns-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqtcore4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqtdbus4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libqtgui4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qdbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qt4-bin-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qt4-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qt4-demos\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qt4-demos-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qt4-designer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qt4-dev-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qt4-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qt4-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qt4-linguist-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qt4-qmake\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qt4-qmlviewer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qt4-qtconfig\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:qtcore4-l10n\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libqt4-dbg\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libqt4-dbus\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libqt4-declarative\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libqt4-declarative-folderlistmodel\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libqt4-declarative-gestures\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libqt4-declarative-particles\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libqt4-declarative-shaders\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libqt4-designer\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libqt4-designer-dbg\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libqt4-dev\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libqt4-dev-bin\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libqt4-help\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libqt4-network\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libqt4-opengl\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libqt4-opengl-dev\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libqt4-phonon\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libqt4-qt3support\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libqt4-qt3support-dbg\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libqt4-script\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libqt4-script-dbg\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libqt4-scripttools\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libqt4-sql\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libqt4-sql-ibase\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libqt4-sql-mysql\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libqt4-sql-odbc\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libqt4-sql-psql\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libqt4-sql-sqlite\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libqt4-sql-sqlite2\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libqt4-sql-tds\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libqt4-svg\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libqt4-test\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libqt4-xml\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libqt4-xmlpatterns\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libqt4-xmlpatterns-dbg\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libqtcore4\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libqtdbus4\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libqtgui4\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"qdbus\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"qt4-bin-dbg\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"qt4-default\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"qt4-demos\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"qt4-demos-dbg\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"qt4-designer\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"qt4-dev-tools\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"qt4-doc\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"qt4-doc-html\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"qt4-linguist-tools\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"qt4-qmake\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"qt4-qmlviewer\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"qt4-qtconfig\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"qtcore4-l10n\", reference:\"4:4.8.7+dfsg-11+deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:33:26", "description": "According to the versions of the qt packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - QXmlSimpleReader in Qt before 5.2 allows context-dependent attackers to cause a denial of service (memory consumption) via an XML Entity Expansion (XEE) attack.(CVE-2013-4549)\n\n - An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.(CVE-2018-19871)\n\n - QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document.(CVE-2018-15518)\n\n - An issue was discovered in Qt 5.11. A malformed PPM image causes a division by zero and a crash in qppmhandler.cpp.(CVE-2018-19872)\n\n - Multiple buffer overflows in gui/image/qbmphandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code via a crafted BMP image.(CVE-2015-1858)\n\n - Multiple buffer overflows in plugins/imageformats/ico/qicohandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code via a crafted ICO image.(CVE-2015-1859)\n\n - Multiple buffer overflows in gui/image/qgifhandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted GIF image.(CVE-2015-1860)\n\n - The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service (divide-by-zero and crash) via a crafted BMP file.(CVE-2015-0295)\n\n - The GIF decoder in QtGui in Qt before 5.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via invalid width and height values in a GIF image.(CVE-2014-0190)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-12-10T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP2 : qt (EulerOS-SA-2019-2381)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4549", "CVE-2014-0190", "CVE-2015-0295", "CVE-2015-1858", "CVE-2015-1859", "CVE-2015-1860", "CVE-2018-15518", "CVE-2018-19871", "CVE-2018-19872"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:qt", "p-cpe:/a:huawei:euleros:qt-devel", "p-cpe:/a:huawei:euleros:qt-mysql", "p-cpe:/a:huawei:euleros:qt-odbc", "p-cpe:/a:huawei:euleros:qt-postgresql", "p-cpe:/a:huawei:euleros:qt-x11", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2381.NASL", "href": "https://www.tenable.com/plugins/nessus/131873", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131873);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2013-4549\",\n \"CVE-2014-0190\",\n \"CVE-2015-0295\",\n \"CVE-2015-1858\",\n \"CVE-2015-1859\",\n \"CVE-2015-1860\",\n \"CVE-2018-15518\",\n \"CVE-2018-19871\",\n \"CVE-2018-19872\"\n );\n script_bugtraq_id(\n 64418,\n 67087,\n 73029,\n 74302,\n 74307,\n 74309,\n 74310\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : qt (EulerOS-SA-2019-2381)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the qt packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerabilities :\n\n - QXmlSimpleReader in Qt before 5.2 allows\n context-dependent attackers to cause a denial of\n service (memory consumption) via an XML Entity\n Expansion (XEE) attack.(CVE-2013-4549)\n\n - An issue was discovered in Qt before 5.11.3. There is\n QTgaFile Uncontrolled Resource\n Consumption.(CVE-2018-19871)\n\n - QXmlStream in Qt 5.x before 5.11.3 has a double-free or\n corruption during parsing of a specially crafted\n illegal XML document.(CVE-2018-15518)\n\n - An issue was discovered in Qt 5.11. A malformed PPM\n image causes a division by zero and a crash in\n qppmhandler.cpp.(CVE-2018-19872)\n\n - Multiple buffer overflows in gui/image/qbmphandler.cpp\n in the QtBase module in Qt before 4.8.7 and 5.x before\n 5.4.2 allow remote attackers to cause a denial of\n service (segmentation fault and crash) and possibly\n execute arbitrary code via a crafted BMP\n image.(CVE-2015-1858)\n\n - Multiple buffer overflows in\n plugins/imageformats/ico/qicohandler.cpp in the QtBase\n module in Qt before 4.8.7 and 5.x before 5.4.2 allow\n remote attackers to cause a denial of service\n (segmentation fault and crash) and possibly execute\n arbitrary code via a crafted ICO image.(CVE-2015-1859)\n\n - Multiple buffer overflows in gui/image/qgifhandler.cpp\n in the QtBase module in Qt before 4.8.7 and 5.x before\n 5.4.2 allow remote attackers to cause a denial of\n service (segmentation fault) and possibly execute\n arbitrary code via a crafted GIF image.(CVE-2015-1860)\n\n - The BMP decoder in QtGui in QT before 5.5 does not\n properly calculate the masks used to extract the color\n components, which allows remote attackers to cause a\n denial of service (divide-by-zero and crash) via a\n crafted BMP file.(CVE-2015-0295)\n\n - The GIF decoder in QtGui in Qt before 5.3 allows remote\n attackers to cause a denial of service (NULL pointer\n dereference) via invalid width and height values in a\n GIF image.(CVE-2014-0190)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2381\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?951c4700\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected qt packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-15518\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qt-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qt-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qt-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qt-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"qt-4.8.5-12.h6\",\n \"qt-devel-4.8.5-12.h6\",\n \"qt-mysql-4.8.5-12.h6\",\n \"qt-odbc-4.8.5-12.h6\",\n \"qt-postgresql-4.8.5-12.h6\",\n \"qt-x11-4.8.5-12.h6\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qt\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:33:01", "description": "According to the versions of the qt packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - An issue was discovered in Qt 5.11. A malformed PPM image causes a division by zero and a crash in qppmhandler.cpp.(CVE-2018-19872)\n\n - An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.(CVE-2018-19871)\n\n - Multiple buffer overflows in gui/image/qbmphandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code via a crafted BMP image.(CVE-2015-1858)\n\n - Multiple buffer overflows in gui/image/qgifhandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted GIF image.(CVE-2015-1860)\n\n - Multiple buffer overflows in plugins/imageformats/ico/qicohandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code via a crafted ICO image.(CVE-2015-1859)\n\n - QXmlSimpleReader in Qt before 5.2 allows context-dependent attackers to cause a denial of service (memory consumption) via an XML Entity Expansion (XEE) attack.(CVE-2013-4549)\n\n - QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document.(CVE-2018-15518)\n\n - The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service (divide-by-zero and crash) via a crafted BMP file.(CVE-2015-0295)\n\n - The GIF decoder in QtGui in Qt before 5.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via invalid width and height values in a GIF image.(CVE-2014-0190)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-12-18T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP3 : qt (EulerOS-SA-2019-2656)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4549", "CVE-2014-0190", "CVE-2015-0295", "CVE-2015-1858", "CVE-2015-1859", "CVE-2015-1860", "CVE-2018-15518", "CVE-2018-19871", "CVE-2018-19872"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:qt", "p-cpe:/a:huawei:euleros:qt-devel", "p-cpe:/a:huawei:euleros:qt-mysql", "p-cpe:/a:huawei:euleros:qt-odbc", "p-cpe:/a:huawei:euleros:qt-postgresql", "p-cpe:/a:huawei:euleros:qt-x11", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2656.NASL", "href": "https://www.tenable.com/plugins/nessus/132191", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132191);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2013-4549\",\n \"CVE-2014-0190\",\n \"CVE-2015-0295\",\n \"CVE-2015-1858\",\n \"CVE-2015-1859\",\n \"CVE-2015-1860\",\n \"CVE-2018-15518\",\n \"CVE-2018-19871\",\n \"CVE-2018-19872\"\n );\n script_bugtraq_id(\n 64418,\n 67087,\n 73029,\n 74302,\n 74307,\n 74309,\n 74310\n );\n\n script_name(english:\"EulerOS 2.0 SP3 : qt (EulerOS-SA-2019-2656)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the qt packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerabilities :\n\n - An issue was discovered in Qt 5.11. A malformed PPM\n image causes a division by zero and a crash in\n qppmhandler.cpp.(CVE-2018-19872)\n\n - An issue was discovered in Qt before 5.11.3. There is\n QTgaFile Uncontrolled Resource\n Consumption.(CVE-2018-19871)\n\n - Multiple buffer overflows in gui/image/qbmphandler.cpp\n in the QtBase module in Qt before 4.8.7 and 5.x before\n 5.4.2 allow remote attackers to cause a denial of\n service (segmentation fault and crash) and possibly\n execute arbitrary code via a crafted BMP\n image.(CVE-2015-1858)\n\n - Multiple buffer overflows in gui/image/qgifhandler.cpp\n in the QtBase module in Qt before 4.8.7 and 5.x before\n 5.4.2 allow remote attackers to cause a denial of\n service (segmentation fault) and possibly execute\n arbitrary code via a crafted GIF image.(CVE-2015-1860)\n\n - Multiple buffer overflows in\n plugins/imageformats/ico/qicohandler.cpp in the QtBase\n module in Qt before 4.8.7 and 5.x before 5.4.2 allow\n remote attackers to cause a denial of service\n (segmentation fault and crash) and possibly execute\n arbitrary code via a crafted ICO image.(CVE-2015-1859)\n\n - QXmlSimpleReader in Qt before 5.2 allows\n context-dependent attackers to cause a denial of\n service (memory consumption) via an XML Entity\n Expansion (XEE) attack.(CVE-2013-4549)\n\n - QXmlStream in Qt 5.x before 5.11.3 has a double-free or\n corruption during parsing of a specially crafted\n illegal XML document.(CVE-2018-15518)\n\n - The BMP decoder in QtGui in QT before 5.5 does not\n properly calculate the masks used to extract the color\n components, which allows remote attackers to cause a\n denial of service (divide-by-zero and crash) via a\n crafted BMP file.(CVE-2015-0295)\n\n - The GIF decoder in QtGui in Qt before 5.3 allows remote\n attackers to cause a denial of service (NULL pointer\n dereference) via invalid width and height values in a\n GIF image.(CVE-2014-0190)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2656\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?55c39ec4\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected qt packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-15518\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qt-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qt-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qt-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qt-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"qt-4.8.5-13.h6\",\n \"qt-devel-4.8.5-13.h6\",\n \"qt-mysql-4.8.5-13.h6\",\n \"qt-odbc-4.8.5-13.h6\",\n \"qt-postgresql-4.8.5-13.h6\",\n \"qt-x11-4.8.5-13.h6\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qt\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "ubuntucve": [{"lastseen": "2023-07-28T05:33:39", "description": "An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled\nResource Consumption.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2018-12-26T00:00:00", "type": "ubuntucve", "title": "CVE-2018-19871", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19871"], "modified": "2018-12-26T00:00:00", "id": "UB:CVE-2018-19871", "href": "https://ubuntu.com/security/CVE-2018-19871", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "debiancve": [{"lastseen": "2023-06-23T18:15:02", "description": "An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2018-12-26T21:29:00", "type": "debiancve", "title": "CVE-2018-19871", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19871"], "modified": "2018-12-26T21:29:00", "id": "DEBIANCVE:CVE-2018-19871", "href": "https://security-tracker.debian.org/tracker/CVE-2018-19871", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "suse": [{"lastseen": "2022-11-06T10:41:13", "description": "An update that fixes one vulnerability is now available.\n\nDescription:\n\n This update for libqt5-qtimageformats fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2018-19871: Fixed CPU exhaustion in QTgaFile (bsc#1118598)\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-1115=1", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2019-04-02T00:00:00", "type": "suse", "title": "Security update for libqt5-qtimageformats (moderate)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19871"], "modified": "2019-04-02T00:00:00", "id": "OPENSUSE-SU-2019:1115-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QOSQDWR5EZYI4RBQCGEVGHDB7AKZJYW2/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "redhatcve": [{"lastseen": "2023-06-23T20:30:45", "description": "An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2020-04-04T23:11:10", "type": "redhatcve", "title": "CVE-2018-19871", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19871"], "modified": "2023-04-06T04:30:10", "id": "RH:CVE-2018-19871", "href": "https://access.redhat.com/security/cve/cve-2018-19871", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "almalinux": [{"lastseen": "2023-06-23T17:14:03", "description": "Qt is a software toolkit for developing applications. The qt5-base packages contain base tools for string, xml, and network handling in Qt.\n\nThe following packages have been upgraded to a later upstream version: qt5 (5.12.5), qt5-qt3d (5.12.5), qt5-qtbase (5.12.5), qt5-qtcanvas3d (5.12.5), qt5-qtconnectivity (5.12.5), qt5-qtdeclarative (5.12.5), qt5-qtdoc (5.12.5), qt5-qtgraphicaleffects (5.12.5), qt5-qtimageformats (5.12.5), qt5-qtlocation (5.12.5), qt5-qtmultimedia (5.12.5), qt5-qtquickcontrols (5.12.5), qt5-qtquickcontrols2 (5.12.5), qt5-qtscript (5.12.5), qt5-qtsensors (5.12.5), qt5-qtserialbus (5.12.5), qt5-qtserialport (5.12.5), qt5-qtsvg (5.12.5), qt5-qttools (5.12.5), qt5-qttranslations (5.12.5), qt5-qtwayland (5.12.5), qt5-qtwebchannel (5.12.5), qt5-qtwebsockets (5.12.5), qt5-qtx11extras (5.12.5), qt5-qtxmlpatterns (5.12.5), python-qt5 (5.13.1), sip (4.19.19). (BZ#1775603, BZ#1775604)\n\nSecurity Fix(es):\n\n* qt: Malformed PPM image causing division by zero and crash in qppmhandler.cpp (CVE-2018-19872)\n\n* qt5-qtsvg: Invalid parsing of malformed url reference resulting in a denial of service (CVE-2018-19869)\n\n* qt5-qtimageformats: QTgaFile CPU exhaustion (CVE-2018-19871)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2020-04-28T09:02:52", "type": "almalinux", "title": "Moderate: qt5 security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19869", "CVE-2018-19871", "CVE-2018-19872"], "modified": "2021-08-11T08:54:00", "id": "ALSA-2020:1665", "href": "https://errata.almalinux.org/8/ALSA-2020-1665.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "oraclelinux": [{"lastseen": "2021-07-28T14:24:48", "description": "python-qt5\n[5.13.1-1]\n- 5.13.1\n Resolves: bz#1775603\nqgnomeplatform\n[0.4-3]\n- Rebuild (qt5)\n Resolves: bz#1774418\nqt5\n[5.12.5-3]\n- Re-add srpm macros, just leave them empty\n Resolves: bz#1733133\n[5.12.5-2]\n- Drop srpm macros as we dont ship qtwebengine\n Resolves: bz#1733133\n[5.12.5-1]\n- 5.12.5 + sync with Fedora\n Resolves: bz#1733133\nqt5-qt3d\n[5.12.5-2]\n- Fix multilib issue\n Resolves: bz#1765637\n[5.12.5-1]\n- 5.12.5\n Resolves: bz#1733159\nqt5-qtbase\n[5.12-5-4]\n- Fix build on RHEL 7 kernel\n Resolves: bz#1733135\n[5.12-5-2]\n- Remove Android specific test to avoid unnecessary dependencies\n Resolves: bz#1733135\n[5.12-5-1]\n- 5.12.5 + sync with Fedora\n Resolves: bz#1733135\nqt5-qtcanvas3d\n[5.12.5-1]\n- 5.12.5\n Resolves: bz#1733136\nqt5-qtconnectivity\n[5.12.5-1]\n- 5.12.5\n Resolves: bz#1733137\nqt5-qtdeclarative\n[5.12-5-1]\n- 5.12.5\n Resolves: bz#1733139\nqt5-qtdoc\n[5.12.5-1]\n- 5.12.5\n Resolves: bz#1733140\nqt5-qtgraphicaleffects\n[5.12.5-1]\n- 5.12.5\n Resolves: bz#1733141\nqt5-qtimageformats\n[5.12.5-1]\n- 5.12.5\n Resolves: bz#1733142\nqt5-qtlocation\n[5.12.5-1]\n- 5.12.5\n Resolves: bz#1733143\nqt5-qtmultimedia\n[5.12.5-1]\n- 5.12.5\n Resolves: bz#1733144\nqt5-qtquickcontrols2\n[5.12.5-1]\n- 5.12.5\n Resolves: bz#1733146\nqt5-qtquickcontrols\n[5.12.5-1]\n- 5.12.5\n Resolves: bz#1733145\nqt5-qtscript\n[5.12.5-1]\n- 5.12.5\n Resolves: bz#1733147\nqt5-qtsensors\n[5.12.5-1]\n- 5.12.5\n Resolves: bz#1733148\nqt5-qtserialbus\n[5.12.5-1]\n- 5.12.5\n Resolves: bz#1733149\nqt5-qtserialport\n[5.12.5-1]\n- 5.12.5\n Resolves: bz#1733150\nqt5-qtsvg\n[5.12.5-1]\n- 5.12.5\n Resolves: bz#1733151\nqt5-qttools\n[5.12.5-1]\n- 5.12.5\n Resolves: bz#1733152\nqt5-qttranslations\n[5.12.5-1]\n- 5.12.5\n Resolves: bz#1733153\nqt5-qtwayland\n[5.12.5-1]\n- 5.12.5\n Resolves: bz#1733154\nqt5-qtwebchannel\n[5.12.5-1]\n- 5.12.5\n Resolves: bz#1733155\nqt5-qtwebsockets\n[5.12.5-1]\n- 5.12.5\n Resolves: bz#1733156\nqt5-qtx11extras\n[5.12.5-1]\n- 5.12.5\n Resolves: bz#1733158\nqt5-qtxmlpatterns\n[5.12.5-1]\n- 5.12.5\n Resolves: bz#1733157\nsip\n[4.19.19-1]\n- 4.19.19\n Resolves: bz#1775604", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 3.6}, "published": "2020-05-05T00:00:00", "type": "oraclelinux", "title": "qt5 security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19869", "CVE-2018-19871", "CVE-2018-19872"], "modified": "2020-05-05T00:00:00", "id": "ELSA-2020-1665", "href": "http://linux.oracle.com/errata/ELSA-2020-1665.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-07-28T14:24:35", "description": "qt5-qt3d\n[5.9.7-1]\n- Update to 5.9.7\n Resolves: bz#1564024\nqt5-qtbase\n[5.9.7-1]\n- Enable -doc subpkg on PPC\n Resolves: bz#1564000\n[5.9.7-1]\n- Update to 5.9.7\n Resolves: bz#1564000\nqt5-qtcanvas3d\n[5.9.7-1]\n- Update to 5.9.7\n Resolves: bz#1564001\nqt5-qtconnectivity\n[5.9.7-1]\n- Update to 5.9.7\n Resolves: bz#1564002\nqt5-qtdeclarative\n[5.9.7-1]\n- Update to 5.9.7\n Resolves: bz#1564003\nqt5-qtdoc\n[5.9.7-1]\n- Update to 5.9.7\n Resolves: bz#1564004\nqt5-qtgraphicaleffects\n[5.9.7-1]\n- Update to 5.9.7\n Resolves: bz#1564006\nqt5-qtimageformats\n[5.9.7-1]\n- Update to 5.9.7\n Resolves: bz#1564007\nqt5-qtlocation\n[5.9.7-1]\n- Update to 5.9.7\n Resolves: bz#1564008\nqt5-qtmultimedia\n[5.9.7-1]\n- Update to 5.9.7\n Resolves: bz#1564009\nqt5-qtquickcontrols2\n[5.9.7-1]\n- Update to 5.9.7\n Resolves: bz#1564011\nqt5-qtquickcontrols\n[5.9.7-1]\n- Update to 5.9.7\n Resolves: bz#1564010\nqt5-qtscript\n[5.9.7-1]\n- Update to 5.9.7\n Resolves: bz#1564012\nqt5-qtsensors\n[5.9.7-1]\n- Update to 5.9.7\n Resolves: bz#1564013\nqt5-qtserialbus\n[5.9.7-1]\n- Update to 5.9.7\n Resolves: bz#1564014\nqt5-qtserialport\n[5.9.7-1]\n- Update to 5.9.7\n Resolves: bz#1564015\nqt5-qtsvg\n[5.9.7-1]\n- Update to 5.9.7\n Resolves: bz#1564016\nqt5-qttools\n[5.9.7-1]\n- Update to 5.9.7\n Resolves: bz#1564017\nqt5-qttranslations\n[5.9.7-1]\n- Update to 5.9.7\n Resolves: bz#1564018\nqt5-qtwayland\n[5.9.7-1]\n- Update to 5.9.7\n Resolves: bz#1564019\nqt5-qtwebchannel\n[5.9.7-1]\n- Update to 5.9.7\n Resolves: bz#1564020\nqt5-qtwebsockets\n[5.9.7-1]\n- Update to 5.9.7\n Resolves: bz#1564021\nqt5-qtx11extras\n[5.9.7-1]\n- Update to 5.9.7\n Resolves: bz#1564023\nqt5-qtxmlpatterns\n[5.9.7-1]\n- Update to 5.9.7\n Resolves: bz#1564022", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-08-13T00:00:00", "type": "oraclelinux", "title": "qt5 security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-15518", "CVE-2018-19869", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19873"], "modified": "2019-08-13T00:00:00", "id": "ELSA-2019-2135", "href": "http://linux.oracle.com/errata/ELSA-2019-2135.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:25:14", "description": "[1:4.8.7-8]\n- Fix QImage allocation failure in qgifhandler\n Resolves: bz#1667863\n- Fix QTgaFile CPU exhaustion\n Resolves: bz#1667879\n- Fix QBmpHandler segmentation fault on malformed BMP file\n Resolves: bz#1667862\n[1:4.8.7-7]\n- Fix crash when parsing malformed url reference in svg\n Resolves: bz#1667882\n[1:4.8.7-6]\n- Fix crash in qppmhandler for certain malformed image files\n Resolves: bz#1702031\n[1:4.8.7-5]\n- Fix possible heap corruption in QXmlStream\n Resolves: bz#1667861", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2020-04-06T00:00:00", "type": "oraclelinux", "title": "qt security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-15518", "CVE-2018-19869", "CVE-2018-19870", "CVE-2018-19871", "CVE-2018-19872", "CVE-2018-19873"], "modified": "2020-04-06T00:00:00", "id": "ELSA-2020-1172", "href": "http://linux.oracle.com/errata/ELSA-2020-1172.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2023-08-04T12:28:04", "description": "Qt is a software toolkit for developing applications. The qt5-base packages contain base tools for string, xml, and network handling in Qt.\n\nThe following packages have been upgraded to a later upstream version: qt5 (5.12.5), qt5-qt3d (5.12.5), qt5-qtbase (5.12.5), qt5-qtcanvas3d (5.12.5), qt5-qtconnectivity (5.12.5), qt5-qtdeclarative (5.12.5), qt5-qtdoc (5.12.5), qt5-qtgraphicaleffects (5.12.5), qt5-qtimageformats (5.12.5), qt5-qtlocation (5.12.5), qt5-qtmultimedia (5.12.5), qt5-qtquickcontrols (5.12.5), qt5-qtquickcontrols2 (5.12.5), qt5-qtscript (5.12.5), qt5-qtsensors (5.12.5), qt5-qtserialbus (5.12.5), qt5-qtserialport (5.12.5), qt5-qtsvg (5.12.5), qt5-qttools (5.12.5), qt5-qttranslations (5.12.5), qt5-qtwayland (5.12.5), qt5-qtwebchannel (5.12.5), qt5-qtwebsockets (5.12.5), qt5-qtx11extras (5.12.5), qt5-qtxmlpatterns (5.12.5), python-qt5 (5.13.1), sip (4.19.19). (BZ#1775603, BZ#1775604)\n\nSecurity Fix(es):\n\n* qt: Malformed PPM image causing division by zero and crash in qppmhandler.cpp (CVE-2018-19872)\n\n* qt5-qtsvg: Invalid parsing of malformed url reference resulting in a denial of service (CVE-2018-19869)\n\n* qt5-qtimageformats: QTgaFile CPU exhaustion (CVE-2018-19871)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFo