Lucene search

K
mageiaGentoo FoundationMGASA-2015-0105
HistoryMar 12, 2015 - 6:30 p.m.

Updated qt3, qt4 and qtbase5 packages fix security vulnerability

2015-03-1218:30:53
Gentoo Foundation
advisories.mageia.org
6

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.044 Low

EPSS

Percentile

92.4%

The builtin BMP decoder in QtGui prior to Qt 5.5 contained a bug that would lead to a divsion by zero when loading certain corrupt BMP files (CVE-2015-0295). This in turn would cause the application loading these hand crafted BMPs to crash. Qt3, Qt4 and qtbase5 have been patched to prevent this division by zero.

OSVersionArchitecturePackageVersionFilename
Mageia4noarchqt3< 3.3.8b-33.3qt3-3.3.8b-33.3.mga4
Mageia4noarchqt4< 4.8.6-1.2qt4-4.8.6-1.2.mga4
Mageia4noarchqtbase5< 5.2.0-2.4qtbase5-5.2.0-2.4.mga4

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.044 Low

EPSS

Percentile

92.4%