Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
suseSuseOPENSUSE-SU-2020:1452-1
HistorySep 19, 2020 - 12:00 a.m.

Security update for libqt4 (moderate)

2020-09-1900:00:00
lists.opensuse.org
36

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON

An update that solves four vulnerabilities and has one
errata is now available.

Description:

This update for libqt4 fixes the following issues:

  • Fix buffer over-read in read_xbm_body (boo#1176315, CVE-2020-17507)
  • Fix “double free or corruption” in QXmlStreamReader (boo#1118595,
    CVE-2018-15518)
  • Fix QBmpHandler segfault on malformed BMP file boo#1118596,
    CVE-2018-19873)
  • Fix crash when parsing malformed url reference (boo#1118599,
    CVE-2018-19869)

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

  • openSUSE Leap 15.1:

    zypper in -t patch openSUSE-2020-1452=1

OSVersionArchitecturePackageVersionFilename
openSUSE Leap15.1i586< - openSUSE Leap 15.1 (i586 x86_64):- openSUSE Leap 15.1 (i586 x86_64):.i586.rpm
openSUSE Leap15.1x86_64< - openSUSE Leap 15.1 (i586 x86_64):- openSUSE Leap 15.1 (i586 x86_64):.x86_64.rpm
openSUSE Leap15.1x86_64< - openSUSE Leap 15.1 (x86_64):- openSUSE Leap 15.1 (x86_64):.x86_64.rpm
openSUSE Leap15.1noarch< - openSUSE Leap 15.1 (noarch):- openSUSE Leap 15.1 (noarch):.noarch.rpm

Related

suse 8
nessus 73
openvas 32
debian 6
mageia 2
osv 9
fedora 24
oraclelinux 4
redhat 4
centos 3
ubuntu 1
altlinux 1
amazon 3
qt 1
f5 3
alpinelinux 1
gentoo 1
cbl_mariner 2
veracode 3
debiancve 3
ubuntucve 3
prion 4
redhatcve 3
cve 4
almalinux 1
suse
suse
Security update for libqt4 (moderate)
2020-09-26 00:00:00
Security update for libqt4 (moderate)
2020-09-22 00:00:00
Security update for libqt4 (moderate)
2020-09-22 00:00:00
nessus
nessus
openSUSE Security Update : libqt4 (openSUSE-2020-1501)
2020-09-23 00:00:00
openSUSE Security Update : libqt4 (openSUSE-2020-1452)
2020-09-21 00:00:00
SUSE SLES12 Security Update : libqt4 (SUSE-SU-2020:1021-1)
2020-04-20 00:00:00
openvas
openvas
openSUSE: Security Advisory for libqt5-qtbase (openSUSE-SU-2018:4261-1)
2018-12-23 00:00:00
openSUSE: Security Advisory for libqt5-qtbase (openSUSE-SU-2019:0265-1)
2019-02-28 00:00:00
Fedora Update for mingw-qt5-qtscript FEDORA-2019-3c45bd2cc3
2019-05-07 00:00:00
debian
debian
[SECURITY] [DLA 2377-1] qt4-x11 security update
2020-09-28 07:00:26
[SECURITY] [DLA 1786-1] qt4-x11 security update
2019-05-14 05:52:32
[SECURITY] [DSA 4374-1] qtbase-opensource-src security update
2019-01-28 08:40:08
mageia
mageia
Updated qtbase5 packages fix security vulnerabilities
2019-01-09 00:50:23
Updated qt4 packages fix security vulnerabilities
2020-05-08 13:57:54
osv
osv
qt4-x11 - security update
2020-09-21 00:00:00
qt4-x11 - security update
2019-05-14 00:00:00
qtbase-opensource-src - security update
2019-01-28 00:00:00
fedora
fedora
[SECURITY] Fedora 29 Update: mingw-qt5-qtdeclarative-5.11.3-1.fc29
2019-01-30 02:08:11
[SECURITY] Fedora 29 Update: mingw-qt5-qtmultimedia-5.11.3-1.fc29
2019-01-30 02:08:11
[SECURITY] Fedora 29 Update: mingw-qt5-qtwebkit-5.9.4-0.8.gitbd0657f.fc29
2019-01-30 02:08:12
oraclelinux
oraclelinux
qt5 security, bug fix, and enhancement update
2019-08-13 00:00:00
qt5-qtbase security and bug fix update
2019-11-14 00:00:00
qt security update
2020-04-06 00:00:00
redhat
redhat
(RHSA-2019:2135) Moderate: qt5 security, bug fix, and enhancement update
2019-08-06 08:04:56
(RHSA-2019:3390) Moderate: qt5-qtbase security and bug fix update
2019-11-05 17:40:12
(RHSA-2020:1172) Moderate: qt security update
2020-03-31 09:27:54
centos
centos
qt5 security update
2019-08-30 04:05:56
qt security update
2020-04-08 19:12:37
qt, qt5 security update
2020-11-18 17:24:51
ubuntu
ubuntu
Qt vulnerabilities
2019-06-03 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package qt4 version 4.8.7-alt7.1
2019-09-07 00:00:00
amazon
amazon
Medium: qt
2020-07-14 02:42:00
Medium: qt5-qtbase
2020-02-24 22:05:00
Important: qt, qt5-qtbase
2020-12-08 21:31:00
qt
qt
Qt 5.11.3 Released with Important Security Updates
2018-12-04 00:00:00
f5
f5
K42941419 : Multiple Qt vulnerabilities
2022-03-14 00:00:00
K08037765 : Qt vulnerabilities CVE-2018-19869, CVE-2018-19870, CVE-2018-19871, and CVE-2018-19873
2022-04-22 00:00:00
K11542555 : iApps vulnerability CVE-2020-17507
2021-04-16 00:00:00
alpinelinux
alpinelinux
CVE-2020-17507
2020-08-12 18:15:00
gentoo
gentoo
Qt GUI: Buffer overflow
2020-09-13 00:00:00
cbl_mariner
cbl_mariner
CVE-2020-17507 affecting package qt5-qtbase 5.12.5-5
2021-08-12 21:14:37
CVE-2020-17507 affecting package qt5-qtsvg 5.12.5-3
2022-04-26 19:57:36
veracode
veracode
Segmentation Fault
2020-04-01 00:38:32
Arbitrary Code Execution
2019-11-06 00:20:49
Arbitrary Code Execution
2019-11-06 00:20:50
debiancve
debiancve
CVE-2018-15518
2018-12-26 21:29:00
CVE-2018-19873
2018-12-26 21:29:00
CVE-2018-19869
2018-12-26 21:29:00
ubuntucve
ubuntucve
CVE-2018-19869
2018-12-26 00:00:00
CVE-2018-19873
2018-12-26 00:00:00
CVE-2018-15518
2018-12-26 00:00:00
prion
prion
Double free
2018-12-26 21:29:00
Buffer overflow
2020-08-12 18:15:00
Buffer overflow
2018-12-26 21:29:00
redhatcve
redhatcve
CVE-2018-19873
2019-12-26 09:56:39
CVE-2018-15518
2020-03-15 19:36:25
CVE-2018-19869
2020-04-05 04:55:53
cve
cve
CVE-2018-15518
2018-12-26 21:29:00
CVE-2018-19873
2018-12-26 21:29:00
CVE-2018-19869
2018-12-26 21:29:00
almalinux
almalinux
Moderate: qt5-qtbase security and bug fix update
2021-05-18 06:01:21

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON
Related for OPENSUSE-SU-2020:1452-1
suse8nessus73openvas32debian6mageia2osv9fedora24oraclelinux4redhat4centos3ubuntu1altlinux1amazon3qt1f53alpinelinux1gentoo1cbl_mariner2veracode3debiancve3ubuntucve3prion4redhatcve3cve4almalinux1