qt-4.8.7-8.el7
エラータID: AXSA:2020-4554:01
The qt packages contain a software toolkit that simplifies the task of writing and maintaining Graphical User Interface (GUI) applications for the X Window System.
Security Fix(es):
* qt5-qtbase: Double free in QXmlStreamReader (CVE-2018-15518)
* qt: Malformed PPM image causing division by zero and crash in qppmhandler.cpp (CVE-2018-19872)
* qt5-qtsvg: Invalid parsing of malformed url reference resulting in a denial of service (CVE-2018-19869)
* qt5-qtbase: QImage allocation failure in qgifhandler (CVE-2018-19870)
* qt5-qtimageformats: QTgaFile CPU exhaustion (CVE-2018-19871)
* qt5-qtbase: QBmpHandler segmentation fault on malformed BMP file (CVE-2018-19873)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Asianux Server 7.8 Release Notes linked from the References section.
CVE-2018-15518
QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document.
CVE-2018-19869
An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in qsvghandler.cpp.
CVE-2018-19870
An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in QGifHandler resulting in a segmentation fault.
CVE-2018-19871
An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.
CVE-2018-19872
An issue was discovered in Qt 5.11. A malformed PPM image causes a division by zero and a crash in qppmhandler.cpp.
CVE-2018-19873
An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data.
Update packages.
QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document.
An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in qsvghandler.cpp.
An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in QGifHandler resulting in a segmentation fault.
An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.
An issue was discovered in Qt 5.11. A malformed PPM image causes a division by zero and a crash in qppmhandler.cpp.
An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data.
N/A
SRPMS
- qt-4.8.7-8.el7.src.rpm
MD5: 6d7d236fc0c2a1ad9ec27581d7ceb79e
SHA-256: b467e16d2ea74453e267c07adb0b1ab3fba2aadfdd9d2726d2a475856f4be07b
Size: 229.31 MB
Asianux Server 7 for x86_64
- qt-4.8.7-8.el7.x86_64.rpm
MD5: 6dfba0f226388d423b321bad78f6c484
SHA-256: f9ab1a7126670af9a0a6f780da1f3be72d383730c51e7b9dfd788148eff1a3fd
Size: 4.56 MB - qt-assistant-4.8.7-8.el7.x86_64.rpm
MD5: ebe5218d4f27608177953900de7113cb
SHA-256: 8960f4cb5529d96f439450573a2c3501236371c32c95c2a1af7cbb7c7d698b2d
Size: 584.88 kB - qt-config-4.8.7-8.el7.x86_64.rpm
MD5: 8660e8d9797608974cec2d0a05670fda
SHA-256: 1a0c173435df53e201727079e69fa1b22e9b64264535e5758155a7089e570086
Size: 68.14 kB - qt-demos-4.8.7-8.el7.x86_64.rpm
MD5: 19af1d66b327293336a84f2304c6d40b
SHA-256: 4ff32c4ac97932ea928acdd1a6d6f5dad1c9fde1582972e0237b79c3dba669df
Size: 3.38 MB - qt-devel-4.8.7-8.el7.x86_64.rpm
MD5: d9b1bf3621e2d1a9eb883f82dff1fc75
SHA-256: e1b31e2ae5909129351f0bb1c9c0b566eec2eda07299527617a2d51b85b30d6b
Size: 10.77 MB - qt-devel-private-4.8.7-8.el7.noarch.rpm
MD5: cd3016b6fd7cc0d42694428b512db779
SHA-256: 967fdfa22ad899b56734a108eac507db2769c27afe249517a5b6b952a3ab455a
Size: 786.97 kB - qt-doc-4.8.7-8.el7.noarch.rpm
MD5: 870cc41549cba3673a0405d1c46a9974
SHA-256: 9a8a974bafa8385b54d0dcf2c8a88e3df06ae0618d7c524db3af7004c2762f01
Size: 128.08 MB - qt-examples-4.8.7-8.el7.x86_64.rpm
MD5: 7c3c9c49a510461b3740691dde3fd6de
SHA-256: eab0b63ae4e1f56ae1d4f9c12cb962856ad6a4edb9dfe5a5d18d8b255b31ae46
Size: 11.00 MB - qt-mysql-4.8.7-8.el7.x86_64.rpm
MD5: 452781b3b7fc963eddb12b82305e4bc1
SHA-256: 4899c099cd63cde1604eaffb5fc9d274b1b780076e229e55aef0d458a200d781
Size: 31.21 kB - qt-odbc-4.8.7-8.el7.x86_64.rpm
MD5: 724ad912f17505387c4e2cbb474fd2bc
SHA-256: 8caebeaf3a61a7139e11a54abe242ed29137a31458e9ea1fe0874cccd5e53680
Size: 46.61 kB - qt-postgresql-4.8.7-8.el7.x86_64.rpm
MD5: 019505c2499657f876d81eed5a1a38fb
SHA-256: 6a73b30ab8f1231daf0921f1ec612ba331813fbdcb3dec8197ea3b4b8e0f2f2b
Size: 34.65 kB - qt-qdbusviewer-4.8.7-8.el7.x86_64.rpm
MD5: f2c3ec72f57b7266134b75e50fc6ef00
SHA-256: 6711595f1e16f663a86abedfc35af93ddb7d31c680db76fe5eba1cb2339439fc
Size: 53.88 kB - qt-qvfb-4.8.7-8.el7.x86_64.rpm
MD5: 130d5d0c49446f1d0ada538a69299c0a
SHA-256: d73e653ee148dcf2ae7475024d3680849e03ce582ffd5f00427be20285b21aed
Size: 1.92 MB - qt-x11-4.8.7-8.el7.x86_64.rpm
MD5: a65a701664a3d68c1c456b09e0cc23f5
SHA-256: 10327ed9b9c9a387b3b78b204170adf8260af098b2c4b13df21adb253060184e
Size: 12.50 MB - qt-4.8.7-8.el7.i686.rpm
MD5: 62f7aa6583ac64c45aa1fc2e8d620bd3
SHA-256: c2cb99f288696752b7e7472715520b65e3d650385c8310e60b9f3f23965cd25a
Size: 4.65 MB - qt-devel-4.8.7-8.el7.i686.rpm
MD5: 6dd033a8bbd9b74d19c6357912106540
SHA-256: 1574e60cc214e17163efe075b743821aaf68e5e019f3817730a673203f224ae9
Size: 10.75 MB - qt-mysql-4.8.7-8.el7.i686.rpm
MD5: 1aa26ed38cfb5f16327a23a943561c60
SHA-256: 98ac1133524a05820f73da6628fd96be41d1c40560b9c32cd534d4f934e55f54
Size: 31.23 kB - qt-odbc-4.8.7-8.el7.i686.rpm
MD5: 0d177129d2727b77e98e1042f0508a11
SHA-256: 13a1fa57fd53b8accec56de46cc5c91823392402308e5b90e75f5164d230270d
Size: 47.08 kB - qt-postgresql-4.8.7-8.el7.i686.rpm
MD5: 683bce6a7dd7f7a21ad3e1ebe7b5e92b
SHA-256: 6e75a0bfa213f8408cf3ab4ae711320a7c618bdc39b83c605f8ebc110dd4ab70
Size: 35.00 kB - qt-x11-4.8.7-8.el7.i686.rpm
MD5: f8f07421e6f2d52d2a402d0e68aaa8f2
SHA-256: da00cdeaa379c0d5251133ec0133ddaefb75549df184fd5a344eb687fd3df9f7
Size: 12.75 MB