Package "libqt5network5"
Name: |
libqt5network5
|
Description: |
Qt 5 network module
|
Latest version: |
5.9.5+dfsg-0ubuntu2.6 |
Release: |
bionic (18.04) |
Level: |
security |
Repository: |
main |
Head package: |
qtbase-opensource-src |
Homepage: |
http://qt-project.org/ |
Links
Download "libqt5network5"
Other versions of "libqt5network5" in Bionic
Changelog
qtbase-opensource-src (5.9.5+dfsg-0ubuntu2.6) bionic-security; urgency=medium
* SECURITY UPDATE: buffer overread in read_xbm_body
- debian/patches/CVE-2020-17507.patch: fix buffer overflow in XBM
parser in src/gui/image/qxbmhandler.cpp,
tests/auto/gui/image/qimagereader/tst_qimagereader.cpp.
- CVE-2020-17507
* SECURITY UPDATE: out-of-bounds write in QOutlineMapper::convertPath
- debian/patches/CVE-2021-38593-1.patch: avoid processing-intensive
painting of high number of tiny dashes in
src/gui/painting/qpaintengineex.cpp,
tests/auto/other/lancelot/scripts/tinydashes.qps.
- debian/patches/CVE-2021-38593-2.patch: improve fix for avoiding huge
number of tiny dashes in src/gui/painting/qpaintengineex.cpp.
- CVE-2021-38593
-- Marc Deslauriers <email address hidden> Thu, 19 Aug 2021 09:17:52 -0400
|
Source diff to previous version |
CVE-2020-17507 |
An issue was discovered in Qt through 5.12.9, and 5.13.x through 5.15.x before 5.15.1. read_xbm_body in gui/image/qxbmhandler.cpp has a buffer over-r |
CVE-2021-38593 |
Qt 5.0.0 through 6.1.2 has an out-of-bounds write in QOutlineMapper::convertPath (called from QRasterPaintEngine::fill and QPaintEngineEx::stroke). |
|
qtbase-opensource-src (5.9.5+dfsg-0ubuntu2.5) bionic-security; urgency=medium
* SECURITY UPDATE: division-by-zero via malformed PPM image
- debian/patches/CVE-2018-19872.patch: add extra check to
src/gui/image/qppmhandler.cpp.
- CVE-2018-19872
* SECURITY UPDATE: QPluginLoader loads plugins from the CWD
- debian/patches/CVE-2020-0569.patch: do not load plugin from the $PWD
in src/corelib/plugin/qpluginloader.cpp.
- CVE-2020-0569
-- Marc Deslauriers <email address hidden> Fri, 07 Feb 2020 10:41:20 -0500
|
Source diff to previous version |
CVE-2018-19872 |
An issue was discovered in Qt 5.11. A malformed PPM image causes a division by zero and a crash in qppmhandler.cpp. |
|
qtbase-opensource-src (5.9.5+dfsg-0ubuntu2.1) bionic-security; urgency=medium
* SECURITY UPDATE: double-free or corruption via illegal XML document
- debian/patches/CVE-2018-15518.patch: fix possible heap corruption in
QXmlStream in src/corelib/xml/qxmlstream_p.h.
- CVE-2018-15518
* SECURITY UPDATE: NULL pointer dereference in QGifHandler
- debian/patches/CVE-2018-19870.patch: check for QImage allocation
failure in src/plugins/imageformats/gif/qgifhandler.cpp.
- CVE-2018-19870
* SECURITY UPDATE: buffer overflow in QBmpHandler
- debian/patches/CVE-2018-19873.patch: check for out of range image
size in src/gui/image/qbmphandler.cpp.
- CVE-2018-19873
-- Marc Deslauriers <email address hidden> Mon, 25 Mar 2019 11:03:42 -0400
|
CVE-2018-15518 |
QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document. |
CVE-2018-19870 |
An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in QGifHandler resulting in a segmentation fault |
CVE-2018-19873 |
An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data. |
|
About
-
Send Feedback to @ubuntu_updates