Package "qtsvg5-examples"
Name: |
qtsvg5-examples
|
Description: |
Qt 5 SVG examples
|
Latest version: |
5.9.5-0ubuntu1.1 |
Release: |
bionic (18.04) |
Level: |
security |
Repository: |
main |
Head package: |
qtsvg-opensource-src |
Homepage: |
http://qt-project.org/ |
Links
Download "qtsvg5-examples"
Other versions of "qtsvg5-examples" in Bionic
Changelog
qtsvg-opensource-src (5.9.5-0ubuntu1.1) bionic-security; urgency=medium
* SECURITY UPDATE: segfault via malformed image
- debian/patches/CVE-2018-19869.patch: fix crash when parsing malformed
url reference in src/svg/qsvghandler.cpp,
tests/auto/qsvgrenderer/tst_qsvgrenderer.cpp.
- CVE-2018-19869
* SECURITY UPDATE: Out of bounds read
- debian/patches/CVE-2021-3481-pre1.patch: improve handling of
malformed numeric values in svg files in src/svg/qsvghandler.cpp.
- debian/patches/CVE-2021-3481.patch: clamp parsed doubles to float
representable values in src/svg/qsvghandler.cpp.
- CVE-2021-3481
* SECURITY UPDATE: Out of bounds write
- debian/patches/CVE-2021-45930.patch: do stricter error checking when
parsing path nodes in src/svg/qsvghandler.cpp.
- CVE-2021-45930
-- Marc Deslauriers <email address hidden> Thu, 13 Jan 2022 10:25:08 -0500
|
CVE-2018-19869 |
An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in qsvghandler.cpp. |
CVE-2021-3481 |
Out of bounds read in function QRadialFetchSimd from crafted svg file |
CVE-2021-45930 |
Qt SVG in Qt 5.0.0 through 5.15.2 and 6.0.0 through 6.2.1 has an out-of-bounds write in QtPrivate::QCommonArrayOps<QPainterPath::Element>::growAppend |
|
About
-
Send Feedback to @ubuntu_updates