MGASA-2014-0241
- Source
- https://advisories.mageia.org/MGASA-2014-0241.html
- Import Source
- https://advisories.mageia.org/MGASA-2014-0241.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/MGASA-2014-0241
- Related
- Published
- 2014-05-29T06:55:31Z
- Modified
- 2014-05-29T06:55:09Z
- Summary
- Updated qt4 and qtbase5 packages fix security vulnerability
- Details
-
A NULL pointer dereference flaw was found in QGIFFormat::fillRect in QtGui. If an application using the qt-x11 libraries opened a malicious GIF file with invalid width and height values, it could cause the application to crash (CVE-2014-0190).
Qt4 has been patched to correct this flaw and has been updated to version 4.8.6, which fixes several other bugs.
Qtbase5 has also been patched to correct this flaw.
- References
-
- https://advisories.mageia.org/MGASA-2014-0241.html
- https://bugs.mageia.org/show_bug.cgi?id=13276
- http://lists.qt-project.org/pipermail/announce/2014-April/000045.html
- http://blog.qt.digia.com/blog/2014/04/24/qt-4-8-6-released/
- https://lists.fedoraproject.org/pipermail/package-announce/2014-May/132395.html
- https://lists.fedoraproject.org/pipermail/package-announce/2014-May/132648.html
- Credits
-
-
- Mageia - COORDINATOR
-
Affected packages
Mageia:4 / qt4
Package
- Name
- qt4
- Purl
- pkg:rpm/mageia/qt4?distro=mageia-4
Mageia:4 / qtbase5
Package
- Name
- qtbase5
- Purl
- pkg:rpm/mageia/qtbase5?distro=mageia-4