Bugzilla – Bug 927808
VUL-0: CVE-2015-1860: libqt5-qtbase,libqt4,qt,qt3: segmentation fault in GIF Qt Image Format Handling
Last modified: 2016-04-28 08:56:36 UTC
From http://lists.qt-project.org/pipermail/announce/2015-April/000067.html Qt Project Security Advisory ---------------------------- Title: Multiple Vulnerabilities in Qt Image Format Handling Risk Rating: High CVE: CVE-2015-1858, CVE-2015-1859, CVE-2015-1860 Platforms: All Modules: QtBase Versions: Qt 4.8.6 and earlier, Qt 5.4.1 and earlier Author: Richard J. Moore <rich at kde.org> Date: 12th April 2015 Overview -------- Due to two recent vulnerabilities identified in the built-in image format handling code, it was decided that this area required further testing to determine if further issues remained. Fuzzing using afl-fuzz located a number of issues in the handling of BMP, ICO and GIF files. The issues exposed included denial of service and buffer overflows leading to heap corruption. It is possible the latter could be used to perform remote code execution. CVE-2015-1860 GIF vulnerability Impact ------ Denial of service and potentially remote code execution. Workaround ---------- None Solution -------- Upgrade to Qt 5.5 once released or apply the patches below: For Qt 5.0 to 5.4: https://codereview.qt-project.org/#/c/108312/ https://codereview.qt-project.org/#/c/108248/ For Qt 4.8: https://codereview.qt-project.org/#/c/108474/ https://codereview.qt-project.org/#/c/108475/ The fixes will also be included in Qt 4.8.7 and 5.4.2. References: https://bugzilla.redhat.com/show_bug.cgi?id=1210675 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1860 http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-1860.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1860
An update workflow for this issue was started. This issue was rated as moderate. Please submit fixed packages until 2015-05-04. When done, reassign the bug to security-team@suse.de. https://swamp.suse.de/webswamp/wf/61570
bugbot adjusting priority
Thanks, submitted to openSUSE:Factory!
This is an autogenerated message for OBS integration: This bug (927808) was mentioned in https://build.opensuse.org/request/show/305776 Factory / libqt4
This is an autogenerated message for OBS integration: This bug (927808) was mentioned in https://build.opensuse.org/request/show/305786 Factory / libqt4
bug 921999, bug 927806, bug 927807, bug 927808 affect libqt5-qtbase on SLE 12. Assigning to maintainer for submission.
SUSE-SU-2015:0977-1: An update that fixes four vulnerabilities is now available. Category: security (moderate) Bug References: 921999,927806,927807,927808 CVE References: CVE-2015-0295,CVE-2015-1858,CVE-2015-1859,CVE-2015-1860 Sources used: SUSE Linux Enterprise Software Development Kit 11 SP3 (src): libqt4-4.6.3-5.34.2, libqt4-devel-doc-4.6.3-5.34.2, libqt4-devel-doc-data-4.6.3-5.34.2, libqt4-sql-plugins-4.6.3-5.34.2 SUSE Linux Enterprise Server 11 SP3 for VMware (src): libqt4-4.6.3-5.34.2, libqt4-devel-doc-4.6.3-5.34.2, libqt4-sql-plugins-4.6.3-5.34.2 SUSE Linux Enterprise Server 11 SP3 (src): libqt4-4.6.3-5.34.2, libqt4-devel-doc-4.6.3-5.34.2, libqt4-sql-plugins-4.6.3-5.34.2 SUSE Linux Enterprise Desktop 11 SP3 (src): libqt4-4.6.3-5.34.2, libqt4-sql-plugins-4.6.3-5.34.2
SUSE-SU-2015:1359-1: An update that solves four vulnerabilities and has two fixes is now available. Category: security (moderate) Bug References: 847880,921999,927806,927807,927808,929688 CVE References: CVE-2015-0295,CVE-2015-1858,CVE-2015-1859,CVE-2015-1860 Sources used: SUSE Linux Enterprise Workstation Extension 12 (src): libqt4-4.8.6-4.2, libqt4-sql-plugins-4.8.6-4.1 SUSE Linux Enterprise Software Development Kit 12 (src): libqt4-4.8.6-4.2, libqt4-devel-doc-4.8.6-4.6, libqt4-sql-plugins-4.8.6-4.1 SUSE Linux Enterprise Server 12 (src): libqt4-4.8.6-4.2, libqt4-devel-doc-4.8.6-4.6, libqt4-sql-plugins-4.8.6-4.1 SUSE Linux Enterprise Desktop 12 (src): libqt4-4.8.6-4.2, libqt4-sql-plugins-4.8.6-4.1
SUSE-SU-2015:1383-1: An update that solves four vulnerabilities and has one errata is now available. Category: security (moderate) Bug References: 870151,921999,927806,927807,927808 CVE References: CVE-2015-0295,CVE-2015-1858,CVE-2015-1859,CVE-2015-1860 Sources used: SUSE Linux Enterprise Software Development Kit 12 (src): libqt5-qtbase-5.3.1-4.4.2 SUSE Linux Enterprise Server 12 (src): libqt5-qtbase-5.3.1-4.4.2 SUSE Linux Enterprise Desktop 12 (src): libqt5-qtbase-5.3.1-4.4.2
OpenSUSE 13.1 is still vulnerable. Could you please apply these fixes to it?
13.1 has meanwhile turned to evergreen support. :/ sorry , we did not see your message to reassiugn to the maintainer