commit patchinfo.14096 for openSUSE:Leap:15.2:Update

Tue, 22 Sep 2020 03:23:42 -0700 

Hello community,

here is the log from the commit of package patchinfo.14096 for 
openSUSE:Leap:15.2:Update checked in at 2020-09-22 12:22:45
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Leap:15.2:Update/patchinfo.14096 (Old)
 and      /work/SRC/openSUSE:Leap:15.2:Update/.patchinfo.14096.new.4249 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "patchinfo.14096"

Tue Sep 22 12:22:45 2020 rev:1 rq:835542 version:unknown

Changes:
--------
New Changes file:

NO CHANGES FILE!!!

New:
----
  _patchinfo

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ _patchinfo ++++++
<patchinfo incident="14096">
  <issue tracker="cve" id="2018-19873"/>
  <issue tracker="cve" id="2018-15518"/>
  <issue tracker="cve" id="2018-19869"/>
  <issue tracker="cve" id="2020-17507"/>
  <issue tracker="bnc" id="1121214">GCC 9: libqt4 build fails</issue>
  <issue tracker="bnc" id="1118596">VUL-1: CVE-2018-19873: libqt4 
,libqt5-qtbase: QBmpHandler segfault on malformed BMP file</issue>
  <issue tracker="bnc" id="1176315">VUL-0: CVE-2020-17507: 
libqt4,libqt5-qtbase: buffer over-read in read_xbm_body in 
gui/image/qxbmhandler.cpp</issue>
  <issue tracker="bnc" id="1118595">VUL-0: CVE-2018-15518: libqt4 
,libqt5-qtbase: "double free or corruption" in QXmlStreamReader</issue>
  <issue tracker="bnc" id="1118599">VUL-1: CVE-2018-19869: libqt5-qtsvg: Fix 
crash when parsing malformed url reference</issue>
  <packager>dirkmueller</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for libqt4</summary>
  <description>This update for libqt4 fixes the following issues:

* Fix buffer over-read in read_xbm_body (boo#1176315, CVE-2020-17507)
* Fix "double free or corruption" in QXmlStreamReader (boo#1118595, 
CVE-2018-15518)
* Fix QBmpHandler segfault on malformed BMP file boo#1118596, CVE-2018-19873)
* Fix crash when parsing malformed url reference (boo#1118599, CVE-2018-19869)


This update was imported from the openSUSE:Leap:15.1:Update update 
project.</description>
</patchinfo>

Reply via email to