Hello community, here is the log from the commit of package patchinfo.14096 for openSUSE:Leap:15.2:Update checked in at 2020-09-22 12:22:45 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Leap:15.2:Update/patchinfo.14096 (Old) and /work/SRC/openSUSE:Leap:15.2:Update/.patchinfo.14096.new.4249 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "patchinfo.14096" Tue Sep 22 12:22:45 2020 rev:1 rq:835542 version:unknown Changes: -------- New Changes file: NO CHANGES FILE!!! New: ---- _patchinfo ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ _patchinfo ++++++ <patchinfo incident="14096"> <issue tracker="cve" id="2018-19873"/> <issue tracker="cve" id="2018-15518"/> <issue tracker="cve" id="2018-19869"/> <issue tracker="cve" id="2020-17507"/> <issue tracker="bnc" id="1121214">GCC 9: libqt4 build fails</issue> <issue tracker="bnc" id="1118596">VUL-1: CVE-2018-19873: libqt4 ,libqt5-qtbase: QBmpHandler segfault on malformed BMP file</issue> <issue tracker="bnc" id="1176315">VUL-0: CVE-2020-17507: libqt4,libqt5-qtbase: buffer over-read in read_xbm_body in gui/image/qxbmhandler.cpp</issue> <issue tracker="bnc" id="1118595">VUL-0: CVE-2018-15518: libqt4 ,libqt5-qtbase: "double free or corruption" in QXmlStreamReader</issue> <issue tracker="bnc" id="1118599">VUL-1: CVE-2018-19869: libqt5-qtsvg: Fix crash when parsing malformed url reference</issue> <packager>dirkmueller</packager> <rating>moderate</rating> <category>security</category> <summary>Security update for libqt4</summary> <description>This update for libqt4 fixes the following issues: * Fix buffer over-read in read_xbm_body (boo#1176315, CVE-2020-17507) * Fix "double free or corruption" in QXmlStreamReader (boo#1118595, CVE-2018-15518) * Fix QBmpHandler segfault on malformed BMP file boo#1118596, CVE-2018-19873) * Fix crash when parsing malformed url reference (boo#1118599, CVE-2018-19869) This update was imported from the openSUSE:Leap:15.1:Update update project.</description> </patchinfo>