SUSE-SU-2015:1383-1: moderate: Security update for libqt5-qtbase
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Fri Aug 14 05:09:32 MDT 2015
SUSE Security Update: Security update for libqt5-qtbase
______________________________________________________________________________
Announcement ID: SUSE-SU-2015:1383-1
Rating: moderate
References: #870151 #921999 #927806 #927807 #927808
Cross-References: CVE-2015-0295 CVE-2015-1858 CVE-2015-1859
CVE-2015-1860
Affected Products:
SUSE Linux Enterprise Software Development Kit 12
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Desktop 12
______________________________________________________________________________
An update that solves four vulnerabilities and has one
errata is now available.
Description:
This security update fixes the following issues:
* Add libqt5-Fix-a-division-by-zero-processing-malformed-BMP.patch
- QTBUG-44547, bsc#921999 (CVE-2015-0295)
* Add libqt5-Fixes-crash-in-bmp-and-ico-image-decoding.patch
- bsc#927806 (CVE-2015-1858), bsc#927807 (CVE-2015-1859)
* Add libqt5-Fixes-crash-in-gif-image-decoder.patch
- bsc#927808 (CVE-2015-1860)
* Add libqt5-fix-use-after-free-bug.patch from upstream
- fixes the use-after-free bug in backingstore, boo#870151
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 12:
zypper in -t patch SUSE-SLE-SDK-12-2015-399=1
- SUSE Linux Enterprise Server 12:
zypper in -t patch SUSE-SLE-SERVER-12-2015-399=1
- SUSE Linux Enterprise Desktop 12:
zypper in -t patch SUSE-SLE-DESKTOP-12-2015-399=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64):
libQt5Bootstrap-devel-static-5.3.1-4.4.2
libQt5Concurrent-devel-5.3.1-4.4.2
libQt5Concurrent5-5.3.1-4.4.2
libQt5Concurrent5-debuginfo-5.3.1-4.4.2
libQt5Core-devel-5.3.1-4.4.2
libQt5DBus-devel-5.3.1-4.4.2
libQt5DBus-devel-debuginfo-5.3.1-4.4.2
libQt5Gui-devel-5.3.1-4.4.2
libQt5Network-devel-5.3.1-4.4.2
libQt5Network5-5.3.1-4.4.2
libQt5Network5-debuginfo-5.3.1-4.4.2
libQt5OpenGL-devel-5.3.1-4.4.2
libQt5OpenGL5-5.3.1-4.4.2
libQt5OpenGL5-debuginfo-5.3.1-4.4.2
libQt5OpenGLExtensions-devel-static-5.3.1-4.4.2
libQt5PlatformSupport-devel-static-5.3.1-4.4.2
libQt5PrintSupport-devel-5.3.1-4.4.2
libQt5PrintSupport5-5.3.1-4.4.2
libQt5PrintSupport5-debuginfo-5.3.1-4.4.2
libQt5Sql-devel-5.3.1-4.4.2
libQt5Sql5-5.3.1-4.4.2
libQt5Sql5-debuginfo-5.3.1-4.4.2
libQt5Sql5-mysql-5.3.1-4.4.2
libQt5Sql5-mysql-debuginfo-5.3.1-4.4.2
libQt5Sql5-postgresql-5.3.1-4.4.2
libQt5Sql5-postgresql-debuginfo-5.3.1-4.4.2
libQt5Sql5-sqlite-5.3.1-4.4.2
libQt5Sql5-sqlite-debuginfo-5.3.1-4.4.2
libQt5Sql5-unixODBC-5.3.1-4.4.2
libQt5Sql5-unixODBC-debuginfo-5.3.1-4.4.2
libQt5Test-devel-5.3.1-4.4.2
libQt5Test5-5.3.1-4.4.2
libQt5Test5-debuginfo-5.3.1-4.4.2
libQt5Widgets-devel-5.3.1-4.4.2
libQt5Xml-devel-5.3.1-4.4.2
libQt5Xml5-5.3.1-4.4.2
libQt5Xml5-debuginfo-5.3.1-4.4.2
libqt5-qtbase-common-devel-5.3.1-4.4.2
libqt5-qtbase-common-devel-debuginfo-5.3.1-4.4.2
libqt5-qtbase-debugsource-5.3.1-4.4.2
libqt5-qtbase-devel-5.3.1-4.4.2
libqt5-qtbase-doc-5.3.1-4.4.2
libqt5-qtbase-doc-debuginfo-5.3.1-4.4.2
- SUSE Linux Enterprise Software Development Kit 12 (noarch):
libQt5Core-private-headers-devel-5.3.1-4.4.2
libQt5DBus-private-headers-devel-5.3.1-4.4.2
libQt5Gui-private-headers-devel-5.3.1-4.4.2
libQt5Network-private-headers-devel-5.3.1-4.4.2
libQt5OpenGL-private-headers-devel-5.3.1-4.4.2
libQt5PlatformSupport-private-headers-devel-5.3.1-4.4.2
libQt5PrintSupport-private-headers-devel-5.3.1-4.4.2
libQt5Sql-private-headers-devel-5.3.1-4.4.2
libQt5Test-private-headers-devel-5.3.1-4.4.2
libQt5Widgets-private-headers-devel-5.3.1-4.4.2
libqt5-qtbase-private-headers-devel-5.3.1-4.4.2
- SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64):
libQt5Core5-5.3.1-4.4.2
libQt5Core5-debuginfo-5.3.1-4.4.2
libQt5DBus5-5.3.1-4.4.2
libQt5DBus5-debuginfo-5.3.1-4.4.2
libQt5Gui5-5.3.1-4.4.2
libQt5Gui5-debuginfo-5.3.1-4.4.2
libQt5Widgets5-5.3.1-4.4.2
libQt5Widgets5-debuginfo-5.3.1-4.4.2
libqt5-qtbase-debugsource-5.3.1-4.4.2
- SUSE Linux Enterprise Desktop 12 (x86_64):
libQt5Core5-5.3.1-4.4.2
libQt5Core5-debuginfo-5.3.1-4.4.2
libQt5DBus5-5.3.1-4.4.2
libQt5DBus5-debuginfo-5.3.1-4.4.2
libQt5Gui5-5.3.1-4.4.2
libQt5Gui5-debuginfo-5.3.1-4.4.2
libQt5Widgets5-5.3.1-4.4.2
libQt5Widgets5-debuginfo-5.3.1-4.4.2
libqt5-qtbase-debugsource-5.3.1-4.4.2
References:
https://www.suse.com/security/cve/CVE-2015-0295.html
https://www.suse.com/security/cve/CVE-2015-1858.html
https://www.suse.com/security/cve/CVE-2015-1859.html
https://www.suse.com/security/cve/CVE-2015-1860.html
https://bugzilla.suse.com/870151
https://bugzilla.suse.com/921999
https://bugzilla.suse.com/927806
https://bugzilla.suse.com/927807
https://bugzilla.suse.com/927808
More information about the sle-security-updates
mailing list