| Summary: | qt3, qt4, qtbase5 new security issues CVE-2015-1858, CVE-2015-1859, and CVE-2015-1860 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | normal | ||
| Priority: | Normal | CC: | sysadmin-bugs |
| Version: | 4 | Keywords: | validated_update |
| Target Milestone: | --- | ||
| Hardware: | i586 | ||
| OS: | Linux | ||
| URL: | http://lwn.net/Vulnerabilities/641431/ | ||
| Whiteboard: | has_procedure advisory MGA4-32-OK mga4-64-ok | ||
| Source RPM: | qt3, qt4-4.8.6-8.mga5.src.rpm, qtbase5-5.4.0-6.mga5.src.rpm | CVE: | |
| Status comment: | |||
|
Description
David Walser
2015-04-22 18:21:47 CEST
David Walser
2015-04-22 19:32:00 CEST
URL:
(none) =>
http://lwn.net/Vulnerabilities/641431/ Patches checked into Mageia 4 and Cauldron SVN. Freeze push requested. Whiteboard:
(none) =>
MGA5TOO, MGA4TOO qt3 is also vulnerable to CVE-2015-1860, but not the other two issues, according to Fedora. I've checked a patch from them into Mageia 4 and Cauldron SVN to fix CVE-2015-1860. Freeze push requested. Patched packages uploaded for Mageia 4 and Cauldron. If there's an upstream Qt bug report with PoC files this time, I haven't come across it yet. Last time (Bug 15383) we were able to test the affected functionality using gwenview (Qt4) and eyesight (built from the Cauldron SRPM, Qt5). Qt3 just check that it installs. Advisory: ======================== Updated qt3, qt4, and qtbase5 packages fix security vulnerabilities: It is possible to construct invalid BMP (CVE-2015-1858), ICO (CVE-2015-1859) and GIF (CVE-2015-1860) images that lead to buffer overflows. Qt3 is only vulnerable to the CVE-2015-1860 issue with GIF images. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1858 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1859 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1860 https://lists.fedoraproject.org/pipermail/package-announce/2015-April/155424.html https://lists.fedoraproject.org/pipermail/package-announce/2015-April/155927.html http://lists.qt-project.org/pipermail/announce/2015-April/000067.html ======================== Updated packages in core/updates_testing: ======================== libqt3-3.3.8b-33.4 qt3-common-3.3.8b-33.4 libqt3-mysql-3.3.8b-33.4 libqt3-psql-3.3.8b-33.4 libqt3-odbc-3.3.8b-33.4 libqt3-sqlite-3.3.8b-33.4 qt4-common-4.8.6-1.3 libqtxml4-4.8.6-1.3 libqtscripttools4-4.8.6-1.3 libqtxmlpatterns4-4.8.6-1.3 libqtsql4-4.8.6-1.3 libqtnetwork4-4.8.6-1.3 libqtscript4-4.8.6-1.3 libqtgui4-4.8.6-1.3 libqtsvg4-4.8.6-1.3 libqttest4-4.8.6-1.3 libqthelp4-4.8.6-1.3 libqtclucene4-4.8.6-1.3 libqtcore4-4.8.6-1.3 libqt3support4-4.8.6-1.3 libqtopengl4-4.8.6-1.3 libqtdesigner4-4.8.6-1.3 libqtdbus4-4.8.6-1.3 libqtmultimedia4-4.8.6-1.3 qt4-qtdbus-4.8.6-1.3 libqtdeclarative4-4.8.6-1.3 qt4-qmlviewer-4.8.6-1.3 libqt4-devel-4.8.6-1.3 qt4-devel-private-4.8.6-1.3 qt4-xmlpatterns-4.8.6-1.3 qt4-qtconfig-4.8.6-1.3 qt4-doc-4.8.6-1.3 qt4-demos-4.8.6-1.3 qt4-examples-4.8.6-1.3 qt4-linguist-4.8.6-1.3 qt4-assistant-4.8.6-1.3 qt4-database-plugin-mysql-4.8.6-1.3 qt4-database-plugin-sqlite-4.8.6-1.3 qt4-database-plugin-tds-4.8.6-1.3 qt4-database-plugin-pgsql-4.8.6-1.3 qt4-graphicssystems-plugin-4.8.6-1.3 qt4-accessibility-plugin-4.8.6-1.3 qt4-designer-4.8.6-1.3 qt4-designer-plugin-webkit-4.8.6-1.3 qt4-designer-plugin-qt3support-4.8.6-1.3 qt4-qvfb-4.8.6-1.3 qt4-qdoc3-4.8.6-1.3 qtbase5-common-5.2.0-2.5 qtbase5-examples-5.2.0-2.5 qtbase5-database-plugin-odbc-5.2.0-2.5 qtbase5-database-plugin-mysql-5.2.0-2.5 qtbase5-database-plugin-sqlite-5.2.0-2.5 qtbase5-database-plugin-tds-5.2.0-2.5 qtbase5-database-plugin-pgsql-5.2.0-2.5 libqt5core5-5.2.0-2.5 libqt5core-devel-5.2.0-2.5 libqt5core-private-devel-5.2.0-2.5 libqt5sql5-5.2.0-2.5 libqt5sql-devel-5.2.0-2.5 libqt5sql-private-devel-5.2.0-2.5 libqt5dbus5-5.2.0-2.5 libqt5dbus-devel-5.2.0-2.5 libqt5dbus-private-devel-5.2.0-2.5 libqt5concurrent5-5.2.0-2.5 libqt5concurrent-devel-5.2.0-2.5 libqt5gui5-5.2.0-2.5 libqt5gui-devel-5.2.0-2.5 libqt5gui-private-devel-5.2.0-2.5 libqt5network5-5.2.0-2.5 libqt5network-devel-5.2.0-2.5 libqt5network-private-devel-5.2.0-2.5 libqt5opengl5-5.2.0-2.5 libqt5opengl-devel-5.2.0-2.5 libqt5opengl-private-devel-5.2.0-2.5 libqt5printsupport5-5.2.0-2.5 libqt5printsupport-devel-5.2.0-2.5 libqt5printsupport-private-devel-5.2.0-2.5 libqt5test5-5.2.0-2.5 libqt5test-devel-5.2.0-2.5 libqt5test-private-devel-5.2.0-2.5 libqt5widgets5-5.2.0-2.5 libqt5widgets-devel-5.2.0-2.5 libqt5widgets-private-devel-5.2.0-2.5 libqt5xml5-5.2.0-2.5 libqt5xml-devel-5.2.0-2.5 libqt5platformsupport-devel-5.2.0-2.5 libqt5platformsupport-private-devel-5.2.0-2.5 libqt5bootstrap-devel-5.2.0-2.5 libqt5base5-devel-5.2.0-2.5 qtbase5-common-devel-5.2.0-2.5 from SRPMS: qt3-3.3.8b-33.4.mga4.src.rpm qt4-4.8.6-1.3.mga4.src.rpm qtbase5-5.2.0-2.5.mga4.src.rpm Version:
Cauldron =>
4 I can't find any PoC's, maybe they aren't public. I tested Qt3 by upgrading the packages. I tested Qt4 with gwenview. I tested Qt5 with eyesight (built from Cauldron SVN). Opened GIF, BMP, and ICO files. All OK, Mageia 4 i586. Whiteboard:
(none) =>
has_procedure MGA4-32-OK Testing complete mga4 64 Similar to comment 4 except used transmission-qt5 and yaflight for qt5 which are two of only a few which require lib64qt5core5 Validating. Advisory uploaded. Please push to 4 updates Thanks! Keywords:
(none) =>
validated_update An update for this issue has been pushed to Mageia Updates repository. http://advisories.mageia.org/MGASA-2015-0198.html Status:
NEW =>
RESOLVED |