Univention Bugzilla – Bug 52290
qtsvg-opensource-src: Multiple issues (4.4)
Last modified: 2020-11-04 14:49:25 CET
New Debian qtsvg-opensource-src 5.7.1~20161021-2.1 fixes: This update addresses the following issue: * Invalid parsing of malformed url reference resulting in a denial of service (CVE-2018-19869)
--- mirror/ftp/4.3/unmaintained/4.3-0/source/qtsvg-opensource-src_5.7.1~20161021-2.dsc +++ apt/ucs_4.4-0-errata4.4-6/source/qtsvg-opensource-src_5.7.1~20161021-2.1.dsc @@ -1,3 +1,8 @@ +5.7.1~20161021-2.1 [Mon, 19 Oct 2020 09:00:38 +0300] Adrian Bunk <bunk@debian.org>: + + * Non-maintainer upload by the LTS team. + * CVE-2018-19869: A malformed SVG image causes a segmentation fault. + 5.7.1~20161021-2 [Tue, 01 Nov 2016 15:10:10 +0300] Dmitry Shachnev <mitya57@debian.org>: * Upload to unstable. <http://10.200.17.11/4.4-6/#948082942764326425>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.4-6] 24651cdb6a Bug #52290: qtsvg-opensource-src 5.7.1~20161021-2.1 doc/errata/staging/qtsvg-opensource-src.yaml | 13 +++++++++++++ 1 file changed, 13 insertions(+)
<https://errata.software-univention.de/#/?erratum=4.4x789>