MGASA-2015-0105

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2015-0105.html

Import Source

https://advisories.mageia.org/MGASA-2015-0105.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2015-0105

Related

CVE-2015-0295

Published

2015-03-12T15:30:53Z

Modified

2015-03-12T15:21:38Z

Summary

Updated qt3, qt4 and qtbase5 packages fix security vulnerability

Details

The builtin BMP decoder in QtGui prior to Qt 5.5 contained a bug that would lead to a divsion by zero when loading certain corrupt BMP files (CVE-2015-0295). This in turn would cause the application loading these hand crafted BMPs to crash. Qt3, Qt4 and qtbase5 have been patched to prevent this division by zero.

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:4 / qt3

Package

Name: qt3
Purl: pkg:rpm/mageia/qt3?distro=mageia-4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.3.8b-33.3.mga4

Ecosystem specific

{
    "section": "core"
}

Mageia:4 / qt4

Package

Name: qt4
Purl: pkg:rpm/mageia/qt4?distro=mageia-4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.8.6-1.2.mga4

Ecosystem specific

{
    "section": "core"
}

Mageia:4 / qtbase5

Package

Name: qtbase5
Purl: pkg:rpm/mageia/qtbase5?distro=mageia-4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.2.0-2.4.mga4

Ecosystem specific

{
    "section": "core"
}