[ubuntu/eoan-updates] qtbase-opensource-src 5.12.4+dfsg-4ubuntu1.1 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Mon Feb 10 13:58:57 UTC 2020
qtbase-opensource-src (5.12.4+dfsg-4ubuntu1.1) eoan-security; urgency=medium
* SECURITY UPDATE: DoS via text file containing many directional chars
- debian/patches/CVE-2019-18281.patch: add bounds check to
src/gui/text/qtextengine.cpp.
- CVE-2019-18281
* SECURITY UPDATE: QPluginLoader loads plugins from the CWD
- debian/patches/CVE-2020-0569.patch: do not load plugin from the $PWD
in src/corelib/plugin/qpluginloader.cpp.
- CVE-2020-0569
* SECURITY UPDATE: QLibrary loads libraries from relative path from CWD
- debian/patches/CVE-2020-0570.patch: do not attempt to load a library
relative to $PWD in src/corelib/plugin/qlibrary_unix.cpp.
- CVE-2020-0570
Date: 2020-02-09 16:58:15.458163+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/qtbase-opensource-src/5.12.4+dfsg-4ubuntu1.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Eoan-changes
mailing list