-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : qtbase-opensource-src Version : 5.3.2+dfsg-4+deb8u3 CVE ID : CVE-2018-15518 CVE-2018-19870 CVE-2018-19873
Multiple issues were fixed in Qt. CVE-2018-15518 A double-free or corruption during parsing of a specially crafted illegal XML document. CVE-2018-19870 A malformed GIF image might have caused a NULL pointer dereference in QGifHandler resulting in a segmentation fault. CVE-2018-19873 QBmpHandler had a buffer overflow via BMP data. For Debian 8 "Jessie", these problems have been fixed in version 5.3.2+dfsg-4+deb8u3. We recommend that you upgrade your qtbase-opensource-src packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAlwtyNUACgkQiNJCh6LY mLEErBAAvj8B8Na9qtToNmdouvXVERxBFhoAfFMtc9t++cq8ZwaYacHFSjQTww8n hJKRmkvxz+QpZGz4yJlv9rL0aZD/zqQ6Rg0wqJKkHdXtzR1t/0QBN8kdTs6Vi8a7 6FcfVzcNlbRmOxfXgkY6K1Sdof8ZzyzeoOC46jJNUxRw2fogaOXpuiP2ZjcmyjbW QqAvWB/aem3i0SpJtfh2j164mcVR6JVQA7NOnLhY6LiMT5Nxrfdqya/cpCebKVW1 SPQaqln+XZu1Qx2Z3okBjSs73N13jQNiaYzrW27Ma1oDBqrqg5gF/rVFP2v1Zerx f3rhKiQJtscWE+nxS96wOftebWLiEAKisE2G46HKQjowEpOzNk8+Mh6unYwkYpdl aVgD+V11Wamg174CAzQH6Xa0rdt9Pg7uRKL93biJrfQnlDWzudrDn+iF/c4Yery7 C7V8vIL9o5pshJieaNa4fOo4Y5fmmWqxIoAC0RqVLdVIvQ1sT1lz/lXp2h1HsF28 rHk0roZY13JaUGYa9kSPxoJ94Rn4U12D/zym8GNhlIonrho94wzM38j3IYSTEVxX OGYS9J3pore0j6Vqs2x+0oMP+i5lmusT9MBh1AM1efUAkLICxMpEbgGhfYatp7tv F4NJASOebu5en5tNhrqwlhybdFlydUTc3Ppw6i6s+q8PK6rtKic= =I76F -----END PGP SIGNATURE-----