-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2376-1 debian-...@lists.debian.org https://www.debian.org/lts/security/ Adrian Bunk September 21, 2020 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : qtbase-opensource-src Version : 5.7.1+dfsg-3+deb9u3 CVE ID : CVE-2018-19872 CVE-2020-17507 Debian Bug : 968444 Several vulnerabilities were fixed in the Qt toolkit. CVE-2018-19872 A malformed PPM image causes a crash. CVE-2020-17507 Buffer over-read in the XBM parser. For Debian 9 stretch, these problems have been fixed in version 5.7.1+dfsg-3+deb9u3. We recommend that you upgrade your qtbase-opensource-src packages. For the detailed security status of qtbase-opensource-src please refer to its security tracker page at: https://security-tracker.debian.org/tracker/qtbase-opensource-src Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAl9xifwACgkQiNJCh6LY mLHjqQ//Yw57PcZCXFppNUunjWufa4aiYUDGAwKY2TFknhkobY4APaKO3X3KV5E7 M3rsS82MSzLmf0qNYHuS+7o/6XFGK20zhx/pc8Y4Hy/yIQfEAm+8ac/m6+zFFq0m V9C+HIt51DWSutMvmnZ3EObOTm4NUjJAcSXKUNx0Zod7nhSEmBAlUy22IqwqCUoj +d4HRnA1DcV8Rk5WJpuM7Pv4X+Llc1PjeG8pw3w8yQijIBwY8NHEDjOnh7h0La1P PsiyMIoMsSr9EM2Pu6bPqTdhDOtLH0eE+L7g+stg3EgflFC56qi/Q/9Ji/vxVwIR WIplL32Rl5AF9Axp+LkL4We5QpTapW+JU+qbnNYdblr7NPPM5a6bQXr86sokHypk Us8btDZq/ZkwCZM5a90QZUPy3fc2bdOFNnZMU+Hpq2dEnbFm0WEbIMOhnenLS+9H ubtyRLkUkXfOvezjqx4V2CfHKHWc/FXUdF3amLE/PzLdmA9YI6zUVNHdVh+MqU6T GhKRERupSRywYP2ayxqM/sNlcnI8IODc8JG7PdRBrBqhTWHlm+Ik5BvE1oQCWLXE BPofZSR09VmoV7V6ptjFJmGPYWj5eBz/qLQtCIiihy/HIppruTz5nt2a8eOvS6k4 JR/EW+szcpEHG4CQdoaWo9Y5JHRXfpvly4b950NwA5rhJw+q2W0= =9YVf -----END PGP SIGNATURE-----