Fixed in eoan by https://launchpad.net/ubuntu/+source/qtbase-opensource-
src/5.12.4+dfsg-4ubuntu1.1.
disco has reached end of life on 2020-01-18, so this won't be fixed
there.
** Changed in: qtbase-opensource-src (Ubuntu Eoan)
Status: New => Fix Released
** Changed in:
Removing the bionic task since the version in bionic is not affected (it
doesn't contain the original vulnerability).
** No longer affects: qtbase-opensource-src (Ubuntu Bionic)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Focal now has Qt 5.12.5 where this is fixed.
** Also affects: qtbase-opensource-src (Ubuntu Disco)
Importance: Undecided
Status: New
** Also affects: qtbase-opensource-src (Ubuntu Eoan)
Importance: Undecided
Status: New
** Also affects: qtbase-opensource-src (Ubuntu Bionic)
** Information type changed from Public to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1848784
Title:
Crash in Qt 5.12.2
To manage notifications about this bug go to:
MITRE has assigned CVE-2019-18281 for this issue.
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-18281
** Changed in: qtbase-opensource-src (Ubuntu)
Assignee: (unassigned) => Ubuntu Security Team (ubuntu-security)
--
You received this bug notification because you are a
This would appear to have security implications since I imagine if an
email were sent to a KMail recipient which was crafted in this same way
it would crash KMail? If this is likely true a CVE should be requested
from MITRE via https://cveform.mitre.org/ so that other distros etc can
ensure they
