GLSA
Advocate
Joined: 12 May 2004
Posts: 2663
|
 Posted: Thu Mar 26, 2020 8:26 pm Post subject: [ GLSA 202003-60 ] QtCore |
 |
|
Gentoo Linux Security Advisory
Title: QtCore: Multiple vulnerabilities (GLSA 202003-60)
Severity: normal
Exploitable: local, remote
Date: 2020-03-26
Bug(s): #699226, #707354
ID: 202003-60
Synopsis
Multiple vulnerabilities have been found in QtCore, the worst of
which could result in the execution of arbitrary code.
Background
The Qt toolkit is a comprehensive C++ application development framework.
Affected Packages
Package: dev-qt/qtcore
Vulnerable: < 5.13.2-r2
Unaffected: >= 5.12.3-r2 < 5.12.4
Unaffected: >= 5.13.2-r2 < 5.13.3
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in QtCore. Please review
the CVE identifiers referenced below for details.
Impact
An attacker could possibly execute arbitrary code with the privileges of
the process or cause a Denial of Service condition.
Workaround
There is no known workaround at this time.
Resolution
All QtCore 5.12.x users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=dev-qt/qtcore-5.12.3-r2"
|
All QtCore 5.13.x users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=dev-qt/qtcore-5.13.2-r2"
|
References
CVE-2019-18281
CVE-2020-0569
CVE-2020-0570 |
|
News & Announcements
