UbuntuUpdates.org

Package "libqt5gui5"

Name: libqt5gui5

Description:

Qt 5 GUI module

Latest version: 5.2.1+dfsg-1ubuntu14.3
Release: trusty (14.04)
Level: updates
Repository: main
Head package: qtbase-opensource-src
Homepage: http://qt-project.org/

Links


Download "libqt5gui5"


Other versions of "libqt5gui5" in Trusty

Repository Area Version
base main 5.2.1+dfsg-1ubuntu14
security main 5.2.1+dfsg-1ubuntu14.3

Changelog

Version: 5.2.1+dfsg-1ubuntu14.3 2015-06-03 16:07:07 UTC

  qtbase-opensource-src (5.2.1+dfsg-1ubuntu14.3) trusty-security; urgency=medium

  * SECURITY UPDATE: denial of service via crafted GIF image
    - debian/patches/CVE-2014-0190.patch: check for broken image in
      src/gui/image/qgifhandler.cpp.
    - CVE-2014-0190
  * SECURITY UPDATE: denial of service via crafted BMP
    - debian/patches/CVE-2015-0295.patch: fix division by zero in
      src/gui/image/qbmphandler.cpp.
    - CVE-2015-0295
  * SECURITY UPDATE: denial of service and possible code execution via
    crafted BMP or ICO images
    - debian/patches/CVE-2015-1858-1859.patch: move check to better
      location in src/gui/image/qbmphandler.cpp, check depth in
      src/plugins/imageformats/ico/qicohandler.cpp.
    - CVE-2015-1858
    - CVE-2015-1859
  * SECURITY UPDATE: denial of service and possible code exection via
    crafted GIF image
    - debian/patches/CVE-2015-1860.patch: check bounds in
      src/gui/image/qgifhandler.cpp.
    - CVE-2015-1860

 -- Marc Deslauriers <email address hidden> Wed, 27 May 2015 13:55:50 -0400

Source diff to previous version
CVE-2014-0190 The GIF decoder in QtGui in Qt before 5.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via invalid width and heigh
CVE-2015-0295 The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers t
CVE-2015-1858 Multiple buffer overflows in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service and possib
CVE-2015-1859 Multiple buffer overflows in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service and possib
CVE-2015-1860 Multiple buffer overflows in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service and possib

Version: 5.2.1+dfsg-1ubuntu14.2 2014-06-03 21:06:48 UTC

  qtbase-opensource-src (5.2.1+dfsg-1ubuntu14.2) trusty; urgency=medium

  * debian/patches/xi2-use-master-device.patch:
    - Make xi2 select events on master device instead of slaves.
      (LP: #1307701)

1307701 xserver mouse pointer emulation from touch breaks with QML app.



About   -   Send Feedback to @ubuntu_updates