UbuntuUpdates.org

Package "qtbase-opensource-src"

Name: qtbase-opensource-src

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Qt 5 MySQL database driver
  • Qt 5 ODBC database driver
  • Qt 5 PostgreSQL database driver
  • Qt 5 FreeTDS database driver

Latest version: 5.2.1+dfsg-1ubuntu14.3
Release: trusty (14.04)
Level: updates
Repository: universe

Links



Other versions of "qtbase-opensource-src" in Trusty

Repository Area Version
base universe 5.2.1+dfsg-1ubuntu14
base main 5.2.1+dfsg-1ubuntu14
security universe 5.2.1+dfsg-1ubuntu14.3
security main 5.2.1+dfsg-1ubuntu14.3
updates main 5.2.1+dfsg-1ubuntu14.3

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 5.2.1+dfsg-1ubuntu14.3 2015-06-03 16:07:09 UTC

  qtbase-opensource-src (5.2.1+dfsg-1ubuntu14.3) trusty-security; urgency=medium

  * SECURITY UPDATE: denial of service via crafted GIF image
    - debian/patches/CVE-2014-0190.patch: check for broken image in
      src/gui/image/qgifhandler.cpp.
    - CVE-2014-0190
  * SECURITY UPDATE: denial of service via crafted BMP
    - debian/patches/CVE-2015-0295.patch: fix division by zero in
      src/gui/image/qbmphandler.cpp.
    - CVE-2015-0295
  * SECURITY UPDATE: denial of service and possible code execution via
    crafted BMP or ICO images
    - debian/patches/CVE-2015-1858-1859.patch: move check to better
      location in src/gui/image/qbmphandler.cpp, check depth in
      src/plugins/imageformats/ico/qicohandler.cpp.
    - CVE-2015-1858
    - CVE-2015-1859
  * SECURITY UPDATE: denial of service and possible code exection via
    crafted GIF image
    - debian/patches/CVE-2015-1860.patch: check bounds in
      src/gui/image/qgifhandler.cpp.
    - CVE-2015-1860

 -- Marc Deslauriers <email address hidden> Wed, 27 May 2015 13:55:50 -0400

Source diff to previous version
CVE-2014-0190 The GIF decoder in QtGui in Qt before 5.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via invalid width and heigh
CVE-2015-0295 The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers t
CVE-2015-1858 Multiple buffer overflows in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service and possib
CVE-2015-1859 Multiple buffer overflows in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service and possib
CVE-2015-1860 Multiple buffer overflows in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service and possib

Version: 5.2.1+dfsg-1ubuntu14.2 2014-06-03 21:06:54 UTC

  qtbase-opensource-src (5.2.1+dfsg-1ubuntu14.2) trusty; urgency=medium

  * debian/patches/xi2-use-master-device.patch:
    - Make xi2 select events on master device instead of slaves.
      (LP: #1307701)

1307701 xserver mouse pointer emulation from touch breaks with QML app.



About   -   Send Feedback to @ubuntu_updates