[ALSA-2020:4690] Moderate: qt5-qtbase and qt5-qtwebsockets security and bug fix update
Type:
security
Severity:
moderate
Release date:
2020-11-03
Description:
Qt is a software toolkit for developing applications. The qt5-base packages contain base tools for string, xml, and network handling in Qt. Security Fix(es): * qt: XML entity expansion vulnerability (CVE-2015-9541) * qt5-qtwebsockets: websocket implementation allows only limited size for frames and messages therefore attacker can cause DOS (CVE-2018-21035) * qt: files placed by attacker can influence the working directory and lead to malicious code execution (CVE-2020-0569) * qt: files placed by attacker can influence the working directory and lead to malicious code execution (CVE-2020-0570) * qt5: incorrectly calls SSL_shutdown() in OpenSSL mid-handshake causing denial of service in TLS applications (CVE-2020-13962) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
Updated packages:
  • qt5-assistant-5.12.5-2.el8.x86_64.rpm
  • qt5-designer-5.12.5-2.el8.x86_64.rpm
  • qt5-doctools-5.12.5-2.el8.x86_64.rpm
  • qt5-linguist-5.12.5-2.el8.x86_64.rpm
  • qt5-qdbusviewer-5.12.5-2.el8.x86_64.rpm
  • qt5-qtbase-5.12.5-6.el8.i686.rpm
  • qt5-qtbase-5.12.5-6.el8.x86_64.rpm
  • qt5-qtbase-common-5.12.5-6.el8.noarch.rpm
  • qt5-qtbase-devel-5.12.5-6.el8.i686.rpm
  • qt5-qtbase-devel-5.12.5-6.el8.x86_64.rpm
  • qt5-qtbase-examples-5.12.5-6.el8.i686.rpm
  • qt5-qtbase-examples-5.12.5-6.el8.x86_64.rpm
  • qt5-qtbase-gui-5.12.5-6.el8.i686.rpm
  • qt5-qtbase-gui-5.12.5-6.el8.x86_64.rpm
  • qt5-qtbase-mysql-5.12.5-6.el8.i686.rpm
  • qt5-qtbase-mysql-5.12.5-6.el8.x86_64.rpm
  • qt5-qtbase-odbc-5.12.5-6.el8.i686.rpm
  • qt5-qtbase-odbc-5.12.5-6.el8.x86_64.rpm
  • qt5-qtbase-postgresql-5.12.5-6.el8.i686.rpm
  • qt5-qtbase-postgresql-5.12.5-6.el8.x86_64.rpm
  • qt5-qtbase-private-devel-5.12.5-6.el8.i686.rpm
  • qt5-qtbase-private-devel-5.12.5-6.el8.x86_64.rpm
  • qt5-qtbase-static-5.12.5-6.el8.i686.rpm
  • qt5-qtbase-static-5.12.5-6.el8.x86_64.rpm
  • qt5-qttools-5.12.5-2.el8.x86_64.rpm
  • qt5-qttools-common-5.12.5-2.el8.noarch.rpm
  • qt5-qttools-devel-5.12.5-2.el8.i686.rpm
  • qt5-qttools-devel-5.12.5-2.el8.x86_64.rpm
  • qt5-qttools-examples-5.12.5-2.el8.i686.rpm
  • qt5-qttools-examples-5.12.5-2.el8.x86_64.rpm
  • qt5-qttools-libs-designer-5.12.5-2.el8.i686.rpm
  • qt5-qttools-libs-designer-5.12.5-2.el8.x86_64.rpm
  • qt5-qttools-libs-designercomponents-5.12.5-2.el8.i686.rpm
  • qt5-qttools-libs-designercomponents-5.12.5-2.el8.x86_64.rpm
  • qt5-qttools-libs-help-5.12.5-2.el8.i686.rpm
  • qt5-qttools-libs-help-5.12.5-2.el8.x86_64.rpm
  • qt5-qttools-static-5.12.5-2.el8.i686.rpm
  • qt5-qttools-static-5.12.5-2.el8.x86_64.rpm
  • qt5-qtwebsockets-5.12.5-2.el8.i686.rpm
  • qt5-qtwebsockets-5.12.5-2.el8.x86_64.rpm
  • qt5-qtwebsockets-devel-5.12.5-2.el8.i686.rpm
  • qt5-qtwebsockets-devel-5.12.5-2.el8.x86_64.rpm
  • qt5-qtwebsockets-examples-5.12.5-2.el8.x86_64.rpm
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.