Publishing details
Changelog
qtsvg-opensource-src (5.9.5-0ubuntu1.1) bionic-security; urgency=medium
* SECURITY UPDATE: segfault via malformed image
- debian/patches/CVE-2018-19869.patch: fix crash when parsing malformed
url reference in src/svg/qsvghandler.cpp,
tests/auto/qsvgrenderer/tst_qsvgrenderer.cpp.
- CVE-2018-19869
* SECURITY UPDATE: Out of bounds read
- debian/patches/CVE-2021-3481-pre1.patch: improve handling of
malformed numeric values in svg files in src/svg/qsvghandler.cpp.
- debian/patches/CVE-2021-3481.patch: clamp parsed doubles to float
representable values in src/svg/qsvghandler.cpp.
- CVE-2021-3481
* SECURITY UPDATE: Out of bounds write
- debian/patches/CVE-2021-45930.patch: do stricter error checking when
parsing path nodes in src/svg/qsvghandler.cpp.
- CVE-2021-45930
-- Marc Deslauriers <email address hidden> Thu, 13 Jan 2022 10:25:08 -0500
Builds
Built packages
-
libqt5svg5
Qt 5 SVG module
-
libqt5svg5-dbgsym
debug symbols for libqt5svg5
-
libqt5svg5-dev
Qt 5 SVG module development files
-
qtsvg5-doc
Qt 5 SVG documentation
-
qtsvg5-doc-html
Qt 5 SVG HTML documentation
-
qtsvg5-examples
Qt 5 SVG examples
-
qtsvg5-examples-dbgsym
debug symbols for qtsvg5-examples
Package files