Debian Security Advisory

DSA-4374-1 qtbase-opensource-src -- security update

Date Reported:
28 Jan 2019
Affected Packages:
qtbase-opensource-src
Vulnerable:
Yes
Security database references:
In the Debian bugtracking system: Bug 907139.
In Mitre's CVE dictionary: CVE-2018-15518, CVE-2018-19870, CVE-2018-19873.
More information:

Several issues were discovered in qtbase-opensource-src, a cross-platform C++ application framework, which could lead to denial-of-service via application crash. Additionally, this update fixes a problem affecting vlc, where it would start without a GUI.

For the stable distribution (stretch), these problems have been fixed in version 5.7.1+dfsg-3+deb9u1.

We recommend that you upgrade your qtbase-opensource-src packages.

For the detailed security status of qtbase-opensource-src please refer to its security tracker page at: https://security-tracker.debian.org/tracker/qtbase-opensource-src