Security Information / 2019 / Security Information -- DSA-4374-1 qtbase-opensource-src

Debian Security Advisory

DSA-4374-1 qtbase-opensource-src -- security update

Date Reported:

28 Jan 2019

Affected Packages:

qtbase-opensource-src

Vulnerable:

Yes

Security database references:

In the Debian bugtracking system: Bug 907139.
In Mitre's CVE dictionary: CVE-2018-15518, CVE-2018-19870, CVE-2018-19873.

More information:

Several issues were discovered in qtbase-opensource-src, a cross-platform C++ application framework, which could lead to denial-of-service via application crash. Additionally, this update fixes a problem affecting vlc, where it would start without a GUI.

For the stable distribution (stretch), these problems have been fixed in version 5.7.1+dfsg-3+deb9u1.

We recommend that you upgrade your qtbase-opensource-src packages.

For the detailed security status of qtbase-opensource-src please refer to its security tracker page at: https://security-tracker.debian.org/tracker/qtbase-opensource-src