Oval Definition:oval:com.redhat.rhsa:def:20201665
Revision Date:2020-04-29Version:637
Title:RHSA-2020:1665: qt5 security, bug fix, and enhancement update (Moderate)
Description:Qt is a software toolkit for developing applications. The qt5-base packages contain base tools for string, xml, and network handling in Qt.

  • The following packages have been upgraded to a later upstream version: qt5 (5.12.5), qt5-qt3d (5.12.5), qt5-qtbase (5.12.5), qt5-qtcanvas3d (5.12.5), qt5-qtconnectivity (5.12.5), qt5-qtdeclarative (5.12.5), qt5-qtdoc (5.12.5), qt5-qtgraphicaleffects (5.12.5), qt5-qtimageformats (5.12.5), qt5-qtlocation (5.12.5), qt5-qtmultimedia (5.12.5), qt5-qtquickcontrols (5.12.5), qt5-qtquickcontrols2 (5.12.5), qt5-qtscript (5.12.5), qt5-qtsensors (5.12.5), qt5-qtserialbus (5.12.5), qt5-qtserialport (5.12.5), qt5-qtsvg (5.12.5), qt5-qttools (5.12.5), qt5-qttranslations (5.12.5), qt5-qtwayland (5.12.5), qt5-qtwebchannel (5.12.5), qt5-qtwebsockets (5.12.5), qt5-qtx11extras (5.12.5), qt5-qtxmlpatterns (5.12.5), python-qt5 (5.13.1), sip (4.19.19). (BZ#1775603, BZ#1775604)

    Security Fix(es):

  • qt: Malformed PPM image causing division by zero and crash in qppmhandler.cpp (CVE-2018-19872)

  • qt5-qtsvg: Invalid parsing of malformed url reference resulting in a denial of service (CVE-2018-19869)

  • qt5-qtimageformats: QTgaFile CPU exhaustion (CVE-2018-19871)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2018-19869
    CVE-2018-19871
    CVE-2018-19872
    CVE-2019-18281
    RHSA-2020:1665
    Platform(s):Red Hat Enterprise Linux 8
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 8 is installed
  • OR Red Hat CoreOS 4 is installed
  • AND
  • python-qt5-rpm-macros is earlier than 0:5.13.1-1.el8
  • AND python-qt5-rpm-macros is signed with Red Hat redhatrelease2 key
  • python3-qt5 is earlier than 0:5.13.1-1.el8
  • AND python3-qt5 is signed with Red Hat redhatrelease2 key
  • python3-qt5-base is earlier than 0:5.13.1-1.el8
  • AND python3-qt5-base is signed with Red Hat redhatrelease2 key
  • python3-qt5-devel is earlier than 0:5.13.1-1.el8
  • AND python3-qt5-devel is signed with Red Hat redhatrelease2 key
  • qgnomeplatform is earlier than 0:0.4-3.el8
  • AND qgnomeplatform is signed with Red Hat redhatrelease2 key
  • qt5-devel is earlier than 0:5.12.5-3.el8
  • AND qt5-devel is signed with Red Hat redhatrelease2 key
  • qt5-rpm-macros is earlier than 0:5.12.5-3.el8
  • AND qt5-rpm-macros is signed with Red Hat redhatrelease2 key
  • qt5-srpm-macros is earlier than 0:5.12.5-3.el8
  • AND qt5-srpm-macros is signed with Red Hat redhatrelease2 key
  • qt5-qt3d is earlier than 0:5.12.5-2.el8
  • AND qt5-qt3d is signed with Red Hat redhatrelease2 key
  • qt5-qt3d-devel is earlier than 0:5.12.5-2.el8
  • AND qt5-qt3d-devel is signed with Red Hat redhatrelease2 key
  • qt5-qt3d-examples is earlier than 0:5.12.5-2.el8
  • AND qt5-qt3d-examples is signed with Red Hat redhatrelease2 key
  • qt5-qtcanvas3d is earlier than 0:5.12.5-1.el8
  • AND qt5-qtcanvas3d is signed with Red Hat redhatrelease2 key
  • qt5-qtcanvas3d-examples is earlier than 0:5.12.5-1.el8
  • AND qt5-qtcanvas3d-examples is signed with Red Hat redhatrelease2 key
  • qt5-qtconnectivity is earlier than 0:5.12.5-1.el8
  • AND qt5-qtconnectivity is signed with Red Hat redhatrelease2 key
  • qt5-qtconnectivity-devel is earlier than 0:5.12.5-1.el8
  • AND qt5-qtconnectivity-devel is signed with Red Hat redhatrelease2 key
  • qt5-qtconnectivity-examples is earlier than 0:5.12.5-1.el8
  • AND qt5-qtconnectivity-examples is signed with Red Hat redhatrelease2 key
  • qt5-qtdeclarative is earlier than 0:5.12.5-1.el8
  • AND qt5-qtdeclarative is signed with Red Hat redhatrelease2 key
  • qt5-qtdeclarative-devel is earlier than 0:5.12.5-1.el8
  • AND qt5-qtdeclarative-devel is signed with Red Hat redhatrelease2 key
  • qt5-qtdeclarative-examples is earlier than 0:5.12.5-1.el8
  • AND qt5-qtdeclarative-examples is signed with Red Hat redhatrelease2 key
  • qt5-qtdeclarative-static is earlier than 0:5.12.5-1.el8
  • AND qt5-qtdeclarative-static is signed with Red Hat redhatrelease2 key
  • qt5-qtdoc is earlier than 0:5.12.5-1.el8
  • AND qt5-qtdoc is signed with Red Hat redhatrelease2 key
  • qt5-qtgraphicaleffects is earlier than 0:5.12.5-1.el8
  • AND qt5-qtgraphicaleffects is signed with Red Hat redhatrelease2 key
  • qt5-qtimageformats is earlier than 0:5.12.5-1.el8
  • AND qt5-qtimageformats is signed with Red Hat redhatrelease2 key
  • qt5-qtlocation is earlier than 0:5.12.5-1.el8
  • AND qt5-qtlocation is signed with Red Hat redhatrelease2 key
  • qt5-qtlocation-devel is earlier than 0:5.12.5-1.el8
  • AND qt5-qtlocation-devel is signed with Red Hat redhatrelease2 key
  • qt5-qtlocation-examples is earlier than 0:5.12.5-1.el8
  • AND qt5-qtlocation-examples is signed with Red Hat redhatrelease2 key
  • qt5-qtmultimedia is earlier than 0:5.12.5-1.el8
  • AND qt5-qtmultimedia is signed with Red Hat redhatrelease2 key
  • qt5-qtmultimedia-devel is earlier than 0:5.12.5-1.el8
  • AND qt5-qtmultimedia-devel is signed with Red Hat redhatrelease2 key
  • qt5-qtmultimedia-examples is earlier than 0:5.12.5-1.el8
  • AND qt5-qtmultimedia-examples is signed with Red Hat redhatrelease2 key
  • qt5-qtquickcontrols is earlier than 0:5.12.5-1.el8
  • AND qt5-qtquickcontrols is signed with Red Hat redhatrelease2 key
  • qt5-qtquickcontrols-examples is earlier than 0:5.12.5-1.el8
  • AND qt5-qtquickcontrols-examples is signed with Red Hat redhatrelease2 key
  • qt5-qtquickcontrols2 is earlier than 0:5.12.5-1.el8
  • AND qt5-qtquickcontrols2 is signed with Red Hat redhatrelease2 key
  • qt5-qtquickcontrols2-devel is earlier than 0:5.12.5-1.el8
  • AND qt5-qtquickcontrols2-devel is signed with Red Hat redhatrelease2 key
  • qt5-qtquickcontrols2-examples is earlier than 0:5.12.5-1.el8
  • AND qt5-qtquickcontrols2-examples is signed with Red Hat redhatrelease2 key
  • qt5-qtscript is earlier than 0:5.12.5-1.el8
  • AND qt5-qtscript is signed with Red Hat redhatrelease2 key
  • qt5-qtscript-devel is earlier than 0:5.12.5-1.el8
  • AND qt5-qtscript-devel is signed with Red Hat redhatrelease2 key
  • qt5-qtscript-examples is earlier than 0:5.12.5-1.el8
  • AND qt5-qtscript-examples is signed with Red Hat redhatrelease2 key
  • qt5-qtsensors is earlier than 0:5.12.5-1.el8
  • AND qt5-qtsensors is signed with Red Hat redhatrelease2 key
  • qt5-qtsensors-devel is earlier than 0:5.12.5-1.el8
  • AND qt5-qtsensors-devel is signed with Red Hat redhatrelease2 key
  • qt5-qtsensors-examples is earlier than 0:5.12.5-1.el8
  • AND qt5-qtsensors-examples is signed with Red Hat redhatrelease2 key
  • qt5-qtserialbus is earlier than 0:5.12.5-1.el8
  • AND qt5-qtserialbus is signed with Red Hat redhatrelease2 key
  • qt5-qtserialbus-examples is earlier than 0:5.12.5-1.el8
  • AND qt5-qtserialbus-examples is signed with Red Hat redhatrelease2 key
  • qt5-qtserialport is earlier than 0:5.12.5-1.el8
  • AND qt5-qtserialport is signed with Red Hat redhatrelease2 key
  • qt5-qtserialport-devel is earlier than 0:5.12.5-1.el8
  • AND qt5-qtserialport-devel is signed with Red Hat redhatrelease2 key
  • qt5-qtserialport-examples is earlier than 0:5.12.5-1.el8
  • AND qt5-qtserialport-examples is signed with Red Hat redhatrelease2 key
  • qt5-qtsvg is earlier than 0:5.12.5-1.el8
  • AND qt5-qtsvg is signed with Red Hat redhatrelease2 key
  • qt5-qtsvg-devel is earlier than 0:5.12.5-1.el8
  • AND qt5-qtsvg-devel is signed with Red Hat redhatrelease2 key
  • qt5-qtsvg-examples is earlier than 0:5.12.5-1.el8
  • AND qt5-qtsvg-examples is signed with Red Hat redhatrelease2 key
  • qt5-assistant is earlier than 0:5.12.5-1.el8
  • AND qt5-assistant is signed with Red Hat redhatrelease2 key
  • qt5-designer is earlier than 0:5.12.5-1.el8
  • AND qt5-designer is signed with Red Hat redhatrelease2 key
  • qt5-doctools is earlier than 0:5.12.5-1.el8
  • AND qt5-doctools is signed with Red Hat redhatrelease2 key
  • qt5-linguist is earlier than 0:5.12.5-1.el8
  • AND qt5-linguist is signed with Red Hat redhatrelease2 key
  • qt5-qdbusviewer is earlier than 0:5.12.5-1.el8
  • AND qt5-qdbusviewer is signed with Red Hat redhatrelease2 key
  • qt5-qttools is earlier than 0:5.12.5-1.el8
  • AND qt5-qttools is signed with Red Hat redhatrelease2 key
  • qt5-qttools-common is earlier than 0:5.12.5-1.el8
  • AND qt5-qttools-common is signed with Red Hat redhatrelease2 key
  • qt5-qttools-devel is earlier than 0:5.12.5-1.el8
  • AND qt5-qttools-devel is signed with Red Hat redhatrelease2 key
  • qt5-qttools-examples is earlier than 0:5.12.5-1.el8
  • AND qt5-qttools-examples is signed with Red Hat redhatrelease2 key
  • qt5-qttools-libs-designer is earlier than 0:5.12.5-1.el8
  • AND qt5-qttools-libs-designer is signed with Red Hat redhatrelease2 key
  • qt5-qttools-libs-designercomponents is earlier than 0:5.12.5-1.el8
  • AND qt5-qttools-libs-designercomponents is signed with Red Hat redhatrelease2 key
  • qt5-qttools-libs-help is earlier than 0:5.12.5-1.el8
  • AND qt5-qttools-libs-help is signed with Red Hat redhatrelease2 key
  • qt5-qttools-static is earlier than 0:5.12.5-1.el8
  • AND qt5-qttools-static is signed with Red Hat redhatrelease2 key
  • qt5-qttranslations is earlier than 0:5.12.5-1.el8
  • AND qt5-qttranslations is signed with Red Hat redhatrelease2 key
  • qt5-qtwayland is earlier than 0:5.12.5-1.el8
  • AND qt5-qtwayland is signed with Red Hat redhatrelease2 key
  • qt5-qtwayland-devel is earlier than 0:5.12.5-1.el8
  • AND qt5-qtwayland-devel is signed with Red Hat redhatrelease2 key
  • qt5-qtwayland-examples is earlier than 0:5.12.5-1.el8
  • AND qt5-qtwayland-examples is signed with Red Hat redhatrelease2 key
  • qt5-qtwebchannel is earlier than 0:5.12.5-1.el8
  • AND qt5-qtwebchannel is signed with Red Hat redhatrelease2 key
  • qt5-qtwebchannel-devel is earlier than 0:5.12.5-1.el8
  • AND qt5-qtwebchannel-devel is signed with Red Hat redhatrelease2 key
  • qt5-qtwebchannel-examples is earlier than 0:5.12.5-1.el8
  • AND qt5-qtwebchannel-examples is signed with Red Hat redhatrelease2 key
  • qt5-qtwebsockets is earlier than 0:5.12.5-1.el8
  • AND qt5-qtwebsockets is signed with Red Hat redhatrelease2 key
  • qt5-qtwebsockets-devel is earlier than 0:5.12.5-1.el8
  • AND qt5-qtwebsockets-devel is signed with Red Hat redhatrelease2 key
  • qt5-qtwebsockets-examples is earlier than 0:5.12.5-1.el8
  • AND qt5-qtwebsockets-examples is signed with Red Hat redhatrelease2 key
  • qt5-qtx11extras is earlier than 0:5.12.5-1.el8
  • AND qt5-qtx11extras is signed with Red Hat redhatrelease2 key
  • qt5-qtx11extras-devel is earlier than 0:5.12.5-1.el8
  • AND qt5-qtx11extras-devel is signed with Red Hat redhatrelease2 key
  • qt5-qtxmlpatterns is earlier than 0:5.12.5-1.el8
  • AND qt5-qtxmlpatterns is signed with Red Hat redhatrelease2 key
  • qt5-qtxmlpatterns-devel is earlier than 0:5.12.5-1.el8
  • AND qt5-qtxmlpatterns-devel is signed with Red Hat redhatrelease2 key
  • qt5-qtxmlpatterns-examples is earlier than 0:5.12.5-1.el8
  • AND qt5-qtxmlpatterns-examples is signed with Red Hat redhatrelease2 key
  • python3-pyqt5-sip is earlier than 0:4.19.19-1.el8
  • AND python3-pyqt5-sip is signed with Red Hat redhatrelease2 key
  • python3-sip-devel is earlier than 0:4.19.19-1.el8
  • AND python3-sip-devel is signed with Red Hat redhatrelease2 key
  • sip is earlier than 0:4.19.19-1.el8
  • AND sip is signed with Red Hat redhatrelease2 key
  • qt5-qtbase is earlier than 0:5.12.5-4.el8
  • AND qt5-qtbase is signed with Red Hat redhatrelease2 key
  • qt5-qtbase-common is earlier than 0:5.12.5-4.el8
  • AND qt5-qtbase-common is signed with Red Hat redhatrelease2 key
  • qt5-qtbase-devel is earlier than 0:5.12.5-4.el8
  • AND qt5-qtbase-devel is signed with Red Hat redhatrelease2 key
  • qt5-qtbase-examples is earlier than 0:5.12.5-4.el8
  • AND qt5-qtbase-examples is signed with Red Hat redhatrelease2 key
  • qt5-qtbase-gui is earlier than 0:5.12.5-4.el8
  • AND qt5-qtbase-gui is signed with Red Hat redhatrelease2 key
  • qt5-qtbase-mysql is earlier than 0:5.12.5-4.el8
  • AND qt5-qtbase-mysql is signed with Red Hat redhatrelease2 key
  • qt5-qtbase-odbc is earlier than 0:5.12.5-4.el8
  • AND qt5-qtbase-odbc is signed with Red Hat redhatrelease2 key
  • qt5-qtbase-postgresql is earlier than 0:5.12.5-4.el8
  • AND qt5-qtbase-postgresql is signed with Red Hat redhatrelease2 key
  • qt5-qtbase-private-devel is earlier than 0:5.12.5-4.el8
  • AND qt5-qtbase-private-devel is signed with Red Hat redhatrelease2 key
  • qt5-qtbase-static is earlier than 0:5.12.5-4.el8
  • AND qt5-qtbase-static is signed with Red Hat redhatrelease2 key
    • BACK