Summary: | <dev-qt/qtsvg-5.15.9-r1: Uninitialized variable usage in m_unitsPerEm | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | ajak, qt |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://invent.kde.org/qt/qt/qtsvg/-/commit/837b5163e17edbd3a9f098e9a1ab73febab419b4 | ||
Whiteboard: | B4 [glsa+] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 905842 | ||
Bug Blocks: |
Description
Sam James
2023-05-15 19:21:30 UTC
Stable bug is done so only really need qt@ to confirm this is the same bug fixed in 5.15.9-r1. That's what that commit appeared to do. See also: https://www.qt.io/blog/security-advisory-qt-svg https://download.qt.io/official_releases/qt/5.15/CVE-2023-32573-qtsvg-5.15.diff The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=2456b87477e6ccf454b884c2405316b8102a652b commit 2456b87477e6ccf454b884c2405316b8102a652b Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-05-08 09:13:29 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-05-08 09:13:49 +0000 [ GLSA 202405-26 ] qtsvg: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/830381 Bug: https://bugs.gentoo.org/906465 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202405-26.xml | 44 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) |