CVE-2020-17507: An issue was discovered in Qt through 5.12.9, and 5.13.x through 5.15.x before 5.15.1. read_xbm_body in gui/image/qxbmhandler.cpp has a buffer over-read. Patch: https://codereview.qt-project.org/c/qt/qtbase/+/308496/2/src/gui/image/qxbmhandler.cpp
ping
Chiitoo, I just had a look, and it seems like Debian backported it to 5.14.x too: https://sources.debian.org/patches/qtbase-opensource-src/5.14.2+dfsg-6/CVE-2020-17507.diff/ Much smaller, interestingly.
(In reply to Sam James from comment #2) > Chiitoo, I just had a look, and it seems like Debian backported it to 5.14.x > too: > https://sources.debian.org/patches/qtbase-opensource-src/5.14.2+dfsg-6/CVE- > 2020-17507.diff/ > > Much smaller, interestingly. I guess we could do that too. They don't seem to bother with patching the test parts, and I'm not entirely sure if we use those parts either in any situation...
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=621b799854a30f790193cf9f6177cb297048412a commit 621b799854a30f790193cf9f6177cb297048412a Author: Jimi Huotari <chiitoo@gentoo.org> AuthorDate: 2020-08-20 12:03:19 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2020-08-22 18:52:22 +0000 dev-qt/qtgui: fix CVE-2020-17507 Upstream commit: https://code.qt.io/cgit/qt/qtbase.git/commit/?id=1616c719 Reported-by: John Helmert III (ajak) <jchelmert3@posteo.net> Bug: https://bugs.gentoo.org/736924 Package-Manager: Portage-3.0.4, Repoman-3.0.1 Signed-off-by: Jimi Huotari <chiitoo@gentoo.org> Closes: https://github.com/gentoo/gentoo/pull/17183 Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org> .../qtgui/files/qtgui-5.14.2-CVE-2020-17507.patch | 39 +++++ dev-qt/qtgui/qtgui-5.14.2-r1.ebuild | 185 +++++++++++++++++++++ dev-qt/qtgui/qtgui-5.15.0-r1.ebuild | 185 +++++++++++++++++++++ 3 files changed, 409 insertions(+)
Thanks.
arm64 done
arm done
amd64 done
x86 done
ppc64 done
ppc done all arches done
Please cleanup.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b63131a033258484a470290415c50cde1e6c63d2 commit b63131a033258484a470290415c50cde1e6c63d2 Author: Andreas Sturmlechner <asturm@gentoo.org> AuthorDate: 2020-08-31 19:58:21 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2020-08-31 19:58:44 +0000 dev-qt/qtgui: Cleanup vulnerable 5.14.2 (r0) Bug: https://bugs.gentoo.org/736924 Package-Manager: Portage-3.0.5, Repoman-3.0.1 Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org> dev-qt/qtgui/qtgui-5.14.2.ebuild | 184 --------------------------------------- 1 file changed, 184 deletions(-)
New GLSA request filed.
This issue was resolved and addressed in GLSA 202009-04 at https://security.gentoo.org/glsa/202009-04 by GLSA coordinator Thomas Deutschmann (whissi).