 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.1.10.2021.0200 |
| Category: | Mageia Linux Local Security Checks |
| Title: | Mageia: Security Advisory (MGASA-2021-0200) |
| Summary: | The remote host is missing an update for the 'qtbase5' package(s) announced via the MGASA-2021-0200 advisory. |
| Description: | Summary: The remote host is missing an update for the 'qtbase5' package(s) announced via the MGASA-2021-0200 advisory. Vulnerability Insight: QSslSocket incorrectly calls SSL_shutdown() in OpenSSL mid-handshake causing denial of service in TLS applications (CVE-2020-13962) This update provides additionals fixes: - Check that the sizes are even representable when checking if clipping is necessary (P300) - Multiply instead of shifting, The shift operator is undefined for negative values. (P301) - Check returns of hex2int in get_hex_rgb, Avoids undefined behavior when trying to shift negative values. (P302) - Sanitize lengthValue in CSS parser, Limit the LengthData to the integer range before rounding it, taking into account that qRound() subtracts 1 from negative values. (P303) - QBezier: Don't try calculating a unit vector when length is null. It's undefined and causes a division by zero. (P304) - Avoid potential ub in corrupt bmp file. biHeight may be int_min, in which case qAbs - wasm: disable XDG_RUNTIME_DIR warning XDG is not very relevant on the Web platform. (P306) - Use SOURCE_DATE_EPOCH. Use the standard variable name in addition to the QT-specific one to make builds reproducible out-of-the-box (P308) - Fix notification of QDockWidget when it gets undocked (P309) - Synthesize Enter/LeaveEvent for accepted QTabletEvent (P310) - Fix crash when running QtCore: Stack is misaligned on x86-64 (P311) - Add support for PostgreSQL 12 (P312) - QStandardPaths: Correct handling for XDG_RUNTIME_DIR (P313) - QStandardPaths/Unix: improve the XDG_RUNTIME_DIR creation/detection (P312) - Add remote print queue support (P313) Affected Software/OS: 'qtbase5' package(s) on Mageia 7. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2020-13962 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQJDBZUYMMF4R5QQKD2HTIKQU2NSKO63/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4X6EDPIIAQPVP2CHL2CHDHJ25EECA7UE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V3IZY7LKJ6NAXQDFYFR4S7L5BBHYK53K/ https://security.gentoo.org/glsa/202007-18 https://bugreports.qt.io/browse/QTBUG-83450 https://github.com/mumble-voip/mumble/issues/3679 https://github.com/mumble-voip/mumble/pull/4032 SuSE Security Announcement: openSUSE-SU-2020:1319 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00004.html |
| Copyright | Copyright (C) 2022 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |