Test ID:	1.3.6.1.4.1.25623.1.1.10.2021.0493
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2021-0493)
Summary:	The remote host is missing an update for the 'qtbase5' package(s) announced via the MGASA-2021-0493 advisory.
Description:	Summary: The remote host is missing an update for the 'qtbase5' package(s) announced via the MGASA-2021-0493 advisory. Vulnerability Insight: It was discovered that Qt incorrectly handled certain XBM image files. If a user or automated system were tricked into opening a specially crafted PPM file, a remote attacker could cause Qt to crash, resulting in a denial of service. (CVE-2020-17507) It was discovered that Qt incorrectly handled certain graphics operations. If a user or automated system were tricked into performing certain graphics operations, a remote attacker could cause Qt to crash, resulting in a denial of service. (CVE-2021-38593) Affected Software/OS: 'qtbase5' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2020-17507 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NBPZVZNEYXGATTXM4WOE7OQ55VAKPVD6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/426FCC6JNK4JUEX5QHJQDYQ6MUVQ3E6P/ https://security.gentoo.org/glsa/202009-04 https://codereview.qt-project.org/c/qt/qtbase/+/308436 https://codereview.qt-project.org/c/qt/qtbase/+/308495 https://codereview.qt-project.org/c/qt/qtbase/+/308496 https://lists.debian.org/debian-lts-announce/2020/09/msg00024.html https://lists.debian.org/debian-lts-announce/2020/09/msg00023.html SuSE Security Announcement: openSUSE-SU-2020:1452 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00057.html SuSE Security Announcement: openSUSE-SU-2020:1500 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00071.html SuSE Security Announcement: openSUSE-SU-2020:1501 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00073.html SuSE Security Announcement: openSUSE-SU-2020:1530 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00090.html SuSE Security Announcement: openSUSE-SU-2020:1564 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00104.html SuSE Security Announcement: openSUSE-SU-2020:1568 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00105.html Common Vulnerability Exposure (CVE) ID: CVE-2021-38593 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HY5YCSDCTLHVMP3OXOM6HNTWHV6DBHDX/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36VN2WKMNQUSTF6ZW2X52NPAJVXJ4S5I/ https://security.gentoo.org/glsa/202402-03 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35566 https://github.com/google/oss-fuzz-vulns/blob/main/vulns/qt/OSV-2021-903.yaml https://github.com/qt/qtbase/commit/1ca02cf2879a5e1511a2f2109f0925cf4c892862 https://github.com/qt/qtbase/commit/202143ba41f6ac574f1858214ed8bf4a38b73ccd https://github.com/qt/qtbase/commit/6b400e3147dcfd8cc3a393ace1bd118c93762e0c https://wiki.qt.io/Qt_5.15_Release#Known_Issues https://www.qt.io/blog/qt-5.15-extended-support-for-subscription-license-holders
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.