Security update for libqt4 SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2015:1359-1 Final 1 1 2015-05-27T13:53:24Z current 2015-05-27T13:53:24Z 2015-05-27T13:53:24Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for libqt4 The libqt4 library was updated to fix several security and non security issues. The following vulnerabilities were fixed: - bsc#921999: CVE-2015-0295: division by zero when processing malformed BMP files - bsc#927806: CVE-2015-1858: segmentation fault in BMP Qt Image Format Handling - bsc#927807: CVE-2015-1859: segmentation fault in ICO Qt Image Format Handling - bsc#927808: CVE-2015-1860: segmentation fault in GIF Qt Image Format Handling The following non-secuirty issues were fixed: - bsc#929688: Critical Problem in Qt Network Stack - bsc#847880: kde/qt rendering error in qemu cirrus i586 - Update use-freetype-default.diff to use same method as with libqt5-qtbase package: Qt itself already does runtime check whether subpixel rendering is available, but only when FT_CONFIG_OPTION_SUBPIXEL_RENDERING is defined. Thus it is enough to only remove that condition - The -devel subpackage requires Mesa-devel, not only at build time - Fixed compilation on SLE_11_SP3 by making it build against Mesa-devel on that system - Replace patch l-qclipboard_fix_recursive.patch with qtcore-4.8.5-qeventdispatcher-recursive.patch. The later one seems to work better and really resolves the issue in LibreOffice - Added kde4_qt_plugin_path.patch, so kde4 plugins are magically found/known outside kde4 enviroment/session - added _constraints. building took up to 7GB of disk space on s390x, and more than 6GB on x86_64 - Add 3 patches for Qt bugs to make LibreOffice KDE4 file picker work properly again: * Add glib-honor-ExcludeSocketNotifiers-flag.diff (QTBUG-37380) * Add l-qclipboard_fix_recursive.patch (QTBUG-34614) * Add l-qclipboard_delay.patch (QTBUG-38585) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-SLE-DESKTOP-12-2015-380,SUSE-SLE-SDK-12-2015-380,SUSE-SLE-SERVER-12-2015-380,SUSE-SLE-WE-12-2015-380 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2015/suse-su-20151359-1/ Link for SUSE-SU-2015:1359-1 https://lists.suse.com/pipermail/sle-security-updates/2015-August/001528.html E-Mail link for SUSE-SU-2015:1359-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/847880 SUSE Bug 847880 https://bugzilla.suse.com/921999 SUSE Bug 921999 https://bugzilla.suse.com/927806 SUSE Bug 927806 https://bugzilla.suse.com/927807 SUSE Bug 927807 https://bugzilla.suse.com/927808 SUSE Bug 927808 https://bugzilla.suse.com/929688 SUSE Bug 929688 https://www.suse.com/security/cve/CVE-2015-0295/ SUSE CVE CVE-2015-0295 page https://www.suse.com/security/cve/CVE-2015-1858/ SUSE CVE CVE-2015-1858 page https://www.suse.com/security/cve/CVE-2015-1859/ SUSE CVE CVE-2015-1859 page https://www.suse.com/security/cve/CVE-2015-1860/ SUSE CVE CVE-2015-1860 page SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server for SAP Applications 12 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Workstation Extension 12 libqt4-4.8.6-4.2 libqt4-32bit-4.8.6-4.2 libqt4-qt3support-4.8.6-4.2 libqt4-qt3support-32bit-4.8.6-4.2 libqt4-sql-4.8.6-4.2 libqt4-sql-32bit-4.8.6-4.2 libqt4-sql-mysql-4.8.6-4.1 libqt4-sql-mysql-32bit-4.8.6-4.1 libqt4-sql-postgresql-4.8.6-4.1 libqt4-sql-postgresql-32bit-4.8.6-4.1 libqt4-sql-sqlite-4.8.6-4.2 libqt4-sql-sqlite-32bit-4.8.6-4.2 libqt4-sql-unixODBC-4.8.6-4.1 libqt4-sql-unixODBC-32bit-4.8.6-4.1 libqt4-x11-4.8.6-4.2 libqt4-x11-32bit-4.8.6-4.2 libqt4-devel-4.8.6-4.2 libqt4-devel-doc-4.8.6-4.6 libqt4-devel-doc-data-4.8.6-4.6 libqt4-linguist-4.8.6-4.2 libqt4-private-headers-devel-4.8.6-4.2 qt4-x11-tools-4.8.6-4.6 libqt4-4.8.6-4.2 as a component of SUSE Linux Enterprise Desktop 12 libqt4-32bit-4.8.6-4.2 as a component of SUSE Linux Enterprise Desktop 12 libqt4-qt3support-4.8.6-4.2 as a component of SUSE Linux Enterprise Desktop 12 libqt4-qt3support-32bit-4.8.6-4.2 as a component of SUSE Linux Enterprise Desktop 12 libqt4-sql-4.8.6-4.2 as a component of SUSE Linux Enterprise Desktop 12 libqt4-sql-32bit-4.8.6-4.2 as a component of SUSE Linux Enterprise Desktop 12 libqt4-sql-mysql-4.8.6-4.1 as a component of SUSE Linux Enterprise Desktop 12 libqt4-sql-mysql-32bit-4.8.6-4.1 as a component of SUSE Linux Enterprise Desktop 12 libqt4-sql-postgresql-4.8.6-4.1 as a component of SUSE Linux Enterprise Desktop 12 libqt4-sql-postgresql-32bit-4.8.6-4.1 as a component of SUSE Linux Enterprise Desktop 12 libqt4-sql-sqlite-4.8.6-4.2 as a component of SUSE Linux Enterprise Desktop 12 libqt4-sql-sqlite-32bit-4.8.6-4.2 as a component of SUSE Linux Enterprise Desktop 12 libqt4-sql-unixODBC-4.8.6-4.1 as a component of SUSE Linux Enterprise Desktop 12 libqt4-sql-unixODBC-32bit-4.8.6-4.1 as a component of SUSE Linux Enterprise Desktop 12 libqt4-x11-4.8.6-4.2 as a component of SUSE Linux Enterprise Desktop 12 libqt4-x11-32bit-4.8.6-4.2 as a component of SUSE Linux Enterprise Desktop 12 libqt4-4.8.6-4.2 as a component of SUSE Linux Enterprise Server 12 libqt4-32bit-4.8.6-4.2 as a component of SUSE Linux Enterprise Server 12 libqt4-qt3support-4.8.6-4.2 as a component of SUSE Linux Enterprise Server 12 libqt4-qt3support-32bit-4.8.6-4.2 as a component of SUSE Linux Enterprise Server 12 libqt4-sql-4.8.6-4.2 as a component of SUSE Linux Enterprise Server 12 libqt4-sql-32bit-4.8.6-4.2 as a component of SUSE Linux Enterprise Server 12 libqt4-sql-mysql-4.8.6-4.1 as a component of SUSE Linux Enterprise Server 12 libqt4-sql-sqlite-4.8.6-4.2 as a component of SUSE Linux Enterprise Server 12 libqt4-x11-4.8.6-4.2 as a component of SUSE Linux Enterprise Server 12 libqt4-x11-32bit-4.8.6-4.2 as a component of SUSE Linux Enterprise Server 12 qt4-x11-tools-4.8.6-4.6 as a component of SUSE Linux Enterprise Server 12 libqt4-4.8.6-4.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 libqt4-32bit-4.8.6-4.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 libqt4-qt3support-4.8.6-4.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 libqt4-qt3support-32bit-4.8.6-4.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 libqt4-sql-4.8.6-4.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 libqt4-sql-32bit-4.8.6-4.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 libqt4-sql-mysql-4.8.6-4.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 libqt4-sql-sqlite-4.8.6-4.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 libqt4-x11-4.8.6-4.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 libqt4-x11-32bit-4.8.6-4.2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 qt4-x11-tools-4.8.6-4.6 as a component of SUSE Linux Enterprise Server for SAP Applications 12 libqt4-devel-4.8.6-4.2 as a component of SUSE Linux Enterprise Software Development Kit 12 libqt4-devel-doc-4.8.6-4.6 as a component of SUSE Linux Enterprise Software Development Kit 12 libqt4-devel-doc-data-4.8.6-4.6 as a component of SUSE Linux Enterprise Software Development Kit 12 libqt4-linguist-4.8.6-4.2 as a component of SUSE Linux Enterprise Software Development Kit 12 libqt4-private-headers-devel-4.8.6-4.2 as a component of SUSE Linux Enterprise Software Development Kit 12 libqt4-sql-postgresql-4.8.6-4.1 as a component of SUSE Linux Enterprise Software Development Kit 12 libqt4-sql-postgresql-32bit-4.8.6-4.1 as a component of SUSE Linux Enterprise Software Development Kit 12 libqt4-sql-unixODBC-4.8.6-4.1 as a component of SUSE Linux Enterprise Software Development Kit 12 libqt4-sql-unixODBC-32bit-4.8.6-4.1 as a component of SUSE Linux Enterprise Software Development Kit 12 libqt4-sql-mysql-32bit-4.8.6-4.1 as a component of SUSE Linux Enterprise Workstation Extension 12 libqt4-sql-postgresql-4.8.6-4.1 as a component of SUSE Linux Enterprise Workstation Extension 12 libqt4-sql-postgresql-32bit-4.8.6-4.1 as a component of SUSE Linux Enterprise Workstation Extension 12 libqt4-sql-sqlite-32bit-4.8.6-4.2 as a component of SUSE Linux Enterprise Workstation Extension 12 libqt4-sql-unixODBC-4.8.6-4.1 as a component of SUSE Linux Enterprise Workstation Extension 12 libqt4-sql-unixODBC-32bit-4.8.6-4.1 as a component of SUSE Linux Enterprise Workstation Extension 12 The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service (divide-by-zero and crash) via a crafted BMP file. CVE-2015-0295 SUSE Linux Enterprise Desktop 12:libqt4-32bit-4.8.6-4.2 SUSE Linux Enterprise Desktop 12:libqt4-4.8.6-4.2 SUSE Linux Enterprise Desktop 12:libqt4-qt3support-32bit-4.8.6-4.2 SUSE Linux Enterprise Desktop 12:libqt4-qt3support-4.8.6-4.2 SUSE Linux Enterprise Desktop 12:libqt4-sql-32bit-4.8.6-4.2 SUSE Linux Enterprise Desktop 12:libqt4-sql-4.8.6-4.2 SUSE Linux Enterprise Desktop 12:libqt4-sql-mysql-32bit-4.8.6-4.1 SUSE Linux Enterprise Desktop 12:libqt4-sql-mysql-4.8.6-4.1 SUSE Linux Enterprise Desktop 12:libqt4-sql-postgresql-32bit-4.8.6-4.1 SUSE Linux Enterprise Desktop 12:libqt4-sql-postgresql-4.8.6-4.1 SUSE Linux Enterprise Desktop 12:libqt4-sql-sqlite-32bit-4.8.6-4.2 SUSE Linux Enterprise Desktop 12:libqt4-sql-sqlite-4.8.6-4.2 SUSE Linux Enterprise Desktop 12:libqt4-sql-unixODBC-32bit-4.8.6-4.1 SUSE Linux Enterprise Desktop 12:libqt4-sql-unixODBC-4.8.6-4.1 SUSE Linux Enterprise Desktop 12:libqt4-x11-32bit-4.8.6-4.2 SUSE Linux Enterprise Desktop 12:libqt4-x11-4.8.6-4.2 SUSE Linux Enterprise Server 12:libqt4-32bit-4.8.6-4.2 SUSE Linux Enterprise Server 12:libqt4-4.8.6-4.2 SUSE Linux Enterprise Server 12:libqt4-qt3support-32bit-4.8.6-4.2 SUSE Linux Enterprise Server 12:libqt4-qt3support-4.8.6-4.2 SUSE Linux Enterprise Server 12:libqt4-sql-32bit-4.8.6-4.2 SUSE Linux Enterprise Server 12:libqt4-sql-4.8.6-4.2 SUSE Linux Enterprise Server 12:libqt4-sql-mysql-4.8.6-4.1 SUSE Linux Enterprise Server 12:libqt4-sql-sqlite-4.8.6-4.2 SUSE Linux Enterprise Server 12:libqt4-x11-32bit-4.8.6-4.2 SUSE Linux Enterprise Server 12:libqt4-x11-4.8.6-4.2 SUSE Linux Enterprise Server 12:qt4-x11-tools-4.8.6-4.6 SUSE Linux Enterprise Server for SAP Applications 12:libqt4-32bit-4.8.6-4.2 SUSE Linux Enterprise Server for SAP Applications 12:libqt4-4.8.6-4.2 SUSE Linux Enterprise Server for SAP Applications 12:libqt4-qt3support-32bit-4.8.6-4.2 SUSE Linux Enterprise Server for SAP Applications 12:libqt4-qt3support-4.8.6-4.2 SUSE Linux Enterprise Server for SAP Applications 12:libqt4-sql-32bit-4.8.6-4.2 SUSE Linux Enterprise Server for SAP Applications 12:libqt4-sql-4.8.6-4.2 SUSE Linux Enterprise Server for SAP Applications 12:libqt4-sql-mysql-4.8.6-4.1 SUSE Linux Enterprise Server for SAP Applications 12:libqt4-sql-sqlite-4.8.6-4.2 SUSE Linux Enterprise Server for SAP Applications 12:libqt4-x11-32bit-4.8.6-4.2 SUSE Linux Enterprise Server for SAP Applications 12:libqt4-x11-4.8.6-4.2 SUSE Linux Enterprise Server for SAP Applications 12:qt4-x11-tools-4.8.6-4.6 SUSE Linux Enterprise Software Development Kit 12:libqt4-devel-4.8.6-4.2 SUSE Linux Enterprise Software Development Kit 12:libqt4-devel-doc-4.8.6-4.6 SUSE Linux Enterprise Software Development Kit 12:libqt4-devel-doc-data-4.8.6-4.6 SUSE Linux Enterprise Software Development Kit 12:libqt4-linguist-4.8.6-4.2 SUSE Linux Enterprise Software Development Kit 12:libqt4-private-headers-devel-4.8.6-4.2 SUSE Linux Enterprise Software Development Kit 12:libqt4-sql-postgresql-32bit-4.8.6-4.1 SUSE Linux Enterprise Software Development Kit 12:libqt4-sql-postgresql-4.8.6-4.1 SUSE Linux Enterprise Software Development Kit 12:libqt4-sql-unixODBC-32bit-4.8.6-4.1 SUSE Linux Enterprise Software Development Kit 12:libqt4-sql-unixODBC-4.8.6-4.1 SUSE Linux Enterprise Workstation Extension 12:libqt4-sql-mysql-32bit-4.8.6-4.1 SUSE Linux Enterprise Workstation Extension 12:libqt4-sql-postgresql-32bit-4.8.6-4.1 SUSE Linux Enterprise Workstation Extension 12:libqt4-sql-postgresql-4.8.6-4.1 SUSE Linux Enterprise Workstation Extension 12:libqt4-sql-sqlite-32bit-4.8.6-4.2 SUSE Linux Enterprise Workstation Extension 12:libqt4-sql-unixODBC-32bit-4.8.6-4.1 SUSE Linux Enterprise Workstation Extension 12:libqt4-sql-unixODBC-4.8.6-4.1 low 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151359-1/ https://www.suse.com/security/cve/CVE-2015-0295.html CVE-2015-0295 https://bugzilla.suse.com/921999 SUSE Bug 921999 https://bugzilla.suse.com/927806 SUSE Bug 927806 https://bugzilla.suse.com/927807 SUSE Bug 927807 https://bugzilla.suse.com/927808 SUSE Bug 927808 https://bugzilla.suse.com/936523 SUSE Bug 936523 Multiple buffer overflows in gui/image/qbmphandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code via a crafted BMP image. CVE-2015-1858 SUSE Linux Enterprise Desktop 12:libqt4-32bit-4.8.6-4.2 SUSE Linux Enterprise Desktop 12:libqt4-4.8.6-4.2 SUSE Linux Enterprise Desktop 12:libqt4-qt3support-32bit-4.8.6-4.2 SUSE Linux Enterprise Desktop 12:libqt4-qt3support-4.8.6-4.2 SUSE Linux Enterprise Desktop 12:libqt4-sql-32bit-4.8.6-4.2 SUSE Linux Enterprise Desktop 12:libqt4-sql-4.8.6-4.2 SUSE Linux Enterprise Desktop 12:libqt4-sql-mysql-32bit-4.8.6-4.1 SUSE Linux Enterprise Desktop 12:libqt4-sql-mysql-4.8.6-4.1 SUSE Linux Enterprise Desktop 12:libqt4-sql-postgresql-32bit-4.8.6-4.1 SUSE Linux Enterprise Desktop 12:libqt4-sql-postgresql-4.8.6-4.1 SUSE Linux Enterprise Desktop 12:libqt4-sql-sqlite-32bit-4.8.6-4.2 SUSE Linux Enterprise Desktop 12:libqt4-sql-sqlite-4.8.6-4.2 SUSE Linux Enterprise Desktop 12:libqt4-sql-unixODBC-32bit-4.8.6-4.1 SUSE Linux Enterprise Desktop 12:libqt4-sql-unixODBC-4.8.6-4.1 SUSE Linux Enterprise Desktop 12:libqt4-x11-32bit-4.8.6-4.2 SUSE Linux Enterprise Desktop 12:libqt4-x11-4.8.6-4.2 SUSE Linux Enterprise Server 12:libqt4-32bit-4.8.6-4.2 SUSE Linux Enterprise Server 12:libqt4-4.8.6-4.2 SUSE Linux Enterprise Server 12:libqt4-qt3support-32bit-4.8.6-4.2 SUSE Linux Enterprise Server 12:libqt4-qt3support-4.8.6-4.2 SUSE Linux Enterprise Server 12:libqt4-sql-32bit-4.8.6-4.2 SUSE Linux Enterprise Server 12:libqt4-sql-4.8.6-4.2 SUSE Linux Enterprise Server 12:libqt4-sql-mysql-4.8.6-4.1 SUSE Linux Enterprise Server 12:libqt4-sql-sqlite-4.8.6-4.2 SUSE Linux Enterprise Server 12:libqt4-x11-32bit-4.8.6-4.2 SUSE Linux Enterprise Server 12:libqt4-x11-4.8.6-4.2 SUSE Linux Enterprise Server 12:qt4-x11-tools-4.8.6-4.6 SUSE Linux Enterprise Server for SAP Applications 12:libqt4-32bit-4.8.6-4.2 SUSE Linux Enterprise Server for SAP Applications 12:libqt4-4.8.6-4.2 SUSE Linux Enterprise Server for SAP Applications 12:libqt4-qt3support-32bit-4.8.6-4.2 SUSE Linux Enterprise Server for SAP Applications 12:libqt4-qt3support-4.8.6-4.2 SUSE Linux Enterprise Server for SAP Applications 12:libqt4-sql-32bit-4.8.6-4.2 SUSE Linux Enterprise Server for SAP Applications 12:libqt4-sql-4.8.6-4.2 SUSE Linux Enterprise Server for SAP Applications 12:libqt4-sql-mysql-4.8.6-4.1 SUSE Linux Enterprise Server for SAP Applications 12:libqt4-sql-sqlite-4.8.6-4.2 SUSE Linux Enterprise Server for SAP Applications 12:libqt4-x11-32bit-4.8.6-4.2 SUSE Linux Enterprise Server for SAP Applications 12:libqt4-x11-4.8.6-4.2 SUSE Linux Enterprise Server for SAP Applications 12:qt4-x11-tools-4.8.6-4.6 SUSE Linux Enterprise Software Development Kit 12:libqt4-devel-4.8.6-4.2 SUSE Linux Enterprise Software Development Kit 12:libqt4-devel-doc-4.8.6-4.6 SUSE Linux Enterprise Software Development Kit 12:libqt4-devel-doc-data-4.8.6-4.6 SUSE Linux Enterprise Software Development Kit 12:libqt4-linguist-4.8.6-4.2 SUSE Linux Enterprise Software Development Kit 12:libqt4-private-headers-devel-4.8.6-4.2 SUSE Linux Enterprise Software Development Kit 12:libqt4-sql-postgresql-32bit-4.8.6-4.1 SUSE Linux Enterprise Software Development Kit 12:libqt4-sql-postgresql-4.8.6-4.1 SUSE Linux Enterprise Software Development Kit 12:libqt4-sql-unixODBC-32bit-4.8.6-4.1 SUSE Linux Enterprise Software Development Kit 12:libqt4-sql-unixODBC-4.8.6-4.1 SUSE Linux Enterprise Workstation Extension 12:libqt4-sql-mysql-32bit-4.8.6-4.1 SUSE Linux Enterprise Workstation Extension 12:libqt4-sql-postgresql-32bit-4.8.6-4.1 SUSE Linux Enterprise Workstation Extension 12:libqt4-sql-postgresql-4.8.6-4.1 SUSE Linux Enterprise Workstation Extension 12:libqt4-sql-sqlite-32bit-4.8.6-4.2 SUSE Linux Enterprise Workstation Extension 12:libqt4-sql-unixODBC-32bit-4.8.6-4.1 SUSE Linux Enterprise Workstation Extension 12:libqt4-sql-unixODBC-4.8.6-4.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151359-1/ https://www.suse.com/security/cve/CVE-2015-1858.html CVE-2015-1858 https://bugzilla.suse.com/921999 SUSE Bug 921999 https://bugzilla.suse.com/927806 SUSE Bug 927806 https://bugzilla.suse.com/927807 SUSE Bug 927807 https://bugzilla.suse.com/927808 SUSE Bug 927808 Multiple buffer overflows in plugins/imageformats/ico/qicohandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code via a crafted ICO image. CVE-2015-1859 SUSE Linux Enterprise Desktop 12:libqt4-32bit-4.8.6-4.2 SUSE Linux Enterprise Desktop 12:libqt4-4.8.6-4.2 SUSE Linux Enterprise Desktop 12:libqt4-qt3support-32bit-4.8.6-4.2 SUSE Linux Enterprise Desktop 12:libqt4-qt3support-4.8.6-4.2 SUSE Linux Enterprise Desktop 12:libqt4-sql-32bit-4.8.6-4.2 SUSE Linux Enterprise Desktop 12:libqt4-sql-4.8.6-4.2 SUSE Linux Enterprise Desktop 12:libqt4-sql-mysql-32bit-4.8.6-4.1 SUSE Linux Enterprise Desktop 12:libqt4-sql-mysql-4.8.6-4.1 SUSE Linux Enterprise Desktop 12:libqt4-sql-postgresql-32bit-4.8.6-4.1 SUSE Linux Enterprise Desktop 12:libqt4-sql-postgresql-4.8.6-4.1 SUSE Linux Enterprise Desktop 12:libqt4-sql-sqlite-32bit-4.8.6-4.2 SUSE Linux Enterprise Desktop 12:libqt4-sql-sqlite-4.8.6-4.2 SUSE Linux Enterprise Desktop 12:libqt4-sql-unixODBC-32bit-4.8.6-4.1 SUSE Linux Enterprise Desktop 12:libqt4-sql-unixODBC-4.8.6-4.1 SUSE Linux Enterprise Desktop 12:libqt4-x11-32bit-4.8.6-4.2 SUSE Linux Enterprise Desktop 12:libqt4-x11-4.8.6-4.2 SUSE Linux Enterprise Server 12:libqt4-32bit-4.8.6-4.2 SUSE Linux Enterprise Server 12:libqt4-4.8.6-4.2 SUSE Linux Enterprise Server 12:libqt4-qt3support-32bit-4.8.6-4.2 SUSE Linux Enterprise Server 12:libqt4-qt3support-4.8.6-4.2 SUSE Linux Enterprise Server 12:libqt4-sql-32bit-4.8.6-4.2 SUSE Linux Enterprise Server 12:libqt4-sql-4.8.6-4.2 SUSE Linux Enterprise Server 12:libqt4-sql-mysql-4.8.6-4.1 SUSE Linux Enterprise Server 12:libqt4-sql-sqlite-4.8.6-4.2 SUSE Linux Enterprise Server 12:libqt4-x11-32bit-4.8.6-4.2 SUSE Linux Enterprise Server 12:libqt4-x11-4.8.6-4.2 SUSE Linux Enterprise Server 12:qt4-x11-tools-4.8.6-4.6 SUSE Linux Enterprise Server for SAP Applications 12:libqt4-32bit-4.8.6-4.2 SUSE Linux Enterprise Server for SAP Applications 12:libqt4-4.8.6-4.2 SUSE Linux Enterprise Server for SAP Applications 12:libqt4-qt3support-32bit-4.8.6-4.2 SUSE Linux Enterprise Server for SAP Applications 12:libqt4-qt3support-4.8.6-4.2 SUSE Linux Enterprise Server for SAP Applications 12:libqt4-sql-32bit-4.8.6-4.2 SUSE Linux Enterprise Server for SAP Applications 12:libqt4-sql-4.8.6-4.2 SUSE Linux Enterprise Server for SAP Applications 12:libqt4-sql-mysql-4.8.6-4.1 SUSE Linux Enterprise Server for SAP Applications 12:libqt4-sql-sqlite-4.8.6-4.2 SUSE Linux Enterprise Server for SAP Applications 12:libqt4-x11-32bit-4.8.6-4.2 SUSE Linux Enterprise Server for SAP Applications 12:libqt4-x11-4.8.6-4.2 SUSE Linux Enterprise Server for SAP Applications 12:qt4-x11-tools-4.8.6-4.6 SUSE Linux Enterprise Software Development Kit 12:libqt4-devel-4.8.6-4.2 SUSE Linux Enterprise Software Development Kit 12:libqt4-devel-doc-4.8.6-4.6 SUSE Linux Enterprise Software Development Kit 12:libqt4-devel-doc-data-4.8.6-4.6 SUSE Linux Enterprise Software Development Kit 12:libqt4-linguist-4.8.6-4.2 SUSE Linux Enterprise Software Development Kit 12:libqt4-private-headers-devel-4.8.6-4.2 SUSE Linux Enterprise Software Development Kit 12:libqt4-sql-postgresql-32bit-4.8.6-4.1 SUSE Linux Enterprise Software Development Kit 12:libqt4-sql-postgresql-4.8.6-4.1 SUSE Linux Enterprise Software Development Kit 12:libqt4-sql-unixODBC-32bit-4.8.6-4.1 SUSE Linux Enterprise Software Development Kit 12:libqt4-sql-unixODBC-4.8.6-4.1 SUSE Linux Enterprise Workstation Extension 12:libqt4-sql-mysql-32bit-4.8.6-4.1 SUSE Linux Enterprise Workstation Extension 12:libqt4-sql-postgresql-32bit-4.8.6-4.1 SUSE Linux Enterprise Workstation Extension 12:libqt4-sql-postgresql-4.8.6-4.1 SUSE Linux Enterprise Workstation Extension 12:libqt4-sql-sqlite-32bit-4.8.6-4.2 SUSE Linux Enterprise Workstation Extension 12:libqt4-sql-unixODBC-32bit-4.8.6-4.1 SUSE Linux Enterprise Workstation Extension 12:libqt4-sql-unixODBC-4.8.6-4.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151359-1/ https://www.suse.com/security/cve/CVE-2015-1859.html CVE-2015-1859 https://bugzilla.suse.com/921999 SUSE Bug 921999 https://bugzilla.suse.com/927806 SUSE Bug 927806 https://bugzilla.suse.com/927807 SUSE Bug 927807 https://bugzilla.suse.com/927808 SUSE Bug 927808 Multiple buffer overflows in gui/image/qgifhandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted GIF image. CVE-2015-1860 SUSE Linux Enterprise Desktop 12:libqt4-32bit-4.8.6-4.2 SUSE Linux Enterprise Desktop 12:libqt4-4.8.6-4.2 SUSE Linux Enterprise Desktop 12:libqt4-qt3support-32bit-4.8.6-4.2 SUSE Linux Enterprise Desktop 12:libqt4-qt3support-4.8.6-4.2 SUSE Linux Enterprise Desktop 12:libqt4-sql-32bit-4.8.6-4.2 SUSE Linux Enterprise Desktop 12:libqt4-sql-4.8.6-4.2 SUSE Linux Enterprise Desktop 12:libqt4-sql-mysql-32bit-4.8.6-4.1 SUSE Linux Enterprise Desktop 12:libqt4-sql-mysql-4.8.6-4.1 SUSE Linux Enterprise Desktop 12:libqt4-sql-postgresql-32bit-4.8.6-4.1 SUSE Linux Enterprise Desktop 12:libqt4-sql-postgresql-4.8.6-4.1 SUSE Linux Enterprise Desktop 12:libqt4-sql-sqlite-32bit-4.8.6-4.2 SUSE Linux Enterprise Desktop 12:libqt4-sql-sqlite-4.8.6-4.2 SUSE Linux Enterprise Desktop 12:libqt4-sql-unixODBC-32bit-4.8.6-4.1 SUSE Linux Enterprise Desktop 12:libqt4-sql-unixODBC-4.8.6-4.1 SUSE Linux Enterprise Desktop 12:libqt4-x11-32bit-4.8.6-4.2 SUSE Linux Enterprise Desktop 12:libqt4-x11-4.8.6-4.2 SUSE Linux Enterprise Server 12:libqt4-32bit-4.8.6-4.2 SUSE Linux Enterprise Server 12:libqt4-4.8.6-4.2 SUSE Linux Enterprise Server 12:libqt4-qt3support-32bit-4.8.6-4.2 SUSE Linux Enterprise Server 12:libqt4-qt3support-4.8.6-4.2 SUSE Linux Enterprise Server 12:libqt4-sql-32bit-4.8.6-4.2 SUSE Linux Enterprise Server 12:libqt4-sql-4.8.6-4.2 SUSE Linux Enterprise Server 12:libqt4-sql-mysql-4.8.6-4.1 SUSE Linux Enterprise Server 12:libqt4-sql-sqlite-4.8.6-4.2 SUSE Linux Enterprise Server 12:libqt4-x11-32bit-4.8.6-4.2 SUSE Linux Enterprise Server 12:libqt4-x11-4.8.6-4.2 SUSE Linux Enterprise Server 12:qt4-x11-tools-4.8.6-4.6 SUSE Linux Enterprise Server for SAP Applications 12:libqt4-32bit-4.8.6-4.2 SUSE Linux Enterprise Server for SAP Applications 12:libqt4-4.8.6-4.2 SUSE Linux Enterprise Server for SAP Applications 12:libqt4-qt3support-32bit-4.8.6-4.2 SUSE Linux Enterprise Server for SAP Applications 12:libqt4-qt3support-4.8.6-4.2 SUSE Linux Enterprise Server for SAP Applications 12:libqt4-sql-32bit-4.8.6-4.2 SUSE Linux Enterprise Server for SAP Applications 12:libqt4-sql-4.8.6-4.2 SUSE Linux Enterprise Server for SAP Applications 12:libqt4-sql-mysql-4.8.6-4.1 SUSE Linux Enterprise Server for SAP Applications 12:libqt4-sql-sqlite-4.8.6-4.2 SUSE Linux Enterprise Server for SAP Applications 12:libqt4-x11-32bit-4.8.6-4.2 SUSE Linux Enterprise Server for SAP Applications 12:libqt4-x11-4.8.6-4.2 SUSE Linux Enterprise Server for SAP Applications 12:qt4-x11-tools-4.8.6-4.6 SUSE Linux Enterprise Software Development Kit 12:libqt4-devel-4.8.6-4.2 SUSE Linux Enterprise Software Development Kit 12:libqt4-devel-doc-4.8.6-4.6 SUSE Linux Enterprise Software Development Kit 12:libqt4-devel-doc-data-4.8.6-4.6 SUSE Linux Enterprise Software Development Kit 12:libqt4-linguist-4.8.6-4.2 SUSE Linux Enterprise Software Development Kit 12:libqt4-private-headers-devel-4.8.6-4.2 SUSE Linux Enterprise Software Development Kit 12:libqt4-sql-postgresql-32bit-4.8.6-4.1 SUSE Linux Enterprise Software Development Kit 12:libqt4-sql-postgresql-4.8.6-4.1 SUSE Linux Enterprise Software Development Kit 12:libqt4-sql-unixODBC-32bit-4.8.6-4.1 SUSE Linux Enterprise Software Development Kit 12:libqt4-sql-unixODBC-4.8.6-4.1 SUSE Linux Enterprise Workstation Extension 12:libqt4-sql-mysql-32bit-4.8.6-4.1 SUSE Linux Enterprise Workstation Extension 12:libqt4-sql-postgresql-32bit-4.8.6-4.1 SUSE Linux Enterprise Workstation Extension 12:libqt4-sql-postgresql-4.8.6-4.1 SUSE Linux Enterprise Workstation Extension 12:libqt4-sql-sqlite-32bit-4.8.6-4.2 SUSE Linux Enterprise Workstation Extension 12:libqt4-sql-unixODBC-32bit-4.8.6-4.1 SUSE Linux Enterprise Workstation Extension 12:libqt4-sql-unixODBC-4.8.6-4.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151359-1/ https://www.suse.com/security/cve/CVE-2015-1860.html CVE-2015-1860 https://bugzilla.suse.com/921999 SUSE Bug 921999 https://bugzilla.suse.com/927806 SUSE Bug 927806 https://bugzilla.suse.com/927807 SUSE Bug 927807 https://bugzilla.suse.com/927808 SUSE Bug 927808