A qtsvg-opensource-src security update has been released for Debian GNU/Linux 8 Extended LTS to address multiple out-of-bounds errors.
ELA-543-1 qtsvg-opensource-src security update
Package qtsvg-opensource-src
ELA-543-1 qtsvg-opensource-src security update
Version 5.3.2-2+deb8u1
Related CVEs CVE-2018-19869 CVE-2021-3481 CVE-2021-45930
Multiple out-of-bounds error were discovered in qtsvg-opensource-src. The highest threat from CVE-2021-3481 (at least) is to data confidentiality the application availability.
For Debian 8 jessie, these problems have been fixed in version 5.3.2-2+deb8u1.
We recommend that you upgrade your qtsvg-opensource-src packages.
Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/
