Fedora Linux 8777 Published by

A qt security update has been released for Fedora 34.



SECURITY: Fedora 34 Update: qt-4.8.7-60.fc34


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2021-613052e94d
2021-03-25 00:15:39.359229
--------------------------------------------------------------------------------

Name : qt
Product : Fedora 34
Version : 4.8.7
Release : 60.fc34
URL :   http://qt-project.org/
Summary : Qt toolkit
Description :
Qt is a software toolkit for developing applications.

This package contains base tools, like string, xml, and network
handling.

--------------------------------------------------------------------------------
Update Information:

An out of bounds read in function QRadialFetchSimd from crafted svg file may
lead to information disclosure or other potential consequences. This update
includes the backported upstream fix and should resolve the security issue.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar 9 2021 Than Ngo - 4.8.7-60
- Resolves: #1931444, Clamp parsed doubles to float representable values
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #1931444 - qt: Out of bounds read in function QRadialFetchSimd from crafted svg file
  https://bugzilla.redhat.com/show_bug.cgi?id=1931444
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2021-613052e94d' at the command
line. For more information, refer to the dnf documentation available at
  http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
  https://fedoraproject.org/keys