openSUSE-SU-2014:0176-1: moderate: update for libqt5-qtbase

31 Jan 2014

      openSUSE Security Update: update for libqt5-qtbase
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2014:0176-1
Rating:             moderate
References:         #856832 
Cross-References:   CVE-2013-4549
Affected Products:
                    openSUSE 13.1
______________________________________________________________________________

   An update that fixes one vulnerability is now available.

Description:

   - added patches:
   * disallow-deep-or-widely-nested-entity-references.patch:
   upstream fix for bnc#856832 and CVE-2013-4549: xml
   entity expansion attacks

Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE 13.1:

      zypper in -t patch openSUSE-2014-94

   To bring your system up-to-date, use "zypper patch".

Package List:

   - openSUSE 13.1 (i586 x86_64):

      libQt5Gui5-5.1.1-6.7
      libQt5Gui5-debuginfo-5.1.1-6.7
      libQt5Sql5-5.1.1-6.7
      libQt5Sql5-debuginfo-5.1.1-6.7
      libQt5Test5-5.1.1-6.7
      libQt5Test5-debuginfo-5.1.1-6.7
      libQt5Widgets5-5.1.1-6.7
      libQt5Widgets5-debuginfo-5.1.1-6.7
      libqt5-qtbase-5.1.1-6.7
      libqt5-qtbase-debuginfo-5.1.1-6.7
      libqt5-qtbase-debugsource-5.1.1-6.7
      libqt5-qtbase-devel-5.1.1-6.7
      libqt5-qtbase-devel-debuginfo-5.1.1-6.7
      libqt5-qtbase-private-headers-devel-5.1.1-6.7
      libqt5-sql-mysql-5.1.1-6.7
      libqt5-sql-mysql-debuginfo-5.1.1-6.7
      libqt5-sql-postgresql-5.1.1-6.7
      libqt5-sql-postgresql-debuginfo-5.1.1-6.7
      libqt5-sql-sqlite-5.1.1-6.7
      libqt5-sql-sqlite-debuginfo-5.1.1-6.7
      libqt5-sql-unixODBC-5.1.1-6.7
      libqt5-sql-unixODBC-debuginfo-5.1.1-6.7

   - openSUSE 13.1 (x86_64):

      libQt5Gui5-32bit-5.1.1-6.7
      libQt5Gui5-debuginfo-32bit-5.1.1-6.7
      libQt5Sql5-32bit-5.1.1-6.7
      libQt5Sql5-debuginfo-32bit-5.1.1-6.7
      libQt5Test5-32bit-5.1.1-6.7
      libQt5Test5-debuginfo-32bit-5.1.1-6.7
      libQt5Widgets5-32bit-5.1.1-6.7
      libQt5Widgets5-debuginfo-32bit-5.1.1-6.7
      libqt5-qtbase-32bit-5.1.1-6.7
      libqt5-qtbase-debuginfo-32bit-5.1.1-6.7
      libqt5-sql-mysql-32bit-5.1.1-6.7
      libqt5-sql-mysql-debuginfo-32bit-5.1.1-6.7
      libqt5-sql-postgresql-32bit-5.1.1-6.7
      libqt5-sql-postgresql-debuginfo-32bit-5.1.1-6.7
      libqt5-sql-sqlite-32bit-5.1.1-6.7
      libqt5-sql-sqlite-debuginfo-32bit-5.1.1-6.7
      libqt5-sql-unixODBC-32bit-5.1.1-6.7
      libqt5-sql-unixODBC-debuginfo-32bit-5.1.1-6.7

References:

   http://support.novell.com/security/cve/CVE-2013-4549.html
   https://bugzilla.novell.com/856832

openSUSE-SU-2014:0176-1: moderate: update for libqt5-qtbase

opensuse-security＠opensuse.org