1
PublicDateAtUSN: 2014-05-08
2
Candidate: CVE-2014-0190
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0190
6
http://www.openwall.com/lists/oss-security/2014/04/28
7
http://lists.qt-project.org/pipermail/announce/2014-April/000045.html
8
https://usn.ubuntu.com/usn/usn-2626-1
10
The GIF decoder in QtGui in Qt before 5.3 allows remote attackers to cause
11
a denial of service (NULL pointer dereference) via invalid width and height
12
values in a GIF image.
16
https://bugs.kde.org/show_bug.cgi?id=333404
18
Discovered-by: Wolfgang Schenk
22
upstream: https://qt.gitorious.org/qt/qtbase/commit/eb1325047f2697d24e93ebaf924900affc876bc1
23
upstream_qt4-x11: released (4:4.8.6+dfsg-1)
24
lucid_qt4-x11: ignored (reached end-of-life)
25
precise_qt4-x11: released (4:4.8.1-0ubuntu4.9)
26
quantal_qt4-x11: ignored (reached end-of-life)
27
saucy_qt4-x11: ignored (reached end-of-life)
28
trusty_qt4-x11: released (4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1)
29
utopic_qt4-x11: not-affected (4:4.8.6+git49-gbc62005+dfsg-1ubuntu1)
30
vivid_qt4-x11: not-affected (4:4.8.6+git64-g5dc8b2b+dfsg-3~ubuntu6)
31
devel_qt4-x11: not-affected (4:4.8.6+git64-g5dc8b2b+dfsg-3~ubuntu6)
33
Patches_qtbase-opensource-src:
34
upstream: http://code.qt.io/cgit/qt/qtbase.git/commit/?id=c5eec579e2fcf3c00cc02ebc0a2fbc347cd595d5
35
upstream_qtbase-opensource-src: released (5.3)
36
lucid_qtbase-opensource-src: DNE
37
precise_qtbase-opensource-src: DNE
38
quantal_qtbase-opensource-src: DNE
39
saucy_qtbase-opensource-src: ignored (reached end-of-life)
40
trusty_qtbase-opensource-src: released (5.2.1+dfsg-1ubuntu14.3)
41
utopic_qtbase-opensource-src: not-affected (5.3.0+dfsg-2ubuntu9)
42
vivid_qtbase-opensource-src: not-affected (5.4.1+dfsg-2ubuntu3)
43
vivid/stable-phone-overlay_qtbase-opensource-src: released (5.4.1+dfsg-2ubuntu11~vivid1)
44
vivid/ubuntu-core_qtbase-opensource-src: DNE
45
devel_qtbase-opensource-src: not-affected (5.4.1+dfsg-2ubuntu3)