——————————————————————————–
Fedora Update Notification
FEDORA-2014-5695
2014-04-27 06:39:10
——————————————————————————–

Name : qt
Product : Fedora 20
Version : 4.8.6
Release : 2.fc20
URL : http://qt-project.org/
Summary : Qt toolkit
Description :
Qt is a software toolkit for developing applications.

This package contains base tools, like string, xml, and network
handling.

——————————————————————————–
Update Information:

New upstream stable bugfix release, as well as a fix for:
* DoS vulnerability in the GIF image handler (QTBUG-38367)
See also http://blog.qt.digia.com/blog/2014/04/24/qt-4-8-6-released/
——————————————————————————–
ChangeLog:

* Thu Apr 24 2014 Rex Dieter <rdieter@fedoraproject.org> 4.8.6-2
– DoS vulnerability in the GIF image handler (QTBUG-38367)
* Thu Apr 24 2014 Rex Dieter <rdieter@fedoraproject.org> 4.8.6-1
– 4.8.6 (final)
* Tue Apr 15 2014 Rex Dieter <rdieter@fedoraproject.org> 4.8.6-0.2.rc2
– 4.8.6-rc2
* Tue Apr 1 2014 Rex Dieter <rdieter@fedoraproject.org> – 4.8.6-0.1.rc1
– 4.8.6-rc1
* Wed Mar 26 2014 Rex Dieter <rdieter@fedoraproject.org> 4.8.5-24
– support ppc64le arch (#1081216)
* Sat Mar 8 2014 Kevin Kofler <Kevin@tigcc.ticalc.org> 4.8.5-23
– fix QMAKE_STRIP handling (#1074041)
* Fri Mar 7 2014 Rex Dieter <rdieter@fedoraproject.org> 4.8.5-22
– respin mysql_config patch
* Fri Mar 7 2014 Rex Dieter <rdieter@fedoraproject.org> 4.8.5-21
– restore qt-cupsEnumDests.patch (#980952)
* Thu Mar 6 2014 Rex Dieter <rdieter@fedoraproject.org> 4.8.5-20
– systemtrayicon plugin support (from kubuntu)
* Tue Feb 18 2014 Rex Dieter <rdieter@fedoraproject.org> 4.8.5-19
– cleanup QMAKE_STRIP handling
* Wed Feb 12 2014 Rex Dieter <rdieter@fedoraproject.org> 4.8.5-18
– rebuild (libicu)
* Sat Feb 1 2014 Rex Dieter <rdieter@fedoraproject.org> 4.8.5-17
– better %rpm_macros_dir handling
* Sun Jan 26 2014 Rex Dieter <rdieter@fedoraproject.org> 4.8.5-16
– macros.qt4: ++%_qt4_examplesdir (keep %_qt4_examples around for compatibility)
* Fri Jan 17 2014 Kevin Kofler <Kevin@tigcc.ticalc.org> – 4.8.5-15
– drop “Discover printers shared by CUPS 1.6 (#980952)” (#1054312, #980952#c18)
* Mon Jan 13 2014 Kevin Kofler <Kevin@tigcc.ticalc.org> – 4.8.5-14
– fix QTBUG-35459 (too low entityCharacterLimit=1024 for CVE-2013-4549)
– fix QTBUG-35460 (error message for CVE-2013-4549 is misspelled)
* Mon Dec 23 2013 Peter Robinson <pbrobinson@fedoraproject.org> 4.8.5-13
– Add support for aarch64 (#1046360)
* Thu Dec 5 2013 Rex Dieter <rdieter@fedoraproject.org> 4.8.5-12
– XML Entity Expansion Denial of Service (CVE-2013-4549)
* Wed Oct 9 2013 Rex Dieter <rdieter@fedoraproject.org> 4.8.5-11
– Discover printers shared by CUPS 1.6 (#980952)
——————————————————————————–
References:

[ 1 ] Bug #1088142 – CVE-2014-0190 qt: NULL pointer dereference flaw in QGIFFormat::fillRect
https://bugzilla.redhat.com/show_bug.cgi?id=1088142
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update qt’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce