Bug 1039291 (CVE-2016-10040)

Summary: VUL-0: CVE-2016-10040: libqt4,libqt5-qtbase: stack buffer overflow in QXmlSimpleReader
Product: [Novell Products] SUSE Security Incidents Reporter: Marcus Meissner <meissner>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: atoptsoglou, smash_bz, vpereira
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/178082/
Whiteboard: CVSSv3:RedHat:CVE-2016-10040:3.7:(AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L) CVSSv2:NVD:CVE-2016-10040:4.3:(AV:N/AC:M/Au:N/C:N/I:N/A:P) CVSSv3:SUSE:CVE-2016-10040:3.7:(AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L) CVSSv2:SUSE:CVE-2016-10040:2.6:(AV:N/AC:H/Au:N/C:N/I:N/A:P)
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Comment 1 Victor Pereira 2017-06-07 13:27:00 UTC
patchset https://codereview.qt-project.org/#/c/71010/
Comment 2 Dirk Mueller 2017-10-16 11:39:00 UTC
all of that is fixed in 4.8.7.
Comment 3 Johannes Segitz 2018-02-16 13:58:01 UTC
please submit for both packages. Thank you
Comment 4 Johannes Segitz 2018-02-27 09:34:42 UTC
ping. Please submit
Comment 5 Dirk Mueller 2018-04-23 12:46:48 UTC
The code that was patched for this bugreport doesn't exist in Qt 4.6. The code that was patched is a fix for CVE-2013-4549, which we have not fixed in SLE11. 

the rest is fixed in 4.8.7, which would be a good thing to update to anyway. want me to submit 4.8.7 to SLE12?
Comment 6 Dirk Mueller 2018-05-05 07:24:57 UTC
154348  State:declined   By:darix        When:2018-02-09T12:36:29
        maintenance_incident: home:dirkmueller:branches:SUSE:SLE-12:Update/libqt4@c3726ad7a2d7adfbbc4b3006cffdc590 -> SUSE:Maintenance (release in SUSE:SLE-12:Update)


I'm trying to submit it once more, hopefully it gets accepted now:

164467  State:review     By:dirkmueller  When:2018-05-05T06:45:32
        maintenance_incident: home:dirkmueller:branches:SUSE:SLE-12:Update/libqt4@404d502e435fcc6314f58571cb191a23 -> SUSE:Maintenance (release in SUSE:SLE-12:Update)

it also requires request 164468 (libQtWebKit4)
Comment 7 Swamp Workflow Management 2018-07-06 16:08:12 UTC
SUSE-SU-2018:1902-1: An update that solves one vulnerability and has four fixes is now available.

Category: security (moderate)
Bug References: 1039291,1042657,956357,964458,982826
CVE References: CVE-2016-10040
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP3 (src):    libqt4-4.8.7-8.6.1, libqt4-sql-plugins-4.8.7-8.6.1, qt4-qtscript-0.2.0-11.2.4
SUSE Linux Enterprise Software Development Kit 12-SP3 (src):    libQtWebKit4-4.8.7+2.3.4-4.5.1, libqca2-2.0.3-17.2.1, libqt4-4.8.7-8.6.1, libqt4-devel-doc-4.8.7-8.6.4, libqt4-sql-plugins-4.8.7-8.6.1
SUSE Linux Enterprise Server 12-SP3 (src):    libQtWebKit4-4.8.7+2.3.4-4.5.1, libqca2-2.0.3-17.2.1, libqt4-4.8.7-8.6.1, libqt4-devel-doc-4.8.7-8.6.4, libqt4-sql-plugins-4.8.7-8.6.1
SUSE Linux Enterprise Desktop 12-SP3 (src):    libQtWebKit4-4.8.7+2.3.4-4.5.1, libqca2-2.0.3-17.2.1, libqt4-4.8.7-8.6.1, libqt4-sql-plugins-4.8.7-8.6.1, qt4-qtscript-0.2.0-11.2.4
Comment 8 Alexandros Toptsoglou 2020-04-28 13:14:26 UTC
Done