Opened 20 months ago

Closed 20 months ago

Last modified 18 months ago

#15197 closed enhancement (fixed)

qt5 (svg) - fix CVE-2021-3481

Reported by: ken@… Owned by: ken@…
Priority: elevated Milestone: 11.0
Component: BOOK Version: git
Severity: normal Keywords:


I noticed a fix (in mageia) this week for an out of bounds read in qtsvg, although distros (fedora, debian, arch) fixed it in March-April.

Details of the CVE are not yet public, perhaps because non-commercial Qt is still affected, but there is a summary at This medium-severity vulnerability was found by google's fuzzing, raised as with further details at

I've got the patch from debian.

Change History (4)

comment:1 by ken@…, 20 months ago

Owner: changed from blfs-book to ken@…
Status: newassigned

comment:3 by ken@…, 20 months ago

Resolution: fixed
Status: assignedclosed

Security Advisory SA 10.064 created.

comment:4 by Bruce Dubbs, 18 months ago

Milestone: 10.211.0

Milestone renamed

Note: See TracTickets for help on using tickets.