Key Information Summary Vulnerability Overview Announcement ID: USN-4003-1 Release Date: June 3, 2019 Affected Software: Qt Vulnerability Details 1. XML Processing Vulnerability: - CVE ID: CVE-2018-15518 - Description: Qt improperly handles certain XML documents, which could allow a remote attacker to crash Qt using a specially crafted XML document, potentially leading to service disruption or arbitrary code execution. 2. GIF Image Processing Vulnerability: - CVE ID: CVE-2018-19870 - Description: Qt improperly handles certain GIF images, which could allow a remote attacker to crash Qt using a specially crafted GIF image, potentially leading to service disruption or arbitrary code execution. 3. BMP Image Processing Vulnerability: - CVE ID: CVE-2018-19873 - Description: Qt improperly handles certain BMP images, which could allow a remote attacker to crash Qt using a specially crafted BMP image, potentially leading to service disruption or arbitrary code execution. Affected Versions Affected Ubuntu Versions: 18.10, 18.04 LTS, 16.04 LTS Update Instructions Required Action: After standard system updates, a session restart is required to ensure all changes take effect. Updated Versions: - 18.10 Cosmic: 5.11.1+dfsg-7ubuntu3.1, 5.11.1+dfsg-7ubuntu3.1 - 18.04 LTS Bionic: 5.9.5+dfsg-0ubuntu2.1, 5.9.5+dfsg-0ubuntu2.1 - 16.04 LTS Xenial: 5.5.1+dfsg-16ubuntu7.6, 5.5.1+dfsg-16ubuntu7.6 References Related CVE IDs: CVE-2018-19873, CVE-2018-19870, CVE-2018-15518