Detections
Analytics

Oracle Linux 8 : qt5 (ELSA-2020-1665)

medium Nessus Plugin ID 180963

Language:

Synopsis

The remote Oracle Linux host is missing one or more security updates.

Description

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1665 advisory.

 python-qt5 [5.13.1-1]
 - 5.13.1 Resolves: bz#1775603

 qgnomeplatform [0.4-3]
 - Rebuild (qt5) Resolves: bz#1774418

 qt5 [5.12.5-3]
 - Re-add srpm macros, just leave them empty Resolves: bz#1733133

 [5.12.5-2]
 - Drop srpm macros as we dont ship qtwebengine Resolves: bz#1733133

 [5.12.5-1]
 - 5.12.5 + sync with Fedora Resolves: bz#1733133

 qt5-qt3d [5.12.5-2]
 - Fix multilib issue Resolves: bz#1765637

 [5.12.5-1]
 - 5.12.5 Resolves: bz#1733159

 qt5-qtbase [5.12-5-4]
 - Fix build on RHEL 7 kernel Resolves: bz#1733135

 [5.12-5-2]
 - Remove Android specific test to avoid unnecessary dependencies Resolves: bz#1733135

 [5.12-5-1]
 - 5.12.5 + sync with Fedora Resolves: bz#1733135

 qt5-qtcanvas3d [5.12.5-1]
 - 5.12.5 Resolves: bz#1733136

 qt5-qtconnectivity [5.12.5-1]
 - 5.12.5 Resolves: bz#1733137

 qt5-qtdeclarative [5.12-5-1]
 - 5.12.5 Resolves: bz#1733139

 qt5-qtdoc [5.12.5-1]
 - 5.12.5 Resolves: bz#1733140

 qt5-qtgraphicaleffects [5.12.5-1]
 - 5.12.5 Resolves: bz#1733141

 qt5-qtimageformats [5.12.5-1]
 - 5.12.5 Resolves: bz#1733142

 qt5-qtlocation [5.12.5-1]
 - 5.12.5 Resolves: bz#1733143

 qt5-qtmultimedia [5.12.5-1]
 - 5.12.5 Resolves: bz#1733144

 qt5-qtquickcontrols2 [5.12.5-1]
 - 5.12.5 Resolves: bz#1733146

 qt5-qtquickcontrols [5.12.5-1]
 - 5.12.5 Resolves: bz#1733145

 qt5-qtscript [5.12.5-1]
 - 5.12.5 Resolves: bz#1733147

 qt5-qtsensors [5.12.5-1]
 - 5.12.5 Resolves: bz#1733148

 qt5-qtserialbus [5.12.5-1]
 - 5.12.5 Resolves: bz#1733149

 qt5-qtserialport [5.12.5-1]
 - 5.12.5 Resolves: bz#1733150

 qt5-qtsvg [5.12.5-1]
 - 5.12.5 Resolves: bz#1733151

 qt5-qttools [5.12.5-1]
 - 5.12.5 Resolves: bz#1733152

 qt5-qttranslations [5.12.5-1]
 - 5.12.5 Resolves: bz#1733153

 qt5-qtwayland [5.12.5-1]
 - 5.12.5 Resolves: bz#1733154

 qt5-qtwebchannel [5.12.5-1]
 - 5.12.5 Resolves: bz#1733155

 qt5-qtwebsockets [5.12.5-1]
 - 5.12.5 Resolves: bz#1733156

 qt5-qtx11extras [5.12.5-1]
 - 5.12.5 Resolves: bz#1733158

 qt5-qtxmlpatterns [5.12.5-1]
 - 5.12.5 Resolves: bz#1733157

 sip [4.19.19-1]
 - 4.19.19 Resolves: bz#1775604

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://linux.oracle.com/errata/ELSA-2020-1665.html

Plugin Details

Severity: Medium

ID: 180963

File Name: oraclelinux_ELSA-2020-1665.nasl

Version: 1.2

Type: local

Agent: unix

Published: 9/7/2023

Updated: 11/1/2024

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.4

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2018-19872

CVSS v3

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 5.9

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2018-19871

Vulnerability Information

CPE: p-cpe:/a:oracle:linux:qt5-qtmultimedia-devel, p-cpe:/a:oracle:linux:qt5-qttranslations, p-cpe:/a:oracle:linux:qt5-qtwebchannel-devel, p-cpe:/a:oracle:linux:qt5-qtlocation-examples, p-cpe:/a:oracle:linux:qt5-qtserialport, p-cpe:/a:oracle:linux:qt5-qtbase-private-devel, p-cpe:/a:oracle:linux:qt5-qtsvg, p-cpe:/a:oracle:linux:qt5-assistant, p-cpe:/a:oracle:linux:qt5-qtsensors, p-cpe:/a:oracle:linux:sip, p-cpe:/a:oracle:linux:qt5-qtserialport-examples, p-cpe:/a:oracle:linux:qt5-qtscript-devel, p-cpe:/a:oracle:linux:qgnomeplatform, p-cpe:/a:oracle:linux:qt5-qtdoc, p-cpe:/a:oracle:linux:qt5-qt3d-examples, p-cpe:/a:oracle:linux:qt5-qtbase-gui, p-cpe:/a:oracle:linux:qt5-qtscript-examples, p-cpe:/a:oracle:linux:qt5-doctools, p-cpe:/a:oracle:linux:qt5-qttools-libs-help, p-cpe:/a:oracle:linux:qt5-qtwebchannel, p-cpe:/a:oracle:linux:qt5-qtbase-examples, p-cpe:/a:oracle:linux:qt5-designer, p-cpe:/a:oracle:linux:qt5-qtwebsockets-devel, p-cpe:/a:oracle:linux:qt5-qtserialbus-examples, p-cpe:/a:oracle:linux:qt5-qtcanvas3d-examples, p-cpe:/a:oracle:linux:qt5-qtmultimedia, p-cpe:/a:oracle:linux:qt5-qtbase-odbc, p-cpe:/a:oracle:linux:qt5-qdbusviewer, p-cpe:/a:oracle:linux:qt5-qtserialbus, p-cpe:/a:oracle:linux:qt5-qtquickcontrols2, p-cpe:/a:oracle:linux:qt5-qtx11extras, p-cpe:/a:oracle:linux:qt5-qtserialport-devel, p-cpe:/a:oracle:linux:qt5-qtdeclarative-examples, p-cpe:/a:oracle:linux:qt5-qtwebsockets, p-cpe:/a:oracle:linux:qt5-linguist, p-cpe:/a:oracle:linux:qt5-qtsensors-examples, p-cpe:/a:oracle:linux:qt5-srpm-macros, p-cpe:/a:oracle:linux:qt5-qtscript, p-cpe:/a:oracle:linux:qt5-qtwayland-examples, p-cpe:/a:oracle:linux:qt5-qttools-libs-designer, p-cpe:/a:oracle:linux:qt5-qt3d, cpe:/o:oracle:linux:8, p-cpe:/a:oracle:linux:qt5-qtlocation-devel, p-cpe:/a:oracle:linux:qt5-qtsensors-devel, p-cpe:/a:oracle:linux:python3-pyqt5-sip, p-cpe:/a:oracle:linux:qt5-qtsvg-examples, p-cpe:/a:oracle:linux:qt5-qtxmlpatterns-examples, p-cpe:/a:oracle:linux:qt5-qtxmlpatterns-devel, p-cpe:/a:oracle:linux:qt5-qtx11extras-devel, p-cpe:/a:oracle:linux:qt5-qtconnectivity, p-cpe:/a:oracle:linux:qt5-qtbase, p-cpe:/a:oracle:linux:qt5-qt3d-devel, p-cpe:/a:oracle:linux:python3-qt5, p-cpe:/a:oracle:linux:qt5-qtbase-devel, p-cpe:/a:oracle:linux:qt5-qtquickcontrols, p-cpe:/a:oracle:linux:python3-qt5-base, p-cpe:/a:oracle:linux:qt5-qttools-devel, p-cpe:/a:oracle:linux:qt5-qtwayland, p-cpe:/a:oracle:linux:qt5-qtxmlpatterns, p-cpe:/a:oracle:linux:qt5-qtbase-common, p-cpe:/a:oracle:linux:qt5-qttools-common, p-cpe:/a:oracle:linux:qt5-qttools, p-cpe:/a:oracle:linux:qt5-qtsvg-devel, p-cpe:/a:oracle:linux:qt5-qtcanvas3d, p-cpe:/a:oracle:linux:qt5-qtmultimedia-examples, p-cpe:/a:oracle:linux:qt5-qtdeclarative-devel, p-cpe:/a:oracle:linux:qt5-qtquickcontrols-examples, p-cpe:/a:oracle:linux:qt5-qtbase-postgresql, p-cpe:/a:oracle:linux:qt5-qtquickcontrols2-examples, p-cpe:/a:oracle:linux:qt5-qtwebsockets-examples, p-cpe:/a:oracle:linux:qt5-qttools-examples, p-cpe:/a:oracle:linux:qt5-qtwebchannel-examples, p-cpe:/a:oracle:linux:qt5-qtimageformats, p-cpe:/a:oracle:linux:qt5-qtconnectivity-devel, p-cpe:/a:oracle:linux:qt5-qtgraphicaleffects, p-cpe:/a:oracle:linux:qt5-rpm-macros, p-cpe:/a:oracle:linux:qt5-qtdeclarative, p-cpe:/a:oracle:linux:qt5-qtbase-mysql, p-cpe:/a:oracle:linux:qt5-qtlocation, p-cpe:/a:oracle:linux:qt5-qtconnectivity-examples, p-cpe:/a:oracle:linux:qt5-qttools-libs-designercomponents, p-cpe:/a:oracle:linux:python-qt5-rpm-macros

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/OracleLinux

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 5/5/2020

Vulnerability Publication Date: 12/4/2018

Reference Information

CVE: CVE-2018-19869, CVE-2018-19871, CVE-2018-19872