Qt 5.11.3 Released with Important Security Updates
December 04, 2018 by Tuukka Turunen | Comments
Qt 5.11.3 is released today. As a patch release it does not add any new functionality, but provides important bug fixes, security updates and other improvements.
Compared to Qt 5.11.2, the Qt 5.11.3 release provides fixes for over 100 bugs and it contains around 300 changes in total. For details of the most important changes, please check the Change files of Qt 5.11.3.
Qt 5.11.3 contains the following important security fixes:
- CVE-2018-15518, Qt Base: "double free or corruption" in QXmlStreamReader
- CVE-2018-19873, Qt Base: QBmpHandler segfault on malformed BMP file
- CVE-2018-19870, Qt Base: Check for QImage allocation failure in qgifhandler
- CVE-2018-19871, Qt Imageformats: QImage: QTgaFile CPU exhaustion
- CVE-2018-19865, Qt Virtual Keyboard: Qt Virtual Keyboard logs all key presses
- CVE-2018-19869, Qt Svg: Fix crash when parsing malformed url reference
All these security fixes are included in the upcoming Qt 5.12.0 release.
Qt 5.9.7 released earlier contains all the fixes, except the one for virtual keyboard, which is available as a set of patches here, here and here.
Qt 5.6.3 release can be patched with these security fixes available here, here, here, here, here, here, here and here.
Qt 5.11.3 is the last release of the Qt 5.11.x series. The 5.11 branch is now closed. All bug fixes go into Qt 5.12 and the most important ones are cherry picked into Qt 5.9 LTS.
The recommended way for getting Qt 5.11.3 is using the maintenance tool of the online installer. For new installations, please download latest online installer from Qt Account portal (commercial license holders) or from qt.io Download page (open source).
Offline packages are also available for those can't use the online installer.
Blog Topics:
Comments
Subscribe to our newsletter
Subscribe Newsletter
Try Qt 6.5 Now!
Download the latest release here: www.qt.io/download.
Qt 6.5 is the latest Long-Term-Support release with all you need for C++ cross-platform app development.
Explore Qt World
Check our Qt demos and case studies in the virtual Qt World
We're Hiring
Check out all our open positions here and follow us on Instagram to see what it's like to be #QtPeople.
Näytä tämä julkaisu Instagramissa.Henkilön Qt (@theqtcompany) jakama julkaisu