Details
-
Task
-
Resolution: Done
-
P1: Critical
-
5.12.5, 5.13.1
-
None
-
9fe1f2e918d39031852805f1add23125c061d3c3 (qt/qtimageformats/5.13.2)
Description
Two CVEs have recently been raised for libtiff version 4.0.10, which is what we ship with Qt 5.12 and 5.13.
Patches are available for both of them, but there is no stable libtiff release yet. If there is no stable release made available in time for the next 5.12 and 5.13 releases, then we need to cherry-pick those changes; otherwise, we need to upgrade.