Errata overview
Errata ID 635
Date 2020-02-05
Source package qtbase-opensource-src
Fixed in version 5.7.1+dfsg-3+deb9u2
This update addresses the following issue:
* QPluginLoader in Qt would search for certain plugins first on the current
  working directory of the application, which allows an attacker that can
  place files in the file system and influence the working directory of
  Qt-based applications to load and execute malicious code (CVE-2020-0569)
Additional notes
CVE ID CVE-2020-0569
UCS Bug number #50786