File _patchinfo of Package patchinfo.30298

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.30298

<patchinfo incident="30298">
  <issue tracker="cve" id="2023-32763"/>
  <issue tracker="cve" id="2023-33285"/>
  <issue tracker="cve" id="2023-32762"/>
  <issue tracker="cve" id="2023-38197"/>
  <issue tracker="cve" id="2023-34410"/>
  <issue tracker="bnc" id="1211798">VUL-0: CVE-2023-32763: qt3,libqt5-qtbase,qt6-base,libqt4: When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered</issue>
  <issue tracker="bnc" id="1211642">VUL-0: CVE-2023-33285: libqt5-qtbase,qt6-base: Buffer overflow in QDnsLookup</issue>
  <issue tracker="bnc" id="1213326">VUL-0: CVE-2023-38197: qt6-base,qt3,libqt4,libqt5-qtbase: infinite loops in QXmlStreamReader</issue>
  <issue tracker="bnc" id="1211994">VUL-0: CVE-2023-34410: libqt5-qtbase,qt6-base: certificate validation does not always consider whether the root of a chain is a configured CA certificate</issue>
  <issue tracker="bnc" id="1211797">VUL-0: CVE-2023-32762: qt6-base,qt3,libqt4,libqt5-qtbase: Qt Network incorrectly parses the strict-transport-security (HSTS) header</issue>
  <packager>alarrosa</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for qt6-base</summary>
  <description>This update for qt6-base fixes the following issues:

- CVE-2023-34410: Fixed certificate validation flaw (bsc#1211994).
- CVE-2023-33285: Fixed buffer overflow in QDnsLookup (bsc#1211642).
- CVE-2023-32762: Fixed strict-transport-security (HSTS) header parsing error (QTBUG-113392) (bsc#1211797).
- CVE-2023-38197: Fixed infinite loops in QXmlStreamReader (QTBUG-92113, QTBUG-95188) (bsc#1213326).
- CVE-2023-32763: Fixed buffer overflow in QTextLayout (QTBUG-113337, QTBUG-106947, QTBUG-89557, QTBUG-104986) (bsc#1211798).
</description>
</patchinfo>

Places

File _patchinfo of Package patchinfo.30298

Places