SUSE-SU-2020:2357-1

Опубликовано: 27 авг. 2020

Источник: suse-cvrf

Описание

Security update for libqt5-qtbase

This update for libqt5-qtbase fixes the following issues:

Fixed a possible crash in certificate parsing.
Fixed a DoS in QSslSocket (bsc#1172726, CVE-2020-13962).
Added support for PostgreSQL 12 (bsc#1173758).

Список пакетов

Image SLES15-SP2-SAP-Azure

libQt5Core5-5.12.7-4.3.1

libQt5DBus5-5.12.7-4.3.1

libQt5Gui5-5.12.7-4.3.1

libQt5Network5-5.12.7-4.3.1

libQt5Widgets5-5.12.7-4.3.1

Image SLES15-SP2-SAP-Azure-LI-BYOS-Production

libQt5Core5-5.12.7-4.3.1

libQt5DBus5-5.12.7-4.3.1

libQt5Gui5-5.12.7-4.3.1

libQt5Network5-5.12.7-4.3.1

libQt5Widgets5-5.12.7-4.3.1

Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production

libQt5Core5-5.12.7-4.3.1

libQt5DBus5-5.12.7-4.3.1

libQt5Gui5-5.12.7-4.3.1

libQt5Network5-5.12.7-4.3.1

libQt5Widgets5-5.12.7-4.3.1

Image SLES15-SP2-SAP-BYOS-Azure

libQt5Core5-5.12.7-4.3.1

libQt5DBus5-5.12.7-4.3.1

libQt5Gui5-5.12.7-4.3.1

libQt5Network5-5.12.7-4.3.1

libQt5Widgets5-5.12.7-4.3.1

Image SLES15-SP2-SAP-BYOS-EC2-HVM

libQt5Core5-5.12.7-4.3.1

libQt5DBus5-5.12.7-4.3.1

libQt5Gui5-5.12.7-4.3.1

libQt5Network5-5.12.7-4.3.1

libQt5Widgets5-5.12.7-4.3.1

Image SLES15-SP2-SAP-BYOS-GCE

libQt5Core5-5.12.7-4.3.1

libQt5DBus5-5.12.7-4.3.1

libQt5Gui5-5.12.7-4.3.1

libQt5Network5-5.12.7-4.3.1

libQt5Widgets5-5.12.7-4.3.1

Image SLES15-SP2-SAP-EC2-HVM

libQt5Core5-5.12.7-4.3.1

libQt5DBus5-5.12.7-4.3.1

libQt5Gui5-5.12.7-4.3.1

libQt5Network5-5.12.7-4.3.1

libQt5Widgets5-5.12.7-4.3.1

Image SLES15-SP2-SAP-GCE

libQt5Core5-5.12.7-4.3.1

libQt5DBus5-5.12.7-4.3.1

libQt5Gui5-5.12.7-4.3.1

libQt5Network5-5.12.7-4.3.1

libQt5Widgets5-5.12.7-4.3.1

Image SLES15-SP3-SAP-BYOS-Azure

libQt5Core5-5.12.7-4.3.1

libQt5DBus5-5.12.7-4.3.1

libQt5Gui5-5.12.7-4.3.1

libQt5Network5-5.12.7-4.3.1

libQt5Widgets5-5.12.7-4.3.1

Image SLES15-SP3-SAP-BYOS-EC2-HVM

libQt5Core5-5.12.7-4.3.1

libQt5DBus5-5.12.7-4.3.1

libQt5Gui5-5.12.7-4.3.1

libQt5Network5-5.12.7-4.3.1

libQt5Widgets5-5.12.7-4.3.1

Image SLES15-SP3-SAP-BYOS-GCE

libQt5Core5-5.12.7-4.3.1

libQt5DBus5-5.12.7-4.3.1

libQt5Gui5-5.12.7-4.3.1

libQt5Network5-5.12.7-4.3.1

libQt5Widgets5-5.12.7-4.3.1

SUSE Linux Enterprise Module for Basesystem 15 SP2

libQt5Concurrent-devel-5.12.7-4.3.1

libQt5Concurrent5-5.12.7-4.3.1

libQt5Core-devel-5.12.7-4.3.1

libQt5Core-private-headers-devel-5.12.7-4.3.1

libQt5Core5-5.12.7-4.3.1

libQt5DBus-devel-5.12.7-4.3.1

libQt5DBus-private-headers-devel-5.12.7-4.3.1

libQt5DBus5-5.12.7-4.3.1

libQt5Gui-devel-5.12.7-4.3.1

libQt5Gui-private-headers-devel-5.12.7-4.3.1

libQt5Gui5-5.12.7-4.3.1

libQt5KmsSupport-devel-static-5.12.7-4.3.1

libQt5KmsSupport-private-headers-devel-5.12.7-4.3.1

libQt5Network-devel-5.12.7-4.3.1

libQt5Network-private-headers-devel-5.12.7-4.3.1

libQt5Network5-5.12.7-4.3.1

libQt5OpenGL-devel-5.12.7-4.3.1

libQt5OpenGL-private-headers-devel-5.12.7-4.3.1

libQt5OpenGL5-5.12.7-4.3.1

libQt5PlatformHeaders-devel-5.12.7-4.3.1

libQt5PlatformSupport-devel-static-5.12.7-4.3.1

libQt5PlatformSupport-private-headers-devel-5.12.7-4.3.1

libQt5PrintSupport-devel-5.12.7-4.3.1

libQt5PrintSupport-private-headers-devel-5.12.7-4.3.1

libQt5PrintSupport5-5.12.7-4.3.1

libQt5Sql-devel-5.12.7-4.3.1

libQt5Sql-private-headers-devel-5.12.7-4.3.1

libQt5Sql5-5.12.7-4.3.1

libQt5Sql5-sqlite-5.12.7-4.3.1

libQt5Test-devel-5.12.7-4.3.1

libQt5Test-private-headers-devel-5.12.7-4.3.1

libQt5Test5-5.12.7-4.3.1

libQt5Widgets-devel-5.12.7-4.3.1

libQt5Widgets-private-headers-devel-5.12.7-4.3.1

libQt5Widgets5-5.12.7-4.3.1

libQt5Xml-devel-5.12.7-4.3.1

libQt5Xml5-5.12.7-4.3.1

libqt5-qtbase-common-devel-5.12.7-4.3.1

libqt5-qtbase-devel-5.12.7-4.3.1

libqt5-qtbase-private-headers-devel-5.12.7-4.3.1

SUSE Linux Enterprise Module for Desktop Applications 15 SP2

libQt5OpenGLExtensions-devel-static-5.12.7-4.3.1

libQt5Sql5-mysql-5.12.7-4.3.1

libQt5Sql5-postgresql-5.12.7-4.3.1

libQt5Sql5-unixODBC-5.12.7-4.3.1

libqt5-qtbase-platformtheme-gtk3-5.12.7-4.3.1

Ссылки

https://www.suse.com/support/update/announcement/2020/suse-su-20202357-1/
Link for SUSE-SU-2020:2357-1
https://lists.suse.com/pipermail/sle-security-updates/2020-August/007309.html
E-Mail link for SUSE-SU-2020:2357-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1172726
SUSE Bug 1172726
https://bugzilla.suse.com/1173758
SUSE Bug 1173758
https://www.suse.com/security/cve/CVE-2020-13962/
SUSE CVE CVE-2020-13962 page

Описание

Qt 5.12.2 through 5.14.2, as used in unofficial builds of Mumble 1.3.0 and other products, mishandles OpenSSL's error queue, which can cause a denial of service to QSslSocket users. Because errors leak in unrelated TLS sessions, an unrelated session may be disconnected when any handshake fails. (Mumble 1.3.1 is not affected, regardless of the Qt version.)

Затронутые продукты

Image SLES15-SP2-SAP-Azure-LI-BYOS-Production:libQt5Core5-5.12.7-4.3.1

Image SLES15-SP2-SAP-Azure-LI-BYOS-Production:libQt5DBus5-5.12.7-4.3.1

Image SLES15-SP2-SAP-Azure-LI-BYOS-Production:libQt5Gui5-5.12.7-4.3.1

Image SLES15-SP2-SAP-Azure-LI-BYOS-Production:libQt5Network5-5.12.7-4.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2020-13962.html
CVE-2020-13962
https://bugzilla.suse.com/1172726
SUSE Bug 1172726

SUSE-SU-2020:2357-1

Описание

Список пакетов

Image SLES15-SP2-SAP-Azure

Image SLES15-SP2-SAP-Azure-LI-BYOS-Production

Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production

Image SLES15-SP2-SAP-BYOS-Azure

Image SLES15-SP2-SAP-BYOS-EC2-HVM

Image SLES15-SP2-SAP-BYOS-GCE

Image SLES15-SP2-SAP-EC2-HVM

Image SLES15-SP2-SAP-GCE

Image SLES15-SP3-SAP-BYOS-Azure

Image SLES15-SP3-SAP-BYOS-EC2-HVM

Image SLES15-SP3-SAP-BYOS-GCE

SUSE Linux Enterprise Module for Basesystem 15 SP2

SUSE Linux Enterprise Module for Desktop Applications 15 SP2

Ссылки

Уязвимость: CVE-2020-13962

Описание

Затронутые продукты

Ссылки