Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2023:2971-1

Опубликовано: 26 июл. 2023
Источник: suse-cvrf

Описание

Security update for libqt5-qtbase

This update for libqt5-qtbase fixes the following issues:

  • CVE-2023-24607: Fixed Qt SQL ODBC driver plugin DOS (bsc#1209616).
  • CVE-2023-33285: Fixed buffer overflow in QDnsLookup (bsc#1211642).
  • CVE-2023-34410: Fixed certificate validation does not always consider whether the root of a chain is a configured CA certificate (bsc#1211994).
  • CVE-2023-38197: Fixed infinite loops in QXmlStreamReader(bsc#1213326).

Список пакетов

Image SLES12-SP5-Azure-SAP-BYOS
libQt5Core5-5.6.2-6.36.1
libQt5DBus5-5.6.2-6.36.1
libQt5Gui5-5.6.2-6.36.1
libQt5Network5-5.6.2-6.36.1
libQt5Widgets5-5.6.2-6.36.1
Image SLES12-SP5-Azure-SAP-On-Demand
libQt5Core5-5.6.2-6.36.1
libQt5DBus5-5.6.2-6.36.1
libQt5Gui5-5.6.2-6.36.1
libQt5Network5-5.6.2-6.36.1
libQt5Widgets5-5.6.2-6.36.1
Image SLES12-SP5-EC2-SAP-BYOS
libQt5Core5-5.6.2-6.36.1
libQt5DBus5-5.6.2-6.36.1
libQt5Gui5-5.6.2-6.36.1
libQt5Network5-5.6.2-6.36.1
libQt5Widgets5-5.6.2-6.36.1
Image SLES12-SP5-EC2-SAP-On-Demand
libQt5Core5-5.6.2-6.36.1
libQt5DBus5-5.6.2-6.36.1
libQt5Gui5-5.6.2-6.36.1
libQt5Network5-5.6.2-6.36.1
libQt5Widgets5-5.6.2-6.36.1
Image SLES12-SP5-GCE-SAP-BYOS
libQt5Core5-5.6.2-6.36.1
libQt5DBus5-5.6.2-6.36.1
libQt5Gui5-5.6.2-6.36.1
libQt5Network5-5.6.2-6.36.1
libQt5Widgets5-5.6.2-6.36.1
Image SLES12-SP5-GCE-SAP-On-Demand
libQt5Core5-5.6.2-6.36.1
libQt5DBus5-5.6.2-6.36.1
libQt5Gui5-5.6.2-6.36.1
libQt5Network5-5.6.2-6.36.1
libQt5Widgets5-5.6.2-6.36.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
libQt5Core5-5.6.2-6.36.1
libQt5DBus5-5.6.2-6.36.1
libQt5Gui5-5.6.2-6.36.1
libQt5Network5-5.6.2-6.36.1
libQt5Widgets5-5.6.2-6.36.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
libQt5Core5-5.6.2-6.36.1
libQt5DBus5-5.6.2-6.36.1
libQt5Gui5-5.6.2-6.36.1
libQt5Network5-5.6.2-6.36.1
libQt5Widgets5-5.6.2-6.36.1
SUSE Linux Enterprise Server 12 SP5
libQt5Concurrent5-5.6.2-6.36.1
libQt5Core5-5.6.2-6.36.1
libQt5DBus5-5.6.2-6.36.1
libQt5Gui5-5.6.2-6.36.1
libQt5Network5-5.6.2-6.36.1
libQt5OpenGL5-5.6.2-6.36.1
libQt5PrintSupport5-5.6.2-6.36.1
libQt5Sql5-5.6.2-6.36.1
libQt5Sql5-mysql-5.6.2-6.36.1
libQt5Sql5-postgresql-5.6.2-6.36.1
libQt5Sql5-sqlite-5.6.2-6.36.1
libQt5Sql5-unixODBC-5.6.2-6.36.1
libQt5Test5-5.6.2-6.36.1
libQt5Widgets5-5.6.2-6.36.1
libQt5Xml5-5.6.2-6.36.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
libQt5Concurrent5-5.6.2-6.36.1
libQt5Core5-5.6.2-6.36.1
libQt5DBus5-5.6.2-6.36.1
libQt5Gui5-5.6.2-6.36.1
libQt5Network5-5.6.2-6.36.1
libQt5OpenGL5-5.6.2-6.36.1
libQt5PrintSupport5-5.6.2-6.36.1
libQt5Sql5-5.6.2-6.36.1
libQt5Sql5-mysql-5.6.2-6.36.1
libQt5Sql5-postgresql-5.6.2-6.36.1
libQt5Sql5-sqlite-5.6.2-6.36.1
libQt5Sql5-unixODBC-5.6.2-6.36.1
libQt5Test5-5.6.2-6.36.1
libQt5Widgets5-5.6.2-6.36.1
libQt5Xml5-5.6.2-6.36.1
SUSE Linux Enterprise Software Development Kit 12 SP5
libQt5Bootstrap-devel-static-5.6.2-6.36.1
libQt5Concurrent-devel-5.6.2-6.36.1
libQt5Core-devel-5.6.2-6.36.1
libQt5Core-private-headers-devel-5.6.2-6.36.1
libQt5DBus-devel-5.6.2-6.36.1
libQt5DBus-private-headers-devel-5.6.2-6.36.1
libQt5Gui-devel-5.6.2-6.36.1
libQt5Gui-private-headers-devel-5.6.2-6.36.1
libQt5Network-devel-5.6.2-6.36.1
libQt5Network-private-headers-devel-5.6.2-6.36.1
libQt5OpenGL-devel-5.6.2-6.36.1
libQt5OpenGL-private-headers-devel-5.6.2-6.36.1
libQt5OpenGLExtensions-devel-static-5.6.2-6.36.1
libQt5PlatformHeaders-devel-5.6.2-6.36.1
libQt5PlatformSupport-devel-static-5.6.2-6.36.1
libQt5PlatformSupport-private-headers-devel-5.6.2-6.36.1
libQt5PrintSupport-devel-5.6.2-6.36.1
libQt5PrintSupport-private-headers-devel-5.6.2-6.36.1
libQt5Sql-devel-5.6.2-6.36.1
libQt5Sql-private-headers-devel-5.6.2-6.36.1
libQt5Test-devel-5.6.2-6.36.1
libQt5Test-private-headers-devel-5.6.2-6.36.1
libQt5Widgets-devel-5.6.2-6.36.1
libQt5Widgets-private-headers-devel-5.6.2-6.36.1
libQt5Xml-devel-5.6.2-6.36.1
libqt5-qtbase-common-devel-5.6.2-6.36.1
libqt5-qtbase-devel-5.6.2-6.36.1
libqt5-qtbase-private-headers-devel-5.6.2-6.36.1

Ссылки

Описание

Qt before 6.4.3 allows a denial of service via a crafted string when the SQL ODBC driver plugin is used and the size of SQLTCHAR is 4. The affected versions are 5.x before 5.15.13, 6.x before 6.2.8, and 6.3.x before 6.4.3.

Затронутые продукты
Image SLES12-SP5-Azure-SAP-BYOS:libQt5Core5-5.6.2-6.36.1
Image SLES12-SP5-Azure-SAP-BYOS:libQt5DBus5-5.6.2-6.36.1
Image SLES12-SP5-Azure-SAP-BYOS:libQt5Gui5-5.6.2-6.36.1
Image SLES12-SP5-Azure-SAP-BYOS:libQt5Network5-5.6.2-6.36.1
Ссылки

Описание

An issue was discovered in Qt 5.x before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. QDnsLookup has a buffer over-read via a crafted reply from a DNS server.

Затронутые продукты
Image SLES12-SP5-Azure-SAP-BYOS:libQt5Core5-5.6.2-6.36.1
Image SLES12-SP5-Azure-SAP-BYOS:libQt5DBus5-5.6.2-6.36.1
Image SLES12-SP5-Azure-SAP-BYOS:libQt5Gui5-5.6.2-6.36.1
Image SLES12-SP5-Azure-SAP-BYOS:libQt5Network5-5.6.2-6.36.1
Ссылки

Описание

An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2. Certificate validation for TLS does not always consider whether the root of a chain is a configured CA certificate.

Затронутые продукты
Image SLES12-SP5-Azure-SAP-BYOS:libQt5Core5-5.6.2-6.36.1
Image SLES12-SP5-Azure-SAP-BYOS:libQt5DBus5-5.6.2-6.36.1
Image SLES12-SP5-Azure-SAP-BYOS:libQt5Gui5-5.6.2-6.36.1
Image SLES12-SP5-Azure-SAP-BYOS:libQt5Network5-5.6.2-6.36.1
Ссылки

Описание

An issue was discovered in Qt before 5.15.15, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3. There are infinite loops in recursive entity expansion.

Затронутые продукты
Image SLES12-SP5-Azure-SAP-BYOS:libQt5Core5-5.6.2-6.36.1
Image SLES12-SP5-Azure-SAP-BYOS:libQt5DBus5-5.6.2-6.36.1
Image SLES12-SP5-Azure-SAP-BYOS:libQt5Gui5-5.6.2-6.36.1
Image SLES12-SP5-Azure-SAP-BYOS:libQt5Network5-5.6.2-6.36.1
Ссылки
Уязвимость SUSE-SU-2023:2971-1