Описание
Security update for libqt4
This update for libqt4 fixes the following issues:
- CVE-2021-45930: Fixed out-of-bounds write leading to DoS (bsc#1196654)
- CVE-2023-32573: Fixed missing initialization of QtSvg QSvgFont m_unitsPerEm (bsc#1211298)
- CVE-2023-32763: Fixed buffer overflow on QTextLayout during rendering of an SVG file with an image inside (bsc#1211798)
- CVE-2023-34410: Fixed certificate validation not always considering whether the root of a chain is a configured CA certificate (bsc#1211994)
- CVE-2023-37369: Fixed buffer overflow in QXmlStreamReader (bsc#1214327)
- CVE-2023-38197: Fixed infinite loops in QXmlStreamReader (bsc#1213326)
- CVE-2025-5455: Fixed denial of service when qDecodeDataUrl() is called with malformed data and assertions are enabled (bsc#1245609)
Список пакетов
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
Ссылки
- Link for SUSE-SU-2025:02968-1
- E-Mail link for SUSE-SU-2025:02968-1
- SUSE Security Ratings
- SUSE Bug 1196654
- SUSE Bug 1211298
- SUSE Bug 1211798
- SUSE Bug 1211994
- SUSE Bug 1213326
- SUSE Bug 1214327
- SUSE Bug 1245609
- SUSE Bug 357727
- SUSE Bug 552218
- SUSE Bug 656144
- SUSE Bug 717127
- SUSE Bug 875470
- SUSE CVE CVE-2021-45930 page
- SUSE CVE CVE-2023-32573 page
- SUSE CVE CVE-2023-32763 page
- SUSE CVE CVE-2023-34410 page
- SUSE CVE CVE-2023-37369 page
Описание
Qt SVG in Qt 5.0.0 through 5.15.2 and 6.0.0 through 6.2.1 has an out-of-bounds write in QtPrivate::QCommonArrayOps<QPainterPath::Element>::growAppend (called from QPainterPath::addPath and QPathClipper::intersect).
Затронутые продукты
Ссылки
- CVE-2021-45930
- SUSE Bug 1196654
Описание
In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled.
Затронутые продукты
Ссылки
- CVE-2023-32573
- SUSE Bug 1211298
Описание
An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered.
Затронутые продукты
Ссылки
- CVE-2023-32763
- SUSE Bug 1211798
- SUSE Bug 1212745
Описание
An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2. Certificate validation for TLS does not always consider whether the root of a chain is a configured CA certificate.
Затронутые продукты
Ссылки
- CVE-2023-34410
- SUSE Bug 1211994
Описание
In Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2, there can be an application crash in QXmlStreamReader via a crafted XML string that triggers a situation in which a prefix is greater than a length.
Затронутые продукты
Ссылки
- CVE-2023-37369
- SUSE Bug 1214327
Описание
An issue was discovered in Qt before 5.15.15, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3. There are infinite loops in recursive entity expansion.
Затронутые продукты
Ссылки
- CVE-2023-38197
- SUSE Bug 1213326
Описание
An issue was found in the private API function qDecodeDataUrl() in QtCore, which is used in QTextDocument and QNetworkReply, and, potentially, in user code. If the function was called with malformed data, for example, an URL that contained a "charset" parameter that lacked a value (such as "data:charset,"), and Qt was built with assertions enabled, then it would hit an assertion, resulting in a denial of service (abort). This impacts Qt up to 5.15.18, 6.0.0->6.5.8, 6.6.0->6.8.3 and 6.9.0. This has been fixed in 5.15.19, 6.5.9, 6.8.4 and 6.9.1.
Затронутые продукты
Ссылки
- CVE-2025-5455
- SUSE Bug 1243958
- SUSE Bug 1245610