SUSE-SU-2025:3723-1

Опубликовано: 22 окт. 2025

Источник: suse-cvrf

Описание

Security update for libqt5-qtbase

This update for libqt5-qtbase fixes the following issues:

Security issues fixed:

CVE-2025-5455: processing of malformed data in qDecodeDataUrl() can trigger assertion and cause a crash (bsc#1243958).
CVE-2025-30348: complex algorithm used in encodeText in QDom when processing XML data can cause low performance (bsc#1239896).

Other issues fixed:

Initialize a member variable in QObjectPrivate::Signal that was uninitialized under some circumstances.
Fix a crash when parsing a particular glyph in a particular font.
Avoid repeatedly registering xsettings callbacks when switching cursor themes.
Check validity of RandR output info before using it.
Fix reparenting a window so it takes effect even if there are no other state changes to the window.

Список пакетов

Image SLES15-SP6-SAP-Azure-3P

libQt5Core5-5.15.12+kde151-150600.3.9.1

libQt5DBus5-5.15.12+kde151-150600.3.9.1

libQt5Gui5-5.15.12+kde151-150600.3.9.1

libQt5Network5-5.15.12+kde151-150600.3.9.1

libQt5Widgets5-5.15.12+kde151-150600.3.9.1

Image SLES15-SP6-SAP-BYOS

libQt5Core5-5.15.12+kde151-150600.3.9.1

libQt5DBus5-5.15.12+kde151-150600.3.9.1

libQt5Gui5-5.15.12+kde151-150600.3.9.1

libQt5Network5-5.15.12+kde151-150600.3.9.1

libQt5Widgets5-5.15.12+kde151-150600.3.9.1

Image SLES15-SP6-SAP-BYOS-Azure

libQt5Core5-5.15.12+kde151-150600.3.9.1

libQt5DBus5-5.15.12+kde151-150600.3.9.1

libQt5Gui5-5.15.12+kde151-150600.3.9.1

libQt5Network5-5.15.12+kde151-150600.3.9.1

libQt5Widgets5-5.15.12+kde151-150600.3.9.1

Image SLES15-SP6-SAP-Hardened-BYOS

libQt5Core5-5.15.12+kde151-150600.3.9.1

libQt5DBus5-5.15.12+kde151-150600.3.9.1

libQt5Gui5-5.15.12+kde151-150600.3.9.1

libQt5Network5-5.15.12+kde151-150600.3.9.1

libQt5Widgets5-5.15.12+kde151-150600.3.9.1

Image SLES15-SP6-SAP-Hardened-BYOS-EC2

libQt5Core5-5.15.12+kde151-150600.3.9.1

libQt5DBus5-5.15.12+kde151-150600.3.9.1

libQt5Gui5-5.15.12+kde151-150600.3.9.1

libQt5Network5-5.15.12+kde151-150600.3.9.1

libQt5Widgets5-5.15.12+kde151-150600.3.9.1

Image SLES15-SP6-SAP-Hardened-EC2

libQt5Core5-5.15.12+kde151-150600.3.9.1

libQt5DBus5-5.15.12+kde151-150600.3.9.1

libQt5Gui5-5.15.12+kde151-150600.3.9.1

libQt5Network5-5.15.12+kde151-150600.3.9.1

libQt5Widgets5-5.15.12+kde151-150600.3.9.1

SUSE Linux Enterprise Module for Basesystem 15 SP6

libQt5Concurrent-devel-5.15.12+kde151-150600.3.9.1

libQt5Concurrent5-5.15.12+kde151-150600.3.9.1

libQt5Core-devel-5.15.12+kde151-150600.3.9.1

libQt5Core-private-headers-devel-5.15.12+kde151-150600.3.9.1

libQt5Core5-5.15.12+kde151-150600.3.9.1

libQt5DBus-devel-5.15.12+kde151-150600.3.9.1

libQt5DBus-private-headers-devel-5.15.12+kde151-150600.3.9.1

libQt5DBus5-5.15.12+kde151-150600.3.9.1

libQt5Gui-devel-5.15.12+kde151-150600.3.9.1

libQt5Gui-private-headers-devel-5.15.12+kde151-150600.3.9.1

libQt5Gui5-5.15.12+kde151-150600.3.9.1

libQt5KmsSupport-devel-static-5.15.12+kde151-150600.3.9.1

libQt5KmsSupport-private-headers-devel-5.15.12+kde151-150600.3.9.1

libQt5Network-devel-5.15.12+kde151-150600.3.9.1

libQt5Network-private-headers-devel-5.15.12+kde151-150600.3.9.1

libQt5Network5-5.15.12+kde151-150600.3.9.1

libQt5OpenGL-devel-5.15.12+kde151-150600.3.9.1

libQt5OpenGL-private-headers-devel-5.15.12+kde151-150600.3.9.1

libQt5OpenGL5-5.15.12+kde151-150600.3.9.1

libQt5PlatformHeaders-devel-5.15.12+kde151-150600.3.9.1

libQt5PlatformSupport-devel-static-5.15.12+kde151-150600.3.9.1

libQt5PlatformSupport-private-headers-devel-5.15.12+kde151-150600.3.9.1

libQt5PrintSupport-devel-5.15.12+kde151-150600.3.9.1

libQt5PrintSupport-private-headers-devel-5.15.12+kde151-150600.3.9.1

libQt5PrintSupport5-5.15.12+kde151-150600.3.9.1

libQt5Sql-devel-5.15.12+kde151-150600.3.9.1

libQt5Sql-private-headers-devel-5.15.12+kde151-150600.3.9.1

libQt5Sql5-5.15.12+kde151-150600.3.9.1

libQt5Sql5-sqlite-5.15.12+kde151-150600.3.9.1

libQt5Test-devel-5.15.12+kde151-150600.3.9.1

libQt5Test-private-headers-devel-5.15.12+kde151-150600.3.9.1

libQt5Test5-5.15.12+kde151-150600.3.9.1

libQt5Widgets-devel-5.15.12+kde151-150600.3.9.1

libQt5Widgets-private-headers-devel-5.15.12+kde151-150600.3.9.1

libQt5Widgets5-5.15.12+kde151-150600.3.9.1

libQt5Xml-devel-5.15.12+kde151-150600.3.9.1

libQt5Xml5-5.15.12+kde151-150600.3.9.1

libqt5-qtbase-common-devel-5.15.12+kde151-150600.3.9.1

libqt5-qtbase-devel-5.15.12+kde151-150600.3.9.1

libqt5-qtbase-private-headers-devel-5.15.12+kde151-150600.3.9.1

SUSE Linux Enterprise Module for Basesystem 15 SP7

libQt5Concurrent-devel-5.15.12+kde151-150600.3.9.1

libQt5Concurrent5-5.15.12+kde151-150600.3.9.1

libQt5Core-devel-5.15.12+kde151-150600.3.9.1

libQt5Core-private-headers-devel-5.15.12+kde151-150600.3.9.1

libQt5Core5-5.15.12+kde151-150600.3.9.1

libQt5DBus-devel-5.15.12+kde151-150600.3.9.1

libQt5DBus-private-headers-devel-5.15.12+kde151-150600.3.9.1

libQt5DBus5-5.15.12+kde151-150600.3.9.1

libQt5Gui-devel-5.15.12+kde151-150600.3.9.1

libQt5Gui-private-headers-devel-5.15.12+kde151-150600.3.9.1

libQt5Gui5-5.15.12+kde151-150600.3.9.1

libQt5KmsSupport-devel-static-5.15.12+kde151-150600.3.9.1

libQt5KmsSupport-private-headers-devel-5.15.12+kde151-150600.3.9.1

libQt5Network-devel-5.15.12+kde151-150600.3.9.1

libQt5Network-private-headers-devel-5.15.12+kde151-150600.3.9.1

libQt5Network5-5.15.12+kde151-150600.3.9.1

libQt5OpenGL-devel-5.15.12+kde151-150600.3.9.1

libQt5OpenGL-private-headers-devel-5.15.12+kde151-150600.3.9.1

libQt5OpenGL5-5.15.12+kde151-150600.3.9.1

libQt5PlatformHeaders-devel-5.15.12+kde151-150600.3.9.1

libQt5PlatformSupport-devel-static-5.15.12+kde151-150600.3.9.1

libQt5PlatformSupport-private-headers-devel-5.15.12+kde151-150600.3.9.1

libQt5PrintSupport-devel-5.15.12+kde151-150600.3.9.1

libQt5PrintSupport-private-headers-devel-5.15.12+kde151-150600.3.9.1

libQt5PrintSupport5-5.15.12+kde151-150600.3.9.1

libQt5Sql-devel-5.15.12+kde151-150600.3.9.1

libQt5Sql-private-headers-devel-5.15.12+kde151-150600.3.9.1

libQt5Sql5-5.15.12+kde151-150600.3.9.1

libQt5Sql5-sqlite-5.15.12+kde151-150600.3.9.1

libQt5Test-devel-5.15.12+kde151-150600.3.9.1

libQt5Test-private-headers-devel-5.15.12+kde151-150600.3.9.1

libQt5Test5-5.15.12+kde151-150600.3.9.1

libQt5Widgets-devel-5.15.12+kde151-150600.3.9.1

libQt5Widgets-private-headers-devel-5.15.12+kde151-150600.3.9.1

libQt5Widgets5-5.15.12+kde151-150600.3.9.1

libQt5Xml-devel-5.15.12+kde151-150600.3.9.1

libQt5Xml5-5.15.12+kde151-150600.3.9.1

libqt5-qtbase-common-devel-5.15.12+kde151-150600.3.9.1

libqt5-qtbase-devel-5.15.12+kde151-150600.3.9.1

libqt5-qtbase-private-headers-devel-5.15.12+kde151-150600.3.9.1

SUSE Linux Enterprise Module for Desktop Applications 15 SP6

libQt5OpenGLExtensions-devel-static-5.15.12+kde151-150600.3.9.1

libQt5Sql5-mysql-5.15.12+kde151-150600.3.9.1

libQt5Sql5-postgresql-5.15.12+kde151-150600.3.9.1

libQt5Sql5-unixODBC-5.15.12+kde151-150600.3.9.1

libqt5-qtbase-platformtheme-gtk3-5.15.12+kde151-150600.3.9.1

SUSE Linux Enterprise Module for Desktop Applications 15 SP7

libQt5OpenGLExtensions-devel-static-5.15.12+kde151-150600.3.9.1

libQt5Sql5-mysql-5.15.12+kde151-150600.3.9.1

libQt5Sql5-postgresql-5.15.12+kde151-150600.3.9.1

libQt5Sql5-unixODBC-5.15.12+kde151-150600.3.9.1

libqt5-qtbase-platformtheme-gtk3-5.15.12+kde151-150600.3.9.1

openSUSE Leap 15.6

libQt5Bootstrap-devel-static-5.15.12+kde151-150600.3.9.1

libQt5Bootstrap-devel-static-32bit-5.15.12+kde151-150600.3.9.1

libQt5Concurrent-devel-5.15.12+kde151-150600.3.9.1

libQt5Concurrent-devel-32bit-5.15.12+kde151-150600.3.9.1

libQt5Concurrent5-5.15.12+kde151-150600.3.9.1

libQt5Concurrent5-32bit-5.15.12+kde151-150600.3.9.1

libQt5Core-devel-5.15.12+kde151-150600.3.9.1

libQt5Core-devel-32bit-5.15.12+kde151-150600.3.9.1

libQt5Core-private-headers-devel-5.15.12+kde151-150600.3.9.1

libQt5Core5-5.15.12+kde151-150600.3.9.1

libQt5Core5-32bit-5.15.12+kde151-150600.3.9.1

libQt5DBus-devel-5.15.12+kde151-150600.3.9.1

libQt5DBus-devel-32bit-5.15.12+kde151-150600.3.9.1

libQt5DBus-private-headers-devel-5.15.12+kde151-150600.3.9.1

libQt5DBus5-5.15.12+kde151-150600.3.9.1

libQt5DBus5-32bit-5.15.12+kde151-150600.3.9.1

libQt5Gui-devel-5.15.12+kde151-150600.3.9.1

libQt5Gui-devel-32bit-5.15.12+kde151-150600.3.9.1

libQt5Gui-private-headers-devel-5.15.12+kde151-150600.3.9.1

libQt5Gui5-5.15.12+kde151-150600.3.9.1

libQt5Gui5-32bit-5.15.12+kde151-150600.3.9.1

libQt5KmsSupport-devel-static-5.15.12+kde151-150600.3.9.1

libQt5KmsSupport-private-headers-devel-5.15.12+kde151-150600.3.9.1

libQt5Network-devel-5.15.12+kde151-150600.3.9.1

libQt5Network-devel-32bit-5.15.12+kde151-150600.3.9.1

libQt5Network-private-headers-devel-5.15.12+kde151-150600.3.9.1

libQt5Network5-5.15.12+kde151-150600.3.9.1

libQt5Network5-32bit-5.15.12+kde151-150600.3.9.1

libQt5OpenGL-devel-5.15.12+kde151-150600.3.9.1

libQt5OpenGL-devel-32bit-5.15.12+kde151-150600.3.9.1

libQt5OpenGL-private-headers-devel-5.15.12+kde151-150600.3.9.1

libQt5OpenGL5-5.15.12+kde151-150600.3.9.1

libQt5OpenGL5-32bit-5.15.12+kde151-150600.3.9.1

libQt5OpenGLExtensions-devel-static-5.15.12+kde151-150600.3.9.1

libQt5OpenGLExtensions-devel-static-32bit-5.15.12+kde151-150600.3.9.1

libQt5PlatformHeaders-devel-5.15.12+kde151-150600.3.9.1

libQt5PlatformSupport-devel-static-5.15.12+kde151-150600.3.9.1

libQt5PlatformSupport-devel-static-32bit-5.15.12+kde151-150600.3.9.1

libQt5PlatformSupport-private-headers-devel-5.15.12+kde151-150600.3.9.1

libQt5PrintSupport-devel-5.15.12+kde151-150600.3.9.1

libQt5PrintSupport-devel-32bit-5.15.12+kde151-150600.3.9.1

libQt5PrintSupport-private-headers-devel-5.15.12+kde151-150600.3.9.1

libQt5PrintSupport5-5.15.12+kde151-150600.3.9.1

libQt5PrintSupport5-32bit-5.15.12+kde151-150600.3.9.1

libQt5Sql-devel-5.15.12+kde151-150600.3.9.1

libQt5Sql-devel-32bit-5.15.12+kde151-150600.3.9.1

libQt5Sql-private-headers-devel-5.15.12+kde151-150600.3.9.1

libQt5Sql5-5.15.12+kde151-150600.3.9.1

libQt5Sql5-32bit-5.15.12+kde151-150600.3.9.1

libQt5Sql5-mysql-5.15.12+kde151-150600.3.9.1

libQt5Sql5-mysql-32bit-5.15.12+kde151-150600.3.9.1

libQt5Sql5-postgresql-5.15.12+kde151-150600.3.9.1

libQt5Sql5-postgresql-32bit-5.15.12+kde151-150600.3.9.1

libQt5Sql5-sqlite-5.15.12+kde151-150600.3.9.1

libQt5Sql5-sqlite-32bit-5.15.12+kde151-150600.3.9.1

libQt5Sql5-unixODBC-5.15.12+kde151-150600.3.9.1

libQt5Sql5-unixODBC-32bit-5.15.12+kde151-150600.3.9.1

libQt5Test-devel-5.15.12+kde151-150600.3.9.1

libQt5Test-devel-32bit-5.15.12+kde151-150600.3.9.1

libQt5Test-private-headers-devel-5.15.12+kde151-150600.3.9.1

libQt5Test5-5.15.12+kde151-150600.3.9.1

libQt5Test5-32bit-5.15.12+kde151-150600.3.9.1

libQt5Widgets-devel-5.15.12+kde151-150600.3.9.1

libQt5Widgets-devel-32bit-5.15.12+kde151-150600.3.9.1

libQt5Widgets-private-headers-devel-5.15.12+kde151-150600.3.9.1

libQt5Widgets5-5.15.12+kde151-150600.3.9.1

libQt5Widgets5-32bit-5.15.12+kde151-150600.3.9.1

libQt5Xml-devel-5.15.12+kde151-150600.3.9.1

libQt5Xml-devel-32bit-5.15.12+kde151-150600.3.9.1

libQt5Xml5-5.15.12+kde151-150600.3.9.1

libQt5Xml5-32bit-5.15.12+kde151-150600.3.9.1

libqt5-qtbase-common-devel-5.15.12+kde151-150600.3.9.1

libqt5-qtbase-devel-5.15.12+kde151-150600.3.9.1

libqt5-qtbase-examples-5.15.12+kde151-150600.3.9.1

libqt5-qtbase-examples-32bit-5.15.12+kde151-150600.3.9.1

libqt5-qtbase-platformtheme-gtk3-5.15.12+kde151-150600.3.9.1

libqt5-qtbase-platformtheme-xdgdesktopportal-5.15.12+kde151-150600.3.9.1

libqt5-qtbase-private-headers-devel-5.15.12+kde151-150600.3.9.1

Ссылки

https://www.suse.com/support/update/announcement/2025/suse-su-20253723-1/
Link for SUSE-SU-2025:3723-1
https://lists.suse.com/pipermail/sle-security-updates/2025-October/022969.html
E-Mail link for SUSE-SU-2025:3723-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1239896
SUSE Bug 1239896
https://bugzilla.suse.com/1243958
SUSE Bug 1243958
https://www.suse.com/security/cve/CVE-2025-30348/
SUSE CVE CVE-2025-30348 page
https://www.suse.com/security/cve/CVE-2025-5455/
SUSE CVE CVE-2025-5455 page

Описание

encodeText in QDom in Qt before 6.8.0 has a complex algorithm involving XML string copy and inline replacement of parts of a string (with relocation of later data).

Затронутые продукты

Image SLES15-SP6-SAP-Azure-3P:libQt5Core5-5.15.12+kde151-150600.3.9.1

Image SLES15-SP6-SAP-Azure-3P:libQt5DBus5-5.15.12+kde151-150600.3.9.1

Image SLES15-SP6-SAP-Azure-3P:libQt5Gui5-5.15.12+kde151-150600.3.9.1

Image SLES15-SP6-SAP-Azure-3P:libQt5Network5-5.15.12+kde151-150600.3.9.1

Ссылки

https://www.suse.com/security/cve/CVE-2025-30348.html
CVE-2025-30348
https://bugzilla.suse.com/1239895
SUSE Bug 1239895

Описание

An issue was found in the private API function qDecodeDataUrl() in QtCore, which is used in QTextDocument and QNetworkReply, and, potentially, in user code. If the function was called with malformed data, for example, an URL that contained a "charset" parameter that lacked a value (such as "data:charset,"), and Qt was built with assertions enabled, then it would hit an assertion, resulting in a denial of service (abort). This impacts Qt up to 5.15.18, 6.0.0->6.5.8, 6.6.0->6.8.3 and 6.9.0. This has been fixed in 5.15.19, 6.5.9, 6.8.4 and 6.9.1.

Затронутые продукты

Image SLES15-SP6-SAP-Azure-3P:libQt5Core5-5.15.12+kde151-150600.3.9.1

Image SLES15-SP6-SAP-Azure-3P:libQt5DBus5-5.15.12+kde151-150600.3.9.1

Image SLES15-SP6-SAP-Azure-3P:libQt5Gui5-5.15.12+kde151-150600.3.9.1

Image SLES15-SP6-SAP-Azure-3P:libQt5Network5-5.15.12+kde151-150600.3.9.1

Ссылки

https://www.suse.com/security/cve/CVE-2025-5455.html
CVE-2025-5455
https://bugzilla.suse.com/1243958
SUSE Bug 1243958
https://bugzilla.suse.com/1245610
SUSE Bug 1245610

SUSE-SU-2025:3723-1

Описание

Список пакетов

Image SLES15-SP6-SAP-Azure-3P

Image SLES15-SP6-SAP-BYOS

Image SLES15-SP6-SAP-BYOS-Azure

Image SLES15-SP6-SAP-Hardened-BYOS

Image SLES15-SP6-SAP-Hardened-BYOS-EC2

Image SLES15-SP6-SAP-Hardened-EC2

SUSE Linux Enterprise Module for Basesystem 15 SP6

SUSE Linux Enterprise Module for Basesystem 15 SP7

SUSE Linux Enterprise Module for Desktop Applications 15 SP6

SUSE Linux Enterprise Module for Desktop Applications 15 SP7

openSUSE Leap 15.6

Ссылки

Уязвимость: CVE-2025-30348

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2025-5455

Описание

Затронутые продукты

Ссылки