openSUSE-SU-2020:1319-1

Опубликовано: 01 сент. 2020

Источник: suse-cvrf

Описание

Security update for libqt5-qtbase

This update for libqt5-qtbase fixes the following issues:

Fixed a possible crash in certificate parsing.
Fixed a DoS in QSslSocket (bsc#1172726, CVE-2020-13962).
Added support for PostgreSQL 12 (bsc#1173758).

This update was imported from the SUSE:SLE-15-SP2:Update update project.

Список пакетов

openSUSE Leap 15.2

libQt5Bootstrap-devel-static-5.12.7-lp152.3.3.1

libQt5Bootstrap-devel-static-32bit-5.12.7-lp152.3.3.1

libQt5Concurrent-devel-5.12.7-lp152.3.3.1

libQt5Concurrent-devel-32bit-5.12.7-lp152.3.3.1

libQt5Concurrent5-5.12.7-lp152.3.3.1

libQt5Concurrent5-32bit-5.12.7-lp152.3.3.1

libQt5Core-devel-5.12.7-lp152.3.3.1

libQt5Core-devel-32bit-5.12.7-lp152.3.3.1

libQt5Core-private-headers-devel-5.12.7-lp152.3.3.1

libQt5Core5-5.12.7-lp152.3.3.1

libQt5Core5-32bit-5.12.7-lp152.3.3.1

libQt5DBus-devel-5.12.7-lp152.3.3.1

libQt5DBus-devel-32bit-5.12.7-lp152.3.3.1

libQt5DBus-private-headers-devel-5.12.7-lp152.3.3.1

libQt5DBus5-5.12.7-lp152.3.3.1

libQt5DBus5-32bit-5.12.7-lp152.3.3.1

libQt5Gui-devel-5.12.7-lp152.3.3.1

libQt5Gui-devel-32bit-5.12.7-lp152.3.3.1

libQt5Gui-private-headers-devel-5.12.7-lp152.3.3.1

libQt5Gui5-5.12.7-lp152.3.3.1

libQt5Gui5-32bit-5.12.7-lp152.3.3.1

libQt5KmsSupport-devel-static-5.12.7-lp152.3.3.1

libQt5KmsSupport-private-headers-devel-5.12.7-lp152.3.3.1

libQt5Network-devel-5.12.7-lp152.3.3.1

libQt5Network-devel-32bit-5.12.7-lp152.3.3.1

libQt5Network-private-headers-devel-5.12.7-lp152.3.3.1

libQt5Network5-5.12.7-lp152.3.3.1

libQt5Network5-32bit-5.12.7-lp152.3.3.1

libQt5OpenGL-devel-5.12.7-lp152.3.3.1

libQt5OpenGL-devel-32bit-5.12.7-lp152.3.3.1

libQt5OpenGL-private-headers-devel-5.12.7-lp152.3.3.1

libQt5OpenGL5-5.12.7-lp152.3.3.1

libQt5OpenGL5-32bit-5.12.7-lp152.3.3.1

libQt5OpenGLExtensions-devel-static-5.12.7-lp152.3.3.1

libQt5OpenGLExtensions-devel-static-32bit-5.12.7-lp152.3.3.1

libQt5PlatformHeaders-devel-5.12.7-lp152.3.3.1

libQt5PlatformSupport-devel-static-5.12.7-lp152.3.3.1

libQt5PlatformSupport-devel-static-32bit-5.12.7-lp152.3.3.1

libQt5PlatformSupport-private-headers-devel-5.12.7-lp152.3.3.1

libQt5PrintSupport-devel-5.12.7-lp152.3.3.1

libQt5PrintSupport-devel-32bit-5.12.7-lp152.3.3.1

libQt5PrintSupport-private-headers-devel-5.12.7-lp152.3.3.1

libQt5PrintSupport5-5.12.7-lp152.3.3.1

libQt5PrintSupport5-32bit-5.12.7-lp152.3.3.1

libQt5Sql-devel-5.12.7-lp152.3.3.1

libQt5Sql-devel-32bit-5.12.7-lp152.3.3.1

libQt5Sql-private-headers-devel-5.12.7-lp152.3.3.1

libQt5Sql5-5.12.7-lp152.3.3.1

libQt5Sql5-32bit-5.12.7-lp152.3.3.1

libQt5Sql5-mysql-5.12.7-lp152.3.3.1

libQt5Sql5-mysql-32bit-5.12.7-lp152.3.3.1

libQt5Sql5-postgresql-5.12.7-lp152.3.3.1

libQt5Sql5-postgresql-32bit-5.12.7-lp152.3.3.1

libQt5Sql5-sqlite-5.12.7-lp152.3.3.1

libQt5Sql5-sqlite-32bit-5.12.7-lp152.3.3.1

libQt5Sql5-unixODBC-5.12.7-lp152.3.3.1

libQt5Sql5-unixODBC-32bit-5.12.7-lp152.3.3.1

libQt5Test-devel-5.12.7-lp152.3.3.1

libQt5Test-devel-32bit-5.12.7-lp152.3.3.1

libQt5Test-private-headers-devel-5.12.7-lp152.3.3.1

libQt5Test5-5.12.7-lp152.3.3.1

libQt5Test5-32bit-5.12.7-lp152.3.3.1

libQt5Widgets-devel-5.12.7-lp152.3.3.1

libQt5Widgets-devel-32bit-5.12.7-lp152.3.3.1

libQt5Widgets-private-headers-devel-5.12.7-lp152.3.3.1

libQt5Widgets5-5.12.7-lp152.3.3.1

libQt5Widgets5-32bit-5.12.7-lp152.3.3.1

libQt5Xml-devel-5.12.7-lp152.3.3.1

libQt5Xml-devel-32bit-5.12.7-lp152.3.3.1

libQt5Xml5-5.12.7-lp152.3.3.1

libQt5Xml5-32bit-5.12.7-lp152.3.3.1

libqt5-qtbase-common-devel-5.12.7-lp152.3.3.1

libqt5-qtbase-devel-5.12.7-lp152.3.3.1

libqt5-qtbase-examples-5.12.7-lp152.3.3.1

libqt5-qtbase-examples-32bit-5.12.7-lp152.3.3.1

libqt5-qtbase-platformtheme-gtk3-5.12.7-lp152.3.3.1

libqt5-qtbase-platformtheme-xdgdesktopportal-5.12.7-lp152.3.3.1

libqt5-qtbase-private-headers-devel-5.12.7-lp152.3.3.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/RD3KMKHBCIAITVABTJG34OGDV6WIRPDJ/
E-Mail link for openSUSE-SU-2020:1319-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1172726
SUSE Bug 1172726
https://bugzilla.suse.com/1173758
SUSE Bug 1173758
https://www.suse.com/security/cve/CVE-2020-13962/
SUSE CVE CVE-2020-13962 page

Описание

Qt 5.12.2 through 5.14.2, as used in unofficial builds of Mumble 1.3.0 and other products, mishandles OpenSSL's error queue, which can cause a denial of service to QSslSocket users. Because errors leak in unrelated TLS sessions, an unrelated session may be disconnected when any handshake fails. (Mumble 1.3.1 is not affected, regardless of the Qt version.)

Затронутые продукты

openSUSE Leap 15.2:libQt5Bootstrap-devel-static-32bit-5.12.7-lp152.3.3.1

openSUSE Leap 15.2:libQt5Bootstrap-devel-static-5.12.7-lp152.3.3.1

openSUSE Leap 15.2:libQt5Concurrent-devel-32bit-5.12.7-lp152.3.3.1

openSUSE Leap 15.2:libQt5Concurrent-devel-5.12.7-lp152.3.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2020-13962.html
CVE-2020-13962
https://bugzilla.suse.com/1172726
SUSE Bug 1172726

openSUSE-SU-2020:1319-1

Описание

Список пакетов

openSUSE Leap 15.2

Ссылки

Уязвимость: CVE-2020-13962

Описание

Затронутые продукты

Ссылки