File _patchinfo of Package patchinfo.29896
<patchinfo incident="29896"> <issue tracker="cve" id="2023-32763"/> <issue tracker="cve" id="2023-24607"/> <issue tracker="cve" id="2023-32762"/> <issue tracker="cve" id="2023-33285"/> <issue tracker="cve" id="2023-34410"/> <issue tracker="cve" id="2023-38197"/> <issue tracker="bnc" id="1211994">VUL-0: CVE-2023-34410: libqt5-qtbase,qt6-base: certificate validation does not always consider whether the root of a chain is a configured CA certificate</issue> <issue tracker="bnc" id="1211798">VUL-0: CVE-2023-32763: qt3,libqt5-qtbase,qt6-base,libqt4: When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered</issue> <issue tracker="bnc" id="1209616">VUL-0: CVE-2023-24607: libqt5-qtbase: qt6-base: Qt SQL ODBC driver plugin DOS</issue> <issue tracker="bnc" id="1213326">VUL-0: CVE-2023-38197: qt6-base,qt3,libqt4,libqt5-qtbase: infinite loops in QXmlStreamReader</issue> <issue tracker="bnc" id="1211642">VUL-0: CVE-2023-33285: libqt5-qtbase,qt6-base: Buffer overflow in QDnsLookup</issue> <issue tracker="bnc" id="1211797">VUL-0: CVE-2023-32762: qt6-base,qt3,libqt4,libqt5-qtbase: Qt Network incorrectly parses the strict-transport-security (HSTS) header</issue> <issue tracker="bnc" id="1211024">SLES15 SP5 RC2 - [Regression] yast partitioner hangs - worked with RC1</issue> <packager>alarrosa</packager> <rating>important</rating> <category>security</category> <summary>Security update for libqt5-qtbase</summary> <description>This update for libqt5-qtbase fixes the following issues: - CVE-2023-24607: Fixed Qt SQL ODBC driver plugin DOS (bsc#1209616). - CVE-2023-32762: Fixed Qt Network incorrectly parses the strict-transport-security (HSTS) header (bsc#1211797). - CVE-2023-32763: Fixed buffer overflow when rendering an SVG file with an image inside it (bsc#1211798). - CVE-2023-33285: Fixed buffer overflow in QDnsLookup (bsc#1211642). - CVE-2023-34410: Fixed certificate validation does not always consider whether the root of a chain is a configured CA certificate (bsc#1211994). - CVE-2023-38197: Fixed infinite loops in QXmlStreamReader(bsc#1213326). </description> </patchinfo>




