Overview

File _patchinfo of Package patchinfo.40448

<patchinfo incident="40448">
  <issue tracker="bnc" id="1243958">VUL-0: CVE-2025-5455: libqt5-qtbase,qt6-base: qtbase: crash when qDecodeDataUrl() is called with malformed data and assertions are enabled</issue>
  <issue tracker="bnc" id="1239896">VUL-0: CVE-2025-30348: libqt5-qtbase,qt6-base: qtbase: low performance when processing XML data due to encodeText in QDom using a complex algorithm</issue>
  <issue tracker="cve" id="2025-30348"/>
  <issue tracker="cve" id="2025-5455"/>
  <packager>alarrosa</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for qt6-base</summary>
  <description>This update for qt6-base fixes the following issues:

- CVE-2025-5455: processing of malformed data in `qDecodeDataUrl()` can trigger assertion and cause a crash
  (bsc#1243958).
- CVE-2025-30348: complex algorithm used in `encodeText` in QDom when processing XML data can cause low performance
  (bsc#1239896).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places