Overview

File _patchinfo of Package patchinfo.35117

<patchinfo incident="35117">
  <issue tracker="bnc" id="1222120">VUL-0: CVE-2023-45935: libqt4,libqt5-qtbase,qt3,qt6-base: NULL pointer dereference via QXcbConnection::initializeAllAtoms()</issue>
  <issue tracker="bnc" id="1227426">VUL-0: CVE-2024-39936: libqt4,libqt5-qtbase,qt3,qt6-base:  delay any HTTP2 communication until encrypted() can be responded to</issue>
  <issue tracker="cve" id="2023-45935"/>
  <issue tracker="cve" id="2024-39936"/>
  <packager>alarrosa</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for libqt5-qtbase</summary>
  <description>This update for libqt5-qtbase fixes the following issues:

- CVE-2023-45935: Fixed NULL pointer dereference in QXcbConnection::initializeAllAtoms() due to anomalous behavior from the X server (bsc#1222120)
- CVE-2024-39936: Fixed information leakage due to process HTTP2 communication before encrypted() can be responded to (bsc#1227426)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places