ALT-PU-2024-6528-1
Package qt5-webglplugin updated to version 5.15.13-alt1 for branch sisyphus_e2k.
Closed vulnerabilities
Published: 2023-04-15
BDU:2023-02373
Уязвимость плагина SQL ODBC кроссплатформенного фреймворка для разработки программного обеспечения Qt, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5)
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2023-04-15
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2023-24607
Qt before 6.4.3 allows a denial of service via a crafted string when the SQL ODBC driver plugin is used and the size of SQLTCHAR is 4. The affected versions are 5.x before 5.15.13, 6.x before 6.2.8, and 6.3.x before 6.4.3.
Severity: HIGH (7.5)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
- https://codereview.qt-project.org/c/qt/qtbase/+/456216
- https://codereview.qt-project.org/c/qt/qtbase/+/456216
- https://codereview.qt-project.org/c/qt/tqtc-qtbase/+/456217
- https://codereview.qt-project.org/c/qt/tqtc-qtbase/+/456217
- https://codereview.qt-project.org/c/qt/tqtc-qtbase/+/456238
- https://codereview.qt-project.org/c/qt/tqtc-qtbase/+/456238
- https://download.qt.io/official_releases/qt/5.15/CVE-2023-24607-qtbase-5.15.diff
- https://download.qt.io/official_releases/qt/5.15/CVE-2023-24607-qtbase-5.15.diff
- https://github.com/qt/qtbase/commit/aaf1381eab6292aa0444a5eadcc24165b6e1c02d
- https://github.com/qt/qtbase/commit/aaf1381eab6292aa0444a5eadcc24165b6e1c02d
- [debian-lts-announce] 20240430 [SECURITY] [DLA 3805-1] qtbase-opensource-src security update
- [debian-lts-announce] 20240430 [SECURITY] [DLA 3805-1] qtbase-opensource-src security update
- https://www.qt.io/blog/security-advisory-qt-sql-odbc-driver-plugin
- https://www.qt.io/blog/security-advisory-qt-sql-odbc-driver-plugin
- https://www.qt.io/blog/tag/security
- https://www.qt.io/blog/tag/security