|
Bugzilla – Full Text Bug Listing |
| Summary: | VUL-0: CVE-2023-37369: qt3,libqt5-qtbase,qt6-base,libqt4: buffer overflow in QXmlStreamReader | ||
|---|---|---|---|
| Product: | [Novell Products] SUSE Security Incidents | Reporter: | Alexander Bergmann <abergmann> |
| Component: | Incidents | Assignee: | Antonio Larrosa <alarrosa> |
| Status: | NEW --- | QA Contact: | Security Team bot <security-team> |
| Severity: | Normal | ||
| Priority: | P3 - Medium | CC: | abergmann, dmueller, security-team, stoyan.manolov |
| Version: | unspecified | ||
| Target Milestone: | --- | ||
| Hardware: | Other | ||
| OS: | Other | ||
| URL: | https://smash.suse.de/issue/375466/ | ||
| Whiteboard: | CVSSv3.1:SUSE:CVE-2023-37369:5.5:(AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) | ||
| Found By: | Security Response Team | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
| Bug Depends on: | 1218323 | ||
| Bug Blocks: | |||
| Attachments: |
CVE-2023-37369-qtbase-5.15.diff
CVE-2023-37369-qtbase-6.2.diff CVE-2023-37369-qtbase-6.5.diff |
||
|
Description
Alexander Bergmann
2023-08-16 10:53:40 UTC
Created attachment 868834 [details]
CVE-2023-37369-qtbase-5.15.diff
Created attachment 868835 [details]
CVE-2023-37369-qtbase-6.2.diff
Created attachment 868836 [details]
CVE-2023-37369-qtbase-6.5.diff
SUSE-SU-2023:4622-1: An update that solves six vulnerabilities can now be installed. Category: security (important) Bug References: 1196654, 1211298, 1211798, 1211994, 1213326, 1214327 CVE References: CVE-2021-45930, CVE-2023-32573, CVE-2023-32763, CVE-2023-34410, CVE-2023-37369, CVE-2023-38197 Sources used: SUSE Linux Enterprise Workstation Extension 12 12-SP5 (src): libqt4-4.8.7-8.19.1, libqt4-sql-plugins-4.8.7-8.19.1 SUSE Linux Enterprise Software Development Kit 12 SP5 (src): libqt4-devel-doc-4.8.7-8.19.1, libqt4-4.8.7-8.19.1, libqt4-sql-plugins-4.8.7-8.19.1 SUSE Linux Enterprise High Performance Computing 12 SP5 (src): libqt4-devel-doc-4.8.7-8.19.1, libqt4-4.8.7-8.19.1, libqt4-sql-plugins-4.8.7-8.19.1 SUSE Linux Enterprise Server 12 SP5 (src): libqt4-devel-doc-4.8.7-8.19.1, libqt4-4.8.7-8.19.1, libqt4-sql-plugins-4.8.7-8.19.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src): libqt4-devel-doc-4.8.7-8.19.1, libqt4-4.8.7-8.19.1, libqt4-sql-plugins-4.8.7-8.19.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. SUSE-SU-2023:4951-1: An update that solves one vulnerability and contains one feature can now be installed. Category: security (moderate) Bug References: 1214327 CVE References: CVE-2023-37369 Jira References: PED-6193 Sources used: Basesystem Module 15-SP5 (src): libqt5-qtbase-5.15.8+kde185-150500.4.13.1 Desktop Applications Module 15-SP5 (src): libqt5-qtbase-5.15.8+kde185-150500.4.13.1 openSUSE Leap 15.5 (src): libqt5-qtbase-5.15.8+kde185-150500.4.13.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. SUSE-SU-2023:4950-1: An update that solves one vulnerability and contains one feature can now be installed. Category: security (moderate) Bug References: 1214327 CVE References: CVE-2023-37369 Jira References: PED-6193 Sources used: openSUSE Leap 15.4 (src): libqt5-qtbase-5.15.2+kde294-150400.6.10.1 Basesystem Module 15-SP4 (src): libqt5-qtbase-5.15.2+kde294-150400.6.10.1 Desktop Applications Module 15-SP4 (src): libqt5-qtbase-5.15.2+kde294-150400.6.10.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. |