Bugzilla – Bug 1218413
VUL-0: CVE-2023-51714: libqt4,libqt5-qtbase,qt3,qt6-base: incorrect integer overflow check
Last modified: 2024-02-13 09:47:28 UTC
An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-51714 https://bugzilla.redhat.com/show_bug.cgi?id=2255856 https://codereview.qt-project.org/c/qt/qtbase/+/524864 https://codereview.qt-project.org/c/qt/qtbase/+/524865/3
SUSE-SU-2024:0063-1: An update that solves one vulnerability and contains one feature can now be installed. Category: security (important) Bug References: 1218413 CVE References: CVE-2023-51714 Jira References: PED-6193 Sources used: openSUSE Leap 15.5 (src): qt6-base-6.4.2-150500.3.14.1, qt6-base-docs-6.4.2-150500.3.14.1 Desktop Applications Module 15-SP5 (src): qt6-base-6.4.2-150500.3.14.1 SUSE Package Hub 15 15-SP5 (src): qt6-base-6.4.2-150500.3.14.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2024:0138-1: An update that solves one vulnerability can now be installed. Category: security (moderate) Bug References: 1218413 CVE References: CVE-2023-51714 Sources used: Basesystem Module 15-SP5 (src): libqt5-qtbase-5.15.8+kde185-150500.4.16.1 Desktop Applications Module 15-SP5 (src): libqt5-qtbase-5.15.8+kde185-150500.4.16.1 openSUSE Leap 15.5 (src): libqt5-qtbase-5.15.8+kde185-150500.4.16.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.