[SECURITY] [DLA 3805-1] qtbase-opensource-src security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 3805-1] qtbase-opensource-src security update
From: Thorsten Alteholz <debian@alteholz.de>
Date: Tue, 30 Apr 2024 22:47:38 +0000 (UTC)
Message-id: <[🔎] alpine.DEB.2.21.2404302240130.9275@postfach.intern.alteholz.me>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3805-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                    Thorsten Alteholz
May 01, 2024                                  https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : qtbase-opensource-src
Version        : 5.11.3+dfsg1-1+deb10u6
CVE ID         : CVE-2023-24607 CVE-2023-32762 CVE-2023-32763
                 CVE-2023-33285 CVE-2023-37369 CVE-2023-38197
                 CVE-2023-51714

Several issues have been found in qtbase-opensource-src, a collection ofseveral Qt modules/libraries.The issues are related to buffer overflows, infinite loops or applicationcrashs due to processing of crafted input files.



For Debian 10 buster, these problems have been fixed in version
5.11.3+dfsg1-1+deb10u6.

We recommend that you upgrade your qtbase-opensource-src packages.

For the detailed security status of qtbase-opensource-src please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/qtbase-opensource-src

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmYxdQpfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEfMtRAAjbTun4MDTXVmMd9YQJ/HOWBkOH6inmpHRbp1qrRTjFMxxOKaNmR6F0TN
xlkdXpStdJmlqYCjAjNmLR1aIOzoKbt7MQVKNTnzc9JS68zzPP00jnpQk3iF/s/W
e/K6gB7Wkk/6XmXdfR9I9YwyDl95aSghCHu98r1bPrlnefHaB9BUZkN5R2mYK32K
R+HAmrvuJekzYu9h5og+3nPrgvaBpHSe2M+Sfte04Vxd6p1khCw/4A1mCkG+Q6Vk
KZb+3HCZMskgOy6Y5ZrEa0oHetRGF1Yf6P1pKviT8553DrTchEKQqX8odHKeTNpv
n8ZNy2eCNbOxd5A7w2502M+ng8H+ntdVtt9k38majYykef2NExJBAaG/dzQ/e5XP
lYmL3t2VMsIjItL6AMD9W4i+VWROOa7ZItmdNN/+4WWoH1dSHMnzMo1EkBaN+7tG
w+EwVMGQt7ma0o7qImMs1F9cjmKLCeyCiwLFteNcwzBHdmxCMvWzGXcgXwlxnwIz
hYWscrTAXRBWopEsZvaZhlVTxcE8lxI2GmwIyytYCdtKZctRDvjk6Tdel20iOVsF
mqlSt2NGoiRcy+CYpFXV/PwTsm2j/TnAzu9vb9JV3M9U2iMUwbYqedV0rCMsRBAY
TNVGt4Mx9nHsJWHmcaC5WWeYuz1e/gXB846SrxT5jrcy/+evYnI=
=IelU
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 3804-1] nghttp2 security update
Previous by thread: [SECURITY] [DLA 3804-1] nghttp2 security update
Index(es):
- Date
- Thread