-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 28 Apr 2024 22:40:02 +0200
Source: qtbase-opensource-src
Architecture: source
Version: 5.11.3+dfsg1-1+deb10u6
Distribution: buster-security
Urgency: medium
Maintainer: Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
Changed-By: Thorsten Alteholz <debian@alteholz.de>
Changes:
qtbase-opensource-src (5.11.3+dfsg1-1+deb10u6) buster-security; urgency=medium
.
* Non-maintainer upload by the LTS Team.
* CVE-2023-32763
fix QTextLayout buffer overflow due to crafted SVG file
* CVE-2023-24607
fix denial of service via a crafted string when the SQL ODBC driver
plugin is used
* fix regression caused by patch for CVE-2023-24607
* CVE-2023-32762
prevent incorrect parsing of the strict-transport-security (HSTS) header
* CVE-2023-51714
fix incorrect HPack integer overflow check.
* CVE-2023-38197
fix infinite loop in recursive entity expansion
* CVE-2023-37639
fix crash of application in QXmlStreamReader due to crafted XML string
* CVE-2023-33285
fix buffer overflow in QDnsLookup
* backport of QByteArray::compare() needed for CVE-2023-32762
* add new symbol to libqt5core5a.symbols
Checksums-Sha1:
eed94415f36f6042bbc0129da0c06ab128f536a3 5336 qtbase-opensource-src_5.11.3+dfsg1-1+deb10u6.dsc
c76bdc29e663609699abc2d81a4b395a315ddf0e 256028 qtbase-opensource-src_5.11.3+dfsg1-1+deb10u6.debian.tar.xz
613f8ca38de697f3dedacb4b04a209387547308f 11826 qtbase-opensource-src_5.11.3+dfsg1-1+deb10u6_source.buildinfo
Checksums-Sha256:
7a9b313bbac1295e87b8f90d12e5e1edc482a68fdf67d4d976b0bab5d3397152 5336 qtbase-opensource-src_5.11.3+dfsg1-1+deb10u6.dsc
0dc40387f0edec85d2f6a77c813d1d9b1fa82c658bb7b8906d14c0a54368c8cf 256028 qtbase-opensource-src_5.11.3+dfsg1-1+deb10u6.debian.tar.xz
c0e43a6958b491dde07195b9ef97be58e6e39f2d3c721c4d28962ee5f2b91021 11826 qtbase-opensource-src_5.11.3+dfsg1-1+deb10u6_source.buildinfo
Files:
c5d3ba7aa05da0b3f94651f5d27d8df3 5336 libs optional qtbase-opensource-src_5.11.3+dfsg1-1+deb10u6.dsc
fe28b132219a312f35c324614aea0376 256028 libs optional qtbase-opensource-src_5.11.3+dfsg1-1+deb10u6.debian.tar.xz
096977f8345813c0ade6feab66e758db 11826 libs optional qtbase-opensource-src_5.11.3+dfsg1-1+deb10u6_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmYv3MtfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh
bHRlaG9sei5kZQAKCRCW/KwNOHtYR8y2D/46M0Fz5onSNIcWDY1GA9p/IBV9INIJ
MQEpYAv8WDW+gbJJpoN8h2xIQmT5Yd177q/n0BcVPofjWtjHJR/zVDUZkQarxkgc
xl3YzW8tQrhODFkIGUpeOBcFrg4M+6Oph6jZa1nkrMgPKyar/7v5N98gLk8fQAPj
bC/KWTJYlHIWOll5Kc81w3j0x5HDL9/2YZk7RZyy+MgWTQ/+9ZVCfbXslwc3xUS6
uG9G3mdc8NUo324KkySjbPPGvu/48h2J/dMaMmluakWavJwN1xJveQAGdBDXvJ7B
SokDeFUnUxs1Zjh65xVeNKzTyhyS3hkMFeMjOiRaGVcCrd+8crdcipZ3F3F2W/Pd
22vtNd04Tgy455f5pGfCWo7zVCZyCtGg+P/JYQTCUTKrGoeTubSEebgMYGw8SUvG
cLeRZt7Hwhgn/Onb91dAFCx993WTdG5q24uYcBmTsiBGIGUuF8qDxSUBdCzDKf/v
BfKlO1G4LObtS9QWxVCjE5tzsHNvh+D7icHZ4I3m2gKC5BRh7LXty20iGTlc0n5j
YA1NfmGpfg5miyZA5yMFanFdS9xJ/tq4w82KzmKUZ2Vy2sTvZW1HkE51X3ZJb+lQ
7bgFpQfO5cEYWMB0utrnv3VUI/1//5xj2+qhdTlNVJ8wT+b02/LDXjph+RdUkdz5
BjcCao9PkurBcQ==
=RxP/
-----END PGP SIGNATURE-----
Attachment:
pgpSteVpF3yik.pgp
Description: PGP signature