Bug#1031871: qt6-base: CVE-2023-24607
Source: qt6-base
X-Debbugs-CC: team@security.debian.org
Severity: important
Tags: security
Hi,
The following vulnerability was published for qt6-base.
CVE-2023-24607[0]:
When using the Qt SQL ODBC driver plugin, then it is possible to trigger a DOS with a specifically crafted string
https://www.qt.io/blog/security-advisory-qt-sql-odbc-driver-plugin
https://github.com/qt/qtbase/commit/aaf1381eab6292aa0444a5eadcc24165b6e1c02d (6.4)
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2023-24607
https://www.cve.org/CVERecord?id=CVE-2023-24607
Please adjust the affected versions in the BTS as needed.
Reply to: