# Security update for libqt5-qtbase

Announcement ID: SUSE-SU-2024:2946-1  
Rating: important  
References:

  * bsc#1214327
  * bsc#1218413
  * bsc#1222120
  * bsc#1227426
  * bsc#1227513
  * jsc#PED-6193

  
Cross-References:

  * CVE-2023-37369
  * CVE-2023-45935
  * CVE-2023-51714
  * CVE-2024-39936

  
CVSS scores:

  * CVE-2023-37369 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-37369 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-45935 ( SUSE ):  4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
  * CVE-2023-51714 ( SUSE ):  6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-51714 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-39936 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-39936 ( NVD ):  5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

  
Affected Products:

  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP2
  * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise Server 15 SP2
  * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3

  
  
An update that solves four vulnerabilities, contains one feature and has one
security fix can now be installed.

## Description:

This update for libqt5-qtbase fixes the following issues:

  * CVE-2023-37369: Fixed a buffer overflow in QXmlStreamReader (QTBUG-91889,
    bsc#1214327).
  * CVE-2023-45935: Fixed NULL pointer dereference in
    QXcbConnection::initializeAllAtoms() due to anomalous behavior from the X
    server (bsc#1222120)
  * CVE-2024-39936: Fixed information leakage due to process HTTP2 communication
    before encrypted() can be responded to (bsc#1227426)
  * CVE-2023-51714: Fixed an incorrect integer overflow check (bsc#1218413).

Other fixes: \- Add patch from upstream to fix a regression in the ODBC driver
(bsc#1227513, QTBUG-112375) \- Add upstream patch to fix a potential overflow in
assemble_hpack_block() \- Use pkgconfig(icu-18n) to select current icu

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2946=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP2  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-2946=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2946=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2024-2946=1

  * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-2946=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2946=1

  * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-2946=1

## Package List:

  * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x
    x86_64)
    * libQt5Sql5-sqlite-5.12.7-150200.4.29.1
    * libQt5PlatformHeaders-devel-5.12.7-150200.4.29.1
    * libQt5Sql5-postgresql-5.12.7-150200.4.29.1
    * libQt5Network-devel-5.12.7-150200.4.29.1
    * libQt5Network5-5.12.7-150200.4.29.1
    * libQt5OpenGL-devel-5.12.7-150200.4.29.1
    * libqt5-qtbase-common-devel-5.12.7-150200.4.29.1
    * libQt5Test5-5.12.7-150200.4.29.1
    * libQt5KmsSupport-devel-static-5.12.7-150200.4.29.1
    * libQt5Sql5-5.12.7-150200.4.29.1
    * libQt5PrintSupport5-debuginfo-5.12.7-150200.4.29.1
    * libQt5DBus5-5.12.7-150200.4.29.1
    * libQt5DBus-devel-5.12.7-150200.4.29.1
    * libqt5-qtbase-common-devel-debuginfo-5.12.7-150200.4.29.1
    * libQt5Sql5-postgresql-debuginfo-5.12.7-150200.4.29.1
    * libQt5Gui-devel-5.12.7-150200.4.29.1
    * libQt5Core5-5.12.7-150200.4.29.1
    * libQt5Xml-devel-5.12.7-150200.4.29.1
    * libQt5PlatformSupport-devel-static-5.12.7-150200.4.29.1
    * libQt5Sql5-mysql-5.12.7-150200.4.29.1
    * libQt5Sql5-unixODBC-5.12.7-150200.4.29.1
    * libQt5PrintSupport5-5.12.7-150200.4.29.1
    * libQt5DBus5-debuginfo-5.12.7-150200.4.29.1
    * libqt5-qtbase-devel-5.12.7-150200.4.29.1
    * libQt5Xml5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Concurrent5-5.12.7-150200.4.29.1
    * libQt5DBus-devel-debuginfo-5.12.7-150200.4.29.1
    * libQt5OpenGLExtensions-devel-static-5.12.7-150200.4.29.1
    * libQt5Xml5-5.12.7-150200.4.29.1
    * libQt5Gui5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Test-devel-5.12.7-150200.4.29.1
    * libQt5Sql5-sqlite-debuginfo-5.12.7-150200.4.29.1
    * libQt5Core5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Sql-devel-5.12.7-150200.4.29.1
    * libQt5Gui5-5.12.7-150200.4.29.1
    * libQt5Sql5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Concurrent5-debuginfo-5.12.7-150200.4.29.1
    * libqt5-qtbase-platformtheme-gtk3-debuginfo-5.12.7-150200.4.29.1
    * libQt5Concurrent-devel-5.12.7-150200.4.29.1
    * libQt5OpenGL5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Widgets-devel-5.12.7-150200.4.29.1
    * libQt5Core-devel-5.12.7-150200.4.29.1
    * libQt5Sql5-unixODBC-debuginfo-5.12.7-150200.4.29.1
    * libQt5PrintSupport-devel-5.12.7-150200.4.29.1
    * libqt5-qtbase-platformtheme-gtk3-5.12.7-150200.4.29.1
    * libQt5Sql5-mysql-debuginfo-5.12.7-150200.4.29.1
    * libQt5Network5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Test5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Widgets5-5.12.7-150200.4.29.1
    * libQt5Widgets5-debuginfo-5.12.7-150200.4.29.1
    * libQt5OpenGL5-5.12.7-150200.4.29.1
    * libqt5-qtbase-debugsource-5.12.7-150200.4.29.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch)
    * libQt5KmsSupport-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5DBus-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5Gui-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5OpenGL-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5PrintSupport-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5Widgets-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5PlatformSupport-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5Sql-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5Test-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5Core-private-headers-devel-5.12.7-150200.4.29.1
    * libqt5-qtbase-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5Network-private-headers-devel-5.12.7-150200.4.29.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64)
    * libQt5Sql5-sqlite-5.12.7-150200.4.29.1
    * libQt5PlatformHeaders-devel-5.12.7-150200.4.29.1
    * libQt5Sql5-postgresql-5.12.7-150200.4.29.1
    * libQt5Network-devel-5.12.7-150200.4.29.1
    * libQt5Network5-5.12.7-150200.4.29.1
    * libQt5OpenGL-devel-5.12.7-150200.4.29.1
    * libqt5-qtbase-common-devel-5.12.7-150200.4.29.1
    * libQt5Test5-5.12.7-150200.4.29.1
    * libQt5KmsSupport-devel-static-5.12.7-150200.4.29.1
    * libQt5Sql5-5.12.7-150200.4.29.1
    * libQt5PrintSupport5-debuginfo-5.12.7-150200.4.29.1
    * libQt5DBus5-5.12.7-150200.4.29.1
    * libQt5DBus-devel-5.12.7-150200.4.29.1
    * libqt5-qtbase-common-devel-debuginfo-5.12.7-150200.4.29.1
    * libQt5Sql5-postgresql-debuginfo-5.12.7-150200.4.29.1
    * libQt5Gui-devel-5.12.7-150200.4.29.1
    * libQt5Core5-5.12.7-150200.4.29.1
    * libQt5Xml-devel-5.12.7-150200.4.29.1
    * libQt5PlatformSupport-devel-static-5.12.7-150200.4.29.1
    * libQt5Sql5-mysql-5.12.7-150200.4.29.1
    * libQt5Sql5-unixODBC-5.12.7-150200.4.29.1
    * libQt5PrintSupport5-5.12.7-150200.4.29.1
    * libQt5DBus5-debuginfo-5.12.7-150200.4.29.1
    * libqt5-qtbase-devel-5.12.7-150200.4.29.1
    * libQt5Xml5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Concurrent5-5.12.7-150200.4.29.1
    * libQt5DBus-devel-debuginfo-5.12.7-150200.4.29.1
    * libQt5OpenGLExtensions-devel-static-5.12.7-150200.4.29.1
    * libQt5Xml5-5.12.7-150200.4.29.1
    * libQt5Gui5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Test-devel-5.12.7-150200.4.29.1
    * libQt5Sql5-sqlite-debuginfo-5.12.7-150200.4.29.1
    * libQt5Core5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Sql-devel-5.12.7-150200.4.29.1
    * libQt5Gui5-5.12.7-150200.4.29.1
    * libQt5Sql5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Concurrent5-debuginfo-5.12.7-150200.4.29.1
    * libqt5-qtbase-platformtheme-gtk3-debuginfo-5.12.7-150200.4.29.1
    * libQt5Concurrent-devel-5.12.7-150200.4.29.1
    * libQt5OpenGL5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Widgets-devel-5.12.7-150200.4.29.1
    * libQt5Core-devel-5.12.7-150200.4.29.1
    * libQt5Sql5-unixODBC-debuginfo-5.12.7-150200.4.29.1
    * libQt5PrintSupport-devel-5.12.7-150200.4.29.1
    * libqt5-qtbase-platformtheme-gtk3-5.12.7-150200.4.29.1
    * libQt5Sql5-mysql-debuginfo-5.12.7-150200.4.29.1
    * libQt5Network5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Test5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Widgets5-5.12.7-150200.4.29.1
    * libQt5Widgets5-debuginfo-5.12.7-150200.4.29.1
    * libQt5OpenGL5-5.12.7-150200.4.29.1
    * libqt5-qtbase-debugsource-5.12.7-150200.4.29.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch)
    * libQt5KmsSupport-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5DBus-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5Gui-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5OpenGL-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5PrintSupport-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5Widgets-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5PlatformSupport-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5Sql-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5Test-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5Core-private-headers-devel-5.12.7-150200.4.29.1
    * libqt5-qtbase-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5Network-private-headers-devel-5.12.7-150200.4.29.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * libQt5Sql5-sqlite-5.12.7-150200.4.29.1
    * libQt5PlatformHeaders-devel-5.12.7-150200.4.29.1
    * libQt5Sql5-postgresql-5.12.7-150200.4.29.1
    * libQt5Network-devel-5.12.7-150200.4.29.1
    * libQt5Network5-5.12.7-150200.4.29.1
    * libQt5OpenGL-devel-5.12.7-150200.4.29.1
    * libqt5-qtbase-common-devel-5.12.7-150200.4.29.1
    * libQt5Test5-5.12.7-150200.4.29.1
    * libQt5KmsSupport-devel-static-5.12.7-150200.4.29.1
    * libQt5Sql5-5.12.7-150200.4.29.1
    * libQt5PrintSupport5-debuginfo-5.12.7-150200.4.29.1
    * libQt5DBus5-5.12.7-150200.4.29.1
    * libQt5DBus-devel-5.12.7-150200.4.29.1
    * libqt5-qtbase-common-devel-debuginfo-5.12.7-150200.4.29.1
    * libQt5Sql5-postgresql-debuginfo-5.12.7-150200.4.29.1
    * libQt5Gui-devel-5.12.7-150200.4.29.1
    * libQt5Core5-5.12.7-150200.4.29.1
    * libQt5Xml-devel-5.12.7-150200.4.29.1
    * libQt5PlatformSupport-devel-static-5.12.7-150200.4.29.1
    * libQt5Sql5-mysql-5.12.7-150200.4.29.1
    * libQt5Sql5-unixODBC-5.12.7-150200.4.29.1
    * libQt5PrintSupport5-5.12.7-150200.4.29.1
    * libQt5DBus5-debuginfo-5.12.7-150200.4.29.1
    * libqt5-qtbase-devel-5.12.7-150200.4.29.1
    * libQt5Xml5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Concurrent5-5.12.7-150200.4.29.1
    * libQt5DBus-devel-debuginfo-5.12.7-150200.4.29.1
    * libQt5OpenGLExtensions-devel-static-5.12.7-150200.4.29.1
    * libQt5Xml5-5.12.7-150200.4.29.1
    * libQt5Gui5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Test-devel-5.12.7-150200.4.29.1
    * libQt5Sql5-sqlite-debuginfo-5.12.7-150200.4.29.1
    * libQt5Core5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Sql-devel-5.12.7-150200.4.29.1
    * libQt5Gui5-5.12.7-150200.4.29.1
    * libQt5Sql5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Concurrent5-debuginfo-5.12.7-150200.4.29.1
    * libqt5-qtbase-platformtheme-gtk3-debuginfo-5.12.7-150200.4.29.1
    * libQt5Concurrent-devel-5.12.7-150200.4.29.1
    * libQt5OpenGL5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Widgets-devel-5.12.7-150200.4.29.1
    * libQt5Core-devel-5.12.7-150200.4.29.1
    * libQt5Sql5-unixODBC-debuginfo-5.12.7-150200.4.29.1
    * libQt5PrintSupport-devel-5.12.7-150200.4.29.1
    * libqt5-qtbase-platformtheme-gtk3-5.12.7-150200.4.29.1
    * libQt5Sql5-mysql-debuginfo-5.12.7-150200.4.29.1
    * libQt5Network5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Test5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Widgets5-5.12.7-150200.4.29.1
    * libQt5Widgets5-debuginfo-5.12.7-150200.4.29.1
    * libQt5OpenGL5-5.12.7-150200.4.29.1
    * libqt5-qtbase-debugsource-5.12.7-150200.4.29.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * libQt5KmsSupport-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5DBus-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5Gui-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5OpenGL-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5PrintSupport-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5Widgets-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5PlatformSupport-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5Sql-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5Test-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5Core-private-headers-devel-5.12.7-150200.4.29.1
    * libqt5-qtbase-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5Network-private-headers-devel-5.12.7-150200.4.29.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * libQt5Sql5-sqlite-5.12.7-150200.4.29.1
    * libQt5PlatformHeaders-devel-5.12.7-150200.4.29.1
    * libQt5Sql5-postgresql-5.12.7-150200.4.29.1
    * libQt5Network-devel-5.12.7-150200.4.29.1
    * libQt5Network5-5.12.7-150200.4.29.1
    * libQt5OpenGL-devel-5.12.7-150200.4.29.1
    * libqt5-qtbase-common-devel-5.12.7-150200.4.29.1
    * libQt5Test5-5.12.7-150200.4.29.1
    * libQt5KmsSupport-devel-static-5.12.7-150200.4.29.1
    * libQt5Sql5-5.12.7-150200.4.29.1
    * libQt5PrintSupport5-debuginfo-5.12.7-150200.4.29.1
    * libQt5DBus5-5.12.7-150200.4.29.1
    * libQt5DBus-devel-5.12.7-150200.4.29.1
    * libqt5-qtbase-common-devel-debuginfo-5.12.7-150200.4.29.1
    * libQt5Sql5-postgresql-debuginfo-5.12.7-150200.4.29.1
    * libQt5Gui-devel-5.12.7-150200.4.29.1
    * libQt5Core5-5.12.7-150200.4.29.1
    * libQt5Xml-devel-5.12.7-150200.4.29.1
    * libQt5PlatformSupport-devel-static-5.12.7-150200.4.29.1
    * libQt5Sql5-mysql-5.12.7-150200.4.29.1
    * libQt5Sql5-unixODBC-5.12.7-150200.4.29.1
    * libQt5PrintSupport5-5.12.7-150200.4.29.1
    * libQt5DBus5-debuginfo-5.12.7-150200.4.29.1
    * libqt5-qtbase-devel-5.12.7-150200.4.29.1
    * libQt5Xml5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Concurrent5-5.12.7-150200.4.29.1
    * libQt5DBus-devel-debuginfo-5.12.7-150200.4.29.1
    * libQt5OpenGLExtensions-devel-static-5.12.7-150200.4.29.1
    * libQt5Xml5-5.12.7-150200.4.29.1
    * libQt5Gui5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Test-devel-5.12.7-150200.4.29.1
    * libQt5Sql5-sqlite-debuginfo-5.12.7-150200.4.29.1
    * libQt5Core5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Sql-devel-5.12.7-150200.4.29.1
    * libQt5Gui5-5.12.7-150200.4.29.1
    * libQt5Sql5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Concurrent5-debuginfo-5.12.7-150200.4.29.1
    * libqt5-qtbase-platformtheme-gtk3-debuginfo-5.12.7-150200.4.29.1
    * libQt5Concurrent-devel-5.12.7-150200.4.29.1
    * libQt5OpenGL5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Widgets-devel-5.12.7-150200.4.29.1
    * libQt5Core-devel-5.12.7-150200.4.29.1
    * libQt5Sql5-unixODBC-debuginfo-5.12.7-150200.4.29.1
    * libQt5PrintSupport-devel-5.12.7-150200.4.29.1
    * libqt5-qtbase-platformtheme-gtk3-5.12.7-150200.4.29.1
    * libQt5Sql5-mysql-debuginfo-5.12.7-150200.4.29.1
    * libQt5Network5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Test5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Widgets5-5.12.7-150200.4.29.1
    * libQt5Widgets5-debuginfo-5.12.7-150200.4.29.1
    * libQt5OpenGL5-5.12.7-150200.4.29.1
    * libqt5-qtbase-debugsource-5.12.7-150200.4.29.1
  * SUSE Enterprise Storage 7.1 (noarch)
    * libQt5KmsSupport-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5DBus-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5Gui-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5OpenGL-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5PrintSupport-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5Widgets-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5PlatformSupport-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5Sql-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5Test-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5Core-private-headers-devel-5.12.7-150200.4.29.1
    * libqt5-qtbase-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5Network-private-headers-devel-5.12.7-150200.4.29.1
  * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64
    x86_64)
    * libQt5Sql5-sqlite-5.12.7-150200.4.29.1
    * libQt5PlatformHeaders-devel-5.12.7-150200.4.29.1
    * libQt5Sql5-postgresql-5.12.7-150200.4.29.1
    * libQt5Network-devel-5.12.7-150200.4.29.1
    * libQt5Network5-5.12.7-150200.4.29.1
    * libQt5OpenGL-devel-5.12.7-150200.4.29.1
    * libqt5-qtbase-common-devel-5.12.7-150200.4.29.1
    * libQt5Test5-5.12.7-150200.4.29.1
    * libQt5KmsSupport-devel-static-5.12.7-150200.4.29.1
    * libQt5Sql5-5.12.7-150200.4.29.1
    * libQt5PrintSupport5-debuginfo-5.12.7-150200.4.29.1
    * libQt5DBus5-5.12.7-150200.4.29.1
    * libQt5DBus-devel-5.12.7-150200.4.29.1
    * libqt5-qtbase-common-devel-debuginfo-5.12.7-150200.4.29.1
    * libQt5Sql5-postgresql-debuginfo-5.12.7-150200.4.29.1
    * libQt5Gui-devel-5.12.7-150200.4.29.1
    * libQt5Core5-5.12.7-150200.4.29.1
    * libQt5Xml-devel-5.12.7-150200.4.29.1
    * libQt5PlatformSupport-devel-static-5.12.7-150200.4.29.1
    * libQt5Sql5-mysql-5.12.7-150200.4.29.1
    * libQt5Sql5-unixODBC-5.12.7-150200.4.29.1
    * libQt5PrintSupport5-5.12.7-150200.4.29.1
    * libQt5DBus5-debuginfo-5.12.7-150200.4.29.1
    * libqt5-qtbase-devel-5.12.7-150200.4.29.1
    * libQt5Xml5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Concurrent5-5.12.7-150200.4.29.1
    * libQt5DBus-devel-debuginfo-5.12.7-150200.4.29.1
    * libQt5OpenGLExtensions-devel-static-5.12.7-150200.4.29.1
    * libQt5Xml5-5.12.7-150200.4.29.1
    * libQt5Gui5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Test-devel-5.12.7-150200.4.29.1
    * libQt5Sql5-sqlite-debuginfo-5.12.7-150200.4.29.1
    * libQt5Core5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Sql-devel-5.12.7-150200.4.29.1
    * libQt5Gui5-5.12.7-150200.4.29.1
    * libQt5Sql5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Concurrent5-debuginfo-5.12.7-150200.4.29.1
    * libqt5-qtbase-platformtheme-gtk3-debuginfo-5.12.7-150200.4.29.1
    * libQt5Concurrent-devel-5.12.7-150200.4.29.1
    * libQt5OpenGL5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Widgets-devel-5.12.7-150200.4.29.1
    * libQt5Core-devel-5.12.7-150200.4.29.1
    * libQt5Sql5-unixODBC-debuginfo-5.12.7-150200.4.29.1
    * libQt5PrintSupport-devel-5.12.7-150200.4.29.1
    * libqt5-qtbase-platformtheme-gtk3-5.12.7-150200.4.29.1
    * libQt5Sql5-mysql-debuginfo-5.12.7-150200.4.29.1
    * libQt5Network5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Test5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Widgets5-5.12.7-150200.4.29.1
    * libQt5Widgets5-debuginfo-5.12.7-150200.4.29.1
    * libQt5OpenGL5-5.12.7-150200.4.29.1
    * libqt5-qtbase-debugsource-5.12.7-150200.4.29.1
  * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch)
    * libQt5KmsSupport-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5DBus-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5Gui-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5OpenGL-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5PrintSupport-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5Widgets-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5PlatformSupport-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5Sql-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5Test-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5Core-private-headers-devel-5.12.7-150200.4.29.1
    * libqt5-qtbase-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5Network-private-headers-devel-5.12.7-150200.4.29.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * libQt5Sql5-sqlite-5.12.7-150200.4.29.1
    * libQt5PlatformHeaders-devel-5.12.7-150200.4.29.1
    * libQt5Sql5-postgresql-5.12.7-150200.4.29.1
    * libQt5Network-devel-5.12.7-150200.4.29.1
    * libQt5Network5-5.12.7-150200.4.29.1
    * libQt5OpenGL-devel-5.12.7-150200.4.29.1
    * libqt5-qtbase-common-devel-5.12.7-150200.4.29.1
    * libQt5Test5-5.12.7-150200.4.29.1
    * libQt5KmsSupport-devel-static-5.12.7-150200.4.29.1
    * libQt5Sql5-5.12.7-150200.4.29.1
    * libQt5PrintSupport5-debuginfo-5.12.7-150200.4.29.1
    * libQt5DBus5-5.12.7-150200.4.29.1
    * libQt5DBus-devel-5.12.7-150200.4.29.1
    * libqt5-qtbase-common-devel-debuginfo-5.12.7-150200.4.29.1
    * libQt5Sql5-postgresql-debuginfo-5.12.7-150200.4.29.1
    * libQt5Gui-devel-5.12.7-150200.4.29.1
    * libQt5Core5-5.12.7-150200.4.29.1
    * libQt5Xml-devel-5.12.7-150200.4.29.1
    * libQt5PlatformSupport-devel-static-5.12.7-150200.4.29.1
    * libQt5Sql5-mysql-5.12.7-150200.4.29.1
    * libQt5Sql5-unixODBC-5.12.7-150200.4.29.1
    * libQt5PrintSupport5-5.12.7-150200.4.29.1
    * libQt5DBus5-debuginfo-5.12.7-150200.4.29.1
    * libqt5-qtbase-devel-5.12.7-150200.4.29.1
    * libQt5Xml5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Concurrent5-5.12.7-150200.4.29.1
    * libQt5DBus-devel-debuginfo-5.12.7-150200.4.29.1
    * libQt5OpenGLExtensions-devel-static-5.12.7-150200.4.29.1
    * libQt5Xml5-5.12.7-150200.4.29.1
    * libQt5Gui5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Test-devel-5.12.7-150200.4.29.1
    * libQt5Sql5-sqlite-debuginfo-5.12.7-150200.4.29.1
    * libQt5Core5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Sql-devel-5.12.7-150200.4.29.1
    * libQt5Gui5-5.12.7-150200.4.29.1
    * libQt5Sql5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Concurrent5-debuginfo-5.12.7-150200.4.29.1
    * libqt5-qtbase-platformtheme-gtk3-debuginfo-5.12.7-150200.4.29.1
    * libQt5Concurrent-devel-5.12.7-150200.4.29.1
    * libQt5OpenGL5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Widgets-devel-5.12.7-150200.4.29.1
    * libQt5Core-devel-5.12.7-150200.4.29.1
    * libQt5Sql5-unixODBC-debuginfo-5.12.7-150200.4.29.1
    * libQt5PrintSupport-devel-5.12.7-150200.4.29.1
    * libqt5-qtbase-platformtheme-gtk3-5.12.7-150200.4.29.1
    * libQt5Sql5-mysql-debuginfo-5.12.7-150200.4.29.1
    * libQt5Network5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Test5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Widgets5-5.12.7-150200.4.29.1
    * libQt5Widgets5-debuginfo-5.12.7-150200.4.29.1
    * libQt5OpenGL5-5.12.7-150200.4.29.1
    * libqt5-qtbase-debugsource-5.12.7-150200.4.29.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * libQt5KmsSupport-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5DBus-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5Gui-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5OpenGL-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5PrintSupport-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5Widgets-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5PlatformSupport-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5Sql-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5Test-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5Core-private-headers-devel-5.12.7-150200.4.29.1
    * libqt5-qtbase-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5Network-private-headers-devel-5.12.7-150200.4.29.1
  * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x
    x86_64)
    * libQt5Sql5-sqlite-5.12.7-150200.4.29.1
    * libQt5PlatformHeaders-devel-5.12.7-150200.4.29.1
    * libQt5Sql5-postgresql-5.12.7-150200.4.29.1
    * libQt5Network-devel-5.12.7-150200.4.29.1
    * libQt5Network5-5.12.7-150200.4.29.1
    * libQt5OpenGL-devel-5.12.7-150200.4.29.1
    * libqt5-qtbase-common-devel-5.12.7-150200.4.29.1
    * libQt5Test5-5.12.7-150200.4.29.1
    * libQt5KmsSupport-devel-static-5.12.7-150200.4.29.1
    * libQt5Sql5-5.12.7-150200.4.29.1
    * libQt5PrintSupport5-debuginfo-5.12.7-150200.4.29.1
    * libQt5DBus5-5.12.7-150200.4.29.1
    * libQt5DBus-devel-5.12.7-150200.4.29.1
    * libqt5-qtbase-common-devel-debuginfo-5.12.7-150200.4.29.1
    * libQt5Sql5-postgresql-debuginfo-5.12.7-150200.4.29.1
    * libQt5Gui-devel-5.12.7-150200.4.29.1
    * libQt5Core5-5.12.7-150200.4.29.1
    * libQt5Xml-devel-5.12.7-150200.4.29.1
    * libQt5PlatformSupport-devel-static-5.12.7-150200.4.29.1
    * libQt5Sql5-mysql-5.12.7-150200.4.29.1
    * libQt5Sql5-unixODBC-5.12.7-150200.4.29.1
    * libQt5PrintSupport5-5.12.7-150200.4.29.1
    * libQt5DBus5-debuginfo-5.12.7-150200.4.29.1
    * libqt5-qtbase-devel-5.12.7-150200.4.29.1
    * libQt5Xml5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Concurrent5-5.12.7-150200.4.29.1
    * libQt5DBus-devel-debuginfo-5.12.7-150200.4.29.1
    * libQt5OpenGLExtensions-devel-static-5.12.7-150200.4.29.1
    * libQt5Xml5-5.12.7-150200.4.29.1
    * libQt5Gui5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Test-devel-5.12.7-150200.4.29.1
    * libQt5Sql5-sqlite-debuginfo-5.12.7-150200.4.29.1
    * libQt5Core5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Sql-devel-5.12.7-150200.4.29.1
    * libQt5Gui5-5.12.7-150200.4.29.1
    * libQt5Sql5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Concurrent5-debuginfo-5.12.7-150200.4.29.1
    * libqt5-qtbase-platformtheme-gtk3-debuginfo-5.12.7-150200.4.29.1
    * libQt5Concurrent-devel-5.12.7-150200.4.29.1
    * libQt5OpenGL5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Widgets-devel-5.12.7-150200.4.29.1
    * libQt5Core-devel-5.12.7-150200.4.29.1
    * libQt5Sql5-unixODBC-debuginfo-5.12.7-150200.4.29.1
    * libQt5PrintSupport-devel-5.12.7-150200.4.29.1
    * libqt5-qtbase-platformtheme-gtk3-5.12.7-150200.4.29.1
    * libQt5Sql5-mysql-debuginfo-5.12.7-150200.4.29.1
    * libQt5Network5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Test5-debuginfo-5.12.7-150200.4.29.1
    * libQt5Widgets5-5.12.7-150200.4.29.1
    * libQt5Widgets5-debuginfo-5.12.7-150200.4.29.1
    * libQt5OpenGL5-5.12.7-150200.4.29.1
    * libqt5-qtbase-debugsource-5.12.7-150200.4.29.1
  * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch)
    * libQt5KmsSupport-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5DBus-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5Gui-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5OpenGL-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5PrintSupport-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5Widgets-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5PlatformSupport-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5Sql-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5Test-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5Core-private-headers-devel-5.12.7-150200.4.29.1
    * libqt5-qtbase-private-headers-devel-5.12.7-150200.4.29.1
    * libQt5Network-private-headers-devel-5.12.7-150200.4.29.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-37369.html
  * https://www.suse.com/security/cve/CVE-2023-45935.html
  * https://www.suse.com/security/cve/CVE-2023-51714.html
  * https://www.suse.com/security/cve/CVE-2024-39936.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1214327
  * https://bugzilla.suse.com/show_bug.cgi?id=1218413
  * https://bugzilla.suse.com/show_bug.cgi?id=1222120
  * https://bugzilla.suse.com/show_bug.cgi?id=1227426
  * https://bugzilla.suse.com/show_bug.cgi?id=1227513
  * https://jira.suse.com/browse/PED-6193

SUSE: 2024:2946-1 important: libqt5-qtbase Security Advisory Updates

August 16, 2024
* bsc#1214327 * bsc#1218413 * bsc#1222120 * bsc#1227426 * bsc#1227513

Summary

## This update for libqt5-qtbase fixes the following issues: * CVE-2023-37369: Fixed a buffer overflow in QXmlStreamReader (QTBUG-91889, bsc#1214327). * CVE-2023-45935: Fixed NULL pointer dereference in QXcbConnection::initializeAllAtoms() due to anomalous behavior from the X server (bsc#1222120) * CVE-2024-39936: Fixed information leakage due to process HTTP2 communication before encrypted() can be responded to (bsc#1227426) * CVE-2023-51714: Fixed an incorrect integer overflow check (bsc#1218413). Other fixes: \- Add patch from upstream to fix a regression in the ODBC driver (bsc#1227513, QTBUG-112375) \- Add upstream patch to fix a potential overflow in assemble_hpack_block() \- Use pkgconfig(icu-18n) to select current icu ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise...

Read the Full Advisory

References

* bsc#1214327

* bsc#1218413

* bsc#1222120

* bsc#1227426

* bsc#1227513

* jsc#PED-6193

Cross-

* CVE-2023-37369

* CVE-2023-45935

* CVE-2023-51714

* CVE-2024-39936

CVSS scores:

* CVE-2023-37369 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2023-37369 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2023-45935 ( SUSE ): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H

* CVE-2023-51714 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2023-51714 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-39936 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

* CVE-2024-39936 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected Products:

* SUSE Enterprise Storage 7.1

* SUSE Linux Enterprise High Performance Computing 15 SP2

* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2

* SUSE Linux Enterprise High Performance Computing 15 SP3

* SUSE Linux Enterprise Hig...

Read the Full Advisory

Severity
Announcement ID: SUSE-SU-2024:2946-1
Rating: important

Related News

The End of the Road for Linux 6.11: A Call to Upgrade to Kernel 6.12
3 - 5 min read
The Linux kernel community recently issued an EOL announcement regarding the 6.11 kernel series, urging sysadmins to upgrade quickly to 6.12 . This
A Linux Admin
3 - 6 min read
As 2025 approaches, we Linux admins are facing new and often unseen cloud-native security obstacles. While skilled at mitigating known risks,
Leveraging Insights from the Linux Foundation
3 - 5 min read
The Linux Foundation's recent Census III report provides critical insights for Linux administrators, information security professionals, and anyone
Chrome 131 Released: Emergency Security Update Fixes Over a Dozen Significant Vulns
3 - 6 min read
Google recently unveiled a critical security update to their popular web browser, Google Chrome, addressing over a dozen significant security
From Wayland Fixes to Security Boosts: Examining Qt 6.8.1
3 - 6 min read
The recent Qt 6.8.1 release brings significant updates and improvements, strengthening its reputation as a secure and reliable application
Exploring Arch Linux 2024.12.01: Security Implications & Notable Enhancements for Linux Admins
3 - 6 min read
The Arch Linux 2024.12.01 ISO release marks an impressive milestone, offering cutting-edge updates that enhance functionality, streamline
Deck the Halls with Enhanced Security: Linux Kernel 6.13
3 - 5 min read
As Linux admins and infosec professionals prepare for the holiday season, there's much cause for celebration this year! Linus Torvalds recently made
Lessons from Bootkitty: Securing Linux Systems Against UEFI Intrusions
3 - 5 min read
New Linux security threats mark critical junctures that challenge existing policies and test security protocols to their limit. One such milestone

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved