Alerts This Week
Warning Icon 1 1,149
Alerts This Week
Warning Icon 1 1,149

Fedora 40: FEDORA-2024-2e27372d4c Moderate: Qt5 WebSocket Security Fix

fedora
Calendar Grey June 5, 2024
Dist Fedora Esm H88
The release of Qt 5.15.14 addresses a significant security concern, identified as CVE-2024-36048, which emerged within the Fedora 40 ecosystem.
Qt 5.15.14 bugfix update

Summary

The QtWebSockets module implements the WebSocket protocol as specified in RFC

6455. It solely depends on Qt (no external dependencies).

Update Information:

Qt 5.15.14 bugfix update. Fix CVE-2024-36048

Change Log

* Wed May 29 2024 Jan Grulich - 5.15.14-1 - 5.15.14

References


[ 1 ] Bug #2282866 - CVE-2024-36048 qt5-qtnetworkauth: qtnetworkauth: badly seeded PRNG may result in guessable values [epel-8] https://bugzilla.redhat.com/show_bug.cgi?id=2282866 [ 2 ] Bug #2282867 - CVE-2024-36048 qt5-qtnetworkauth: qtnetworkauth: badly seeded PRNG may result in guessable values [fedora-39] https://bugzilla.redhat.com/show_bug.cgi?id=2282867 [ 3 ] Bug #2282869 - CVE-2024-36048 qt5-qtnetworkauth: qtnetworkauth: badly seeded PRNG may result in guessable values [fedora-40] https://bugzilla.redhat.com/show_bug.cgi?id=2282869

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-2e27372d4c' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Name: qt5-qtwebsockets
Product: Fedora 40
Version: 5.15.14
Release: 1.fc40
Summary: Qt5 - WebSockets component

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here