Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 521
Alerts This Week
Warning Icon 1 521

openSUSE Leap 15.5 SUSE-SU-2023:4951-1 Moderate Buffer Overflow Fix

opensuse
Calendar Grey December 21, 2023
Dist Opensuse Esm H88
Addresses a significant buffer overflow vulnerability in libqt5-qtbase for openSUSE, classified as moderate severity. Implement patches to ensure system safety.
This update for libqt5-qtbase fixes the following issues: CVE-2023-37369: Fixed buffer overflow in QXmlStreamReader (bsc#1214327).

Description

This update for libqt5-qtbase fixes the following issues:

* CVE-2023-37369: Fixed buffer overflow in QXmlStreamReader (bsc#1214327).

* libq5-qtbase was rebuild against icu 73. jsc#PED-6193

Patch

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like

YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

* Basesystem Module 15-SP5

zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2023-4951=1

* Desktop Applications Module 15-SP5

zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2023-4951=1

* openSUSE Leap 15.5

zypper in -t patch SUSE-2023-4951=1 openSUSE-SLE-15.5-2023-4951=1

Package List

* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)

* libQt5Widgets5-5.15.8+kde185-150500.4.13.1

* libQt5Concurrent-devel-5.15.8+kde185-150500.4.13.1

* libQt5Network-devel-5.15.8+kde185-150500.4.13.1

* libQt5PrintSupport5-debuginfo-5.15.8+kde185-150500.4.13.1

* libqt5-qtbase-debugsource-5.15.8+kde185-150500.4.13.1

* libQt5PlatformSupport-devel-static-5.15.8+kde185-150500.4.13.1

* libQt5DBus5-debuginfo-5.15.8+kde185-150500.4.13.1

* libQt5PlatformHeaders-devel-5.15.8+kde185-150500.4.13.1

* libQt5Core5-debuginfo-5.15.8+kde185-150500.4.13.1

* libQt5Gui-devel-5.15.8+kde185-150500.4.13.1

* libQt5Sql5-debuginfo-5.15.8+kde185-150500.4.13.1

* libQt5Xml-devel-5.15.8+kde185-150500.4.13.1

* libQt5Test5-debuginfo-5.15.8+kde185-150500.4.13.1

* libQt5DBus-devel-debuginfo-5.15.8+kde185-150500.4.13.1

* libQt5Core-devel-5.15.8+kde185-150500.4.13.1

* libqt5-qtbase-common-devel-debuginfo-5.15.8+kde185-150500.4.13.1

* libQt5PrintSupport5-5.15.8+kde185-150500.4.13.1

* libQt5Sql-devel-5.15.8+kde185-150500.4.13.1

*...

Read the Full Advisory

References

* bsc#1214327

* jsc#PED-6193

## References:

* https://www.suse.com/security/cve/CVE-2023-37369.html

* https://bugzilla.suse.com/show_bug.cgi?id=1214327

*

Announcement ID: SUSE-SU-2023:4951-1
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.