Alerts This Week
Warning Icon 1 535
Alerts This Week
Warning Icon 1 535

openSUSE: qt6-base Moderate Security Vulnerabilities 2025:03599-1

opensuse
Calendar Grey October 15, 2025
Dist Opensuse Esm H88
Two vulnerabilities addressed in qt6-base for openSUSE, requiring a moderate level of attention. Update recommended.
An update that solves two vulnerabilities can now be installed.

Description

This update for qt6-base fixes the following issues:

* CVE-2025-5455: processing of malformed data in `qDecodeDataUrl()` can

trigger assertion and cause a crash (bsc#1243958).

* CVE-2025-30348: complex algorithm used in `encodeText` in QDom when

processing XML data can cause low performance (bsc#1239896).

Topics%20covered

Topics Covered

security advisory moderate denial of service information leakage OpenSUSE qt6-base

Patch

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like

YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6

zypper in -t patch openSUSE-SLE-15.6-2025-3599=1 SUSE-2025-3599=1

* Desktop Applications Module 15-SP6

zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-3599=1

* Desktop Applications Module 15-SP7

zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2025-3599=1

* SUSE Package Hub 15 15-SP6

zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-3599=1

* SUSE Package Hub 15 15-SP7

zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-3599=1

Package List

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)

* libQt6Gui6-6.6.3-150600.3.6.1

* qt6-core-devel-6.6.3-150600.3.6.1

* libQt6DBus6-6.6.3-150600.3.6.1

* libQt6Sql6-6.6.3-150600.3.6.1

* libQt6OpenGLWidgets6-6.6.3-150600.3.6.1

* libQt6Xml6-6.6.3-150600.3.6.1

* qt6-platformsupport-private-devel-6.6.3-150600.3.6.1

* qt6-printsupport-cups-debuginfo-6.6.3-150600.3.6.1

* qt6-printsupport-private-devel-6.6.3-150600.3.6.1

* qt6-sql-devel-6.6.3-150600.3.6.1

* qt6-sql-mysql-6.6.3-150600.3.6.1

* libQt6OpenGL6-debuginfo-6.6.3-150600.3.6.1

* qt6-test-private-devel-6.6.3-150600.3.6.1

* qt6-exampleicons-devel-static-6.6.3-150600.3.6.1

* qt6-printsupport-cups-6.6.3-150600.3.6.1

* qt6-network-private-devel-6.6.3-150600.3.6.1

* qt6-sql-postgresql-6.6.3-150600.3.6.1

* libQt6Network6-6.6.3-150600.3.6.1

* qt6-sql-unixODBC-debuginfo-6.6.3-150600.3.6.1

* libQt6Widgets6-debuginfo-6.6.3-150600.3.6.1

* qt6-base-common-devel-debuginfo-6.6.3-150600.3.6.1

* qt6-xml-devel-6.6.3-150600.3.6.1

*...

Read the Full Advisory

References

* bsc#1239896

* bsc#1243958

## References:

* https://www.suse.com/security/cve/CVE-2025-30348.html

* https://www.suse.com/security/cve/CVE-2025-5455.html

* https://bugzilla.suse.com/show_bug.cgi?id=1239896

* https://bugzilla.suse.com/show_bug.cgi?id=1243958

Announcement ID: SUSE-SU-2025:03599-1
Release Date: 2025-10-15T12:17:26Z
Affected Products: * Desktop Applications Module 15-SP6 * Desktop Applications Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP6 * SUSE Package Hub 15 15-SP7

Topics%20covered

Topics Covered

security advisory moderate denial of service information leakage OpenSUSE qt6-base

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here