CVE-2023-51714: An issue was discovered in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2. If the HTTP2 implementation receives more then 4GiB in total headers, or more than 2GiB for any given header pair, then the internal buffers may overflow. Fix incoming for qtbase soon, imagine asturm is already handling for qtnetwork (mentioned the CVE earlier).
Yup
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=68e098de62a63945f1549ec7700c0704f759756a commit 68e098de62a63945f1549ec7700c0704f759756a Author: Ionen Wolkens <ionen@gentoo.org> AuthorDate: 2024-01-03 15:17:28 +0000 Commit: Ionen Wolkens <ionen@gentoo.org> CommitDate: 2024-01-03 15:51:37 +0000 dev-qt/qtbase: backport CVE-2023-51714 HTTP2 fix Still pending stable, which won't need to wait long. Bug: https://bugs.gentoo.org/921292 Signed-off-by: Ionen Wolkens <ionen@gentoo.org> .../qtbase/files/qtbase-6.6.1-CVE-2023-51714.patch | 55 ++++ dev-qt/qtbase/qtbase-6.6.1-r2.ebuild | 362 +++++++++++++++++++++ 2 files changed, 417 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3036426068b1af84b7bfe0d0cf9e5847cec7e72e commit 3036426068b1af84b7bfe0d0cf9e5847cec7e72e Author: Andreas Sturmlechner <asturm@gentoo.org> AuthorDate: 2024-01-03 22:54:09 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2024-01-03 23:00:17 +0000 dev-qt/qtnetwork: Bump to QT5_KDEPATCHSET_REV=2 (CVE-2023-51714) Marc Mutz (3): HPack: fix a Yoda Condition HPack: fix incorrect integer overflow check Http2: fix potential overflow in assemble_hpack_block() Bug: https://bugs.gentoo.org/921292 Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org> dev-qt/qtnetwork/Manifest | 1 + dev-qt/qtnetwork/qtnetwork-5.15.12-r1.ebuild | 62 ++++++++++++++++++++++++++++ 2 files changed, 63 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=10c63aca797d914527158e1a10958e094b210071 commit 10c63aca797d914527158e1a10958e094b210071 Author: Ionen Wolkens <ionen@gentoo.org> AuthorDate: 2024-01-08 09:24:12 +0000 Commit: Ionen Wolkens <ionen@gentoo.org> CommitDate: 2024-01-08 12:57:48 +0000 dev-qt/qtbase: drop vulnerable 6.6.1-r1 All done for Qt6's qtbase end wrt bug #921292. Bug: https://bugs.gentoo.org/921292 Signed-off-by: Ionen Wolkens <ionen@gentoo.org> dev-qt/qtbase/qtbase-6.6.1-r1.ebuild | 361 ----------------------------------- 1 file changed, 361 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4da4badad37f5ee4a625355187d3d99d10de0081 commit 4da4badad37f5ee4a625355187d3d99d10de0081 Author: Ionen Wolkens <ionen@gentoo.org> AuthorDate: 2024-01-08 09:24:01 +0000 Commit: Ionen Wolkens <ionen@gentoo.org> CommitDate: 2024-01-08 12:57:48 +0000 dev-qt/qtbase: stabilize 6.6.1-r3 for amd64 Bug: https://bugs.gentoo.org/921292 Signed-off-by: Ionen Wolkens <ionen@gentoo.org> dev-qt/qtbase/qtbase-6.6.1-r3.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
Adjusting whiteboard. Did say that Qt6/qtbase is done, but there's still Qt5/qtnetwork to stable+cleanup which is being done alongside 5.15.12 in bug #921565 whenever that's ready.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7b39f6f75144969158ffa888433005ff2d380e76 commit 7b39f6f75144969158ffa888433005ff2d380e76 Author: Andreas Sturmlechner <asturm@gentoo.org> AuthorDate: 2024-02-01 22:54:46 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2024-02-01 23:00:50 +0000 dev-qt/qtnetwork: drop 5.15.11 Bug: https://bugs.gentoo.org/921292 Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org> dev-qt/qtnetwork/Manifest | 3 -- dev-qt/qtnetwork/qtnetwork-5.15.11.ebuild | 62 ------------------------------- 2 files changed, 65 deletions(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=454cda22e8b729a9b8958647874983f3e1ccf831 commit 454cda22e8b729a9b8958647874983f3e1ccf831 Author: Andreas Sturmlechner <asturm@gentoo.org> AuthorDate: 2024-02-03 13:25:29 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2024-02-03 13:25:29 +0000 dev-qt/qtnetwork: drop 5.15.12 Bug: https://bugs.gentoo.org/921292 Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org> dev-qt/qtnetwork/Manifest | 1 - dev-qt/qtnetwork/qtnetwork-5.15.12.ebuild | 62 ------------------------------- 2 files changed, 63 deletions(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=ee465149b16298ca9c2f97f5e191b2bad7299032 commit ee465149b16298ca9c2f97f5e191b2bad7299032 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-02-18 11:07:25 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-02-18 11:08:11 +0000 [ GLSA 202402-21 ] QtNetwork: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/907120 Bug: https://bugs.gentoo.org/921292 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202402-21.xml | 55 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 55 insertions(+)
