"A recently reported potential buffer overflow issue in QXmlStreamReader has been assigned the CVE id CVE-2023-37369 When given specifically crafted data then QXmlStreamReader can end up causing a buffer overflow and subsequently a crash." https://www.qt.io/blog/security-advisory-qxmlstreamreader (fixed in qtbase-6.5.2) "A recently reported potential buffer overflow issue in QXmlStreamReader has been assigned the CVE id CVE-2023-38197. QXmlStreamReader can freeze or get out of memory on recursive entity expansion, with DTD tokens in XML body." https://www.qt.io/blog/security-advisory-qxmlstreamreader-1 (fixed in qtbase-6.5.3)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d67ecfdb7d124b05a2af89478dd6eff099eabd0e commit d67ecfdb7d124b05a2af89478dd6eff099eabd0e Author: Andreas Sturmlechner <asturm@gentoo.org> AuthorDate: 2023-08-05 22:38:13 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2023-08-05 23:00:08 +0000 dev-qt/qtcore: Bump to QT5_KDEPATCHSET_REV=2 Ahmad Samir (2): QXmlStreamReader: change fastScanName() to take a Value* QXmlStreamReader: make fastScanName() indicate parsing status to callers Axel Spoerl (1): QXmlStreamReader: Raise error on unexpected tokens Friedemann Kleint (1): Fix typo in QXmlStreamReader error message Marc Mutz (2): QLogging: DRY isFatal(QtMsgType) Make sure we don't count down past 0 QT_FATAL_CRITICALS Volker Krause (1): Fix Croatia's currency See also: https://www.qt.io/blog/security-advisory-qxmlstreamreader https://www.qt.io/blog/security-advisory-qxmlstreamreader-1 Bug: https://bugs.gentoo.org/911790 Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org> dev-qt/qtcore/Manifest | 1 + dev-qt/qtcore/qtcore-5.15.10-r1.ebuild | 120 +++++++++++++++++++++++++++++++++ 2 files changed, 121 insertions(+)
wrt qtbase, our qtbase-6.5.2 was added from the start with: PATCHES=( "${FILESDIR}/${PN}-6.5.2-CVE-2023-38197.patch" )
Excellent.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c087cd6aecbcbcd9ae58a1ee9a38f28118a39503 commit c087cd6aecbcbcd9ae58a1ee9a38f28118a39503 Author: Andreas Sturmlechner <asturm@gentoo.org> AuthorDate: 2023-08-16 15:27:07 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2023-08-16 16:03:32 +0000 dev-qt/qtcore: cleanup vulnerable 5.15.10 Bug: https://bugs.gentoo.org/911790 Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org> dev-qt/qtcore/Manifest | 1 - dev-qt/qtcore/qtcore-5.15.10.ebuild | 119 ------------------------------------ 2 files changed, 120 deletions(-)
status ?
(In reply to genBTC from comment #5) > status ? There's nothing left to do here beside letting the security team decide if want to do a glsa for this (been fixed for a few months, and vulnerable versions are removed). Or is the glsa what you're asking about?
