[qtbase] lacks fix for CVE-2023-38197 #32796

carsten-grimm-at-ipolog · 2023-07-28T05:52:52Z

Is your feature request related to a problem? Please describe.

Qt 6.5.2 is affected by CVE-2023-38197.
Qt provides a fix for this vulnerabilities that is not included in the port.
The patch for CVE-2023-38197 can be applied immediately to qtbase

Proposed solution

Add the official patch for CVE-2023-38197 to the port.

Describe alternatives you've considered

No response

Additional context

I will create a pull request with this proposed solution soon.

The text was updated successfully, but these errors were encountered:

carsten-grimm-at-ipolog added the category:port-feature The issue is with a library, which is requesting new capabilities that didn’t exist label Jul 28, 2023

carsten-grimm-at-ipolog mentioned this issue Jul 28, 2023

[qtbase] apply official patch for CVE-2023-38197 #32797

Merged

7 tasks

jimwang118 self-assigned this Jul 28, 2023

BillyONeal closed this as completed in #32797 Jul 28, 2023

ajtribick mentioned this issue Jul 29, 2023

[ci] Update vcpkg to pick up Qt6 fix CelestiaProject/Celestia#1810

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[qtbase] lacks fix for CVE-2023-38197 #32796

[qtbase] lacks fix for CVE-2023-38197 #32796

carsten-grimm-at-ipolog commented Jul 28, 2023

[qtbase] lacks fix for CVE-2023-38197 #32796

[qtbase] lacks fix for CVE-2023-38197 #32796

Comments

carsten-grimm-at-ipolog commented Jul 28, 2023

Is your feature request related to a problem? Please describe.

Proposed solution

Describe alternatives you've considered

Additional context