OESA-2023-1808

See a problem?
Please try reporting it to the source first.

Source

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1808

Import Source

https://repo.openeuler.org/security/data/osv/OESA-2023-1808.json

JSON Data

https://api.test.osv.dev/v1/vulns/OESA-2023-1808

Upstream

CVE-2023-34410

Published

2023-11-10T11:06:15Z

Modified

2025-08-12T05:20:50.191829Z

Summary

qt security update

Details

Qt (pronounced as "cute", not "cu-tee") is a cross-platform framework that is usually used as a graphical toolkit, although it is also very helpful in creating CLI applications. It runs on the three major desktop OSes, as well as on mobile OSes, such as Symbian, Nokia Belle, Meego Harmattan, MeeGo or BB10, and on embedded devices. Ports for Android (Necessitas) and iOS are also in development

Security Fix(es):

An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2. Certificate validation for TLS does not always consider whether the root of a chain is a configured CA certificate.(CVE-2023-34410)

Database specific

{
    "severity": "Medium"
}

References

Affected packages

openEuler:20.03-LTS-SP3 / qt

Package

Name: qt
Purl: pkg:rpm/openEuler/qt&distro=openEuler-20.03-LTS-SP3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.8.7-52.oe1

Ecosystem specific

{
    "x86_64": [
        "qt-debuginfo-4.8.7-52.oe1.x86_64.rpm",
        "qt-devel-4.8.7-52.oe1.x86_64.rpm",
        "qt-debugsource-4.8.7-52.oe1.x86_64.rpm",
        "qt-4.8.7-52.oe1.x86_64.rpm"
    ],
    "aarch64": [
        "qt-devel-4.8.7-52.oe1.aarch64.rpm",
        "qt-debugsource-4.8.7-52.oe1.aarch64.rpm",
        "qt-debuginfo-4.8.7-52.oe1.aarch64.rpm",
        "qt-4.8.7-52.oe1.aarch64.rpm"
    ],
    "src": [
        "qt-4.8.7-52.oe1.src.rpm"
    ]
}