RLSA-2023:6369

Source
https://errata.rockylinux.org/RLSA-2023:6369
Import Source
https://storage.googleapis.com/resf-osv-data/RLSA-2023:6369.json
JSON Data
https://api.test.osv.dev/v1/vulns/RLSA-2023:6369
Upstream
Published
2026-06-25T12:03:37.665962Z
Modified
2026-06-25T12:30:04.194315907Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
Moderate: qt5 security and bug fix update
Details

Qt is a software toolkit for developing applications.

Security Fix(es):

  • qt: buffer over-read via a crafted reply from a DNS server (CVE-2023-33285)

  • qt: allows remote attacker to bypass security restrictions caused by flaw in certificate validation (CVE-2023-34410)

  • qtbase: buffer overflow in QXmlStreamReader (CVE-2023-37369)

  • qtbase: infinite loops in QXmlStreamReader (CVE-2023-38197)

  • qt: Uninitialized variable usage in m_unitsPerEm (CVE-2023-32573)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Rocky Linux 9.3 Release Notes linked from the References section.

References
Credits
    • Rocky Enterprise Software Foundation
    • Red Hat

Affected packages

Rocky Linux:9
adwaita-qt

Package

Name
adwaita-qt
Purl
pkg:rpm/rocky-linux/adwaita-qt?distro=rocky-linux-9&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:1.4.2-1.el9
Database specific
{
    "yum_repository": "AppStream"
}

Database specific

source
"https://storage.googleapis.com/resf-osv-data/RLSA-2023:6369.json"
python-pyqt5-sip

Package

Name
python-pyqt5-sip
Purl
pkg:rpm/rocky-linux/python-pyqt5-sip?distro=rocky-linux-9&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:12.11.1-1.el9.0.1
Database specific
{
    "yum_repository": "AppStream"
}

Database specific

source
"https://storage.googleapis.com/resf-osv-data/RLSA-2023:6369.json"
python-qt5

Package

Name
python-qt5
Purl
pkg:rpm/rocky-linux/python-qt5?distro=rocky-linux-9&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:5.15.9-1.el9
Database specific
{
    "yum_repository": "AppStream"
}

Database specific

source
"https://storage.googleapis.com/resf-osv-data/RLSA-2023:6369.json"
qgnomeplatform

Package

Name
qgnomeplatform
Purl
pkg:rpm/rocky-linux/qgnomeplatform?distro=rocky-linux-9&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:0.9.0-1.el9
Database specific
{
    "yum_repository": "AppStream"
}

Database specific

source
"https://storage.googleapis.com/resf-osv-data/RLSA-2023:6369.json"
qt5

Package

Name
qt5
Purl
pkg:rpm/rocky-linux/qt5?distro=rocky-linux-9&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:5.15.9-1.el9
Database specific
{
    "yum_repository": "AppStream"
}

Database specific

source
"https://storage.googleapis.com/resf-osv-data/RLSA-2023:6369.json"
qt5-doc

Package

Name
qt5-doc
Purl
pkg:rpm/rocky-linux/qt5-doc?distro=rocky-linux-9&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:5.15.9-1.el9
Database specific
{
    "yum_repository": "AppStream"
}

Database specific

source
"https://storage.googleapis.com/resf-osv-data/RLSA-2023:6369.json"
qt5-qtconnectivity

Package

Name
qt5-qtconnectivity
Purl
pkg:rpm/rocky-linux/qt5-qtconnectivity?distro=rocky-linux-9&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:5.15.9-2.el9
Database specific
{
    "yum_repository": "AppStream"
}

Database specific

source
"https://storage.googleapis.com/resf-osv-data/RLSA-2023:6369.json"
qt5-qtdeclarative

Package

Name
qt5-qtdeclarative
Purl
pkg:rpm/rocky-linux/qt5-qtdeclarative?distro=rocky-linux-9&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:5.15.9-3.el9
Database specific
{
    "yum_repository": "AppStream"
}

Database specific

source
"https://storage.googleapis.com/resf-osv-data/RLSA-2023:6369.json"
qt5-qtdoc

Package

Name
qt5-qtdoc
Purl
pkg:rpm/rocky-linux/qt5-qtdoc?distro=rocky-linux-9&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:5.15.9-1.el9
Database specific
{
    "yum_repository": "AppStream"
}

Database specific

source
"https://storage.googleapis.com/resf-osv-data/RLSA-2023:6369.json"
qt5-qtgraphicaleffects

Package

Name
qt5-qtgraphicaleffects
Purl
pkg:rpm/rocky-linux/qt5-qtgraphicaleffects?distro=rocky-linux-9&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:5.15.9-1.el9
Database specific
{
    "yum_repository": "AppStream"
}

Database specific

source
"https://storage.googleapis.com/resf-osv-data/RLSA-2023:6369.json"
qt5-qtimageformats

Package

Name
qt5-qtimageformats
Purl
pkg:rpm/rocky-linux/qt5-qtimageformats?distro=rocky-linux-9&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:5.15.9-1.el9
Database specific
{
    "yum_repository": "AppStream"
}

Database specific

source
"https://storage.googleapis.com/resf-osv-data/RLSA-2023:6369.json"
qt5-qtlocation

Package

Name
qt5-qtlocation
Purl
pkg:rpm/rocky-linux/qt5-qtlocation?distro=rocky-linux-9&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:5.15.9-1.el9
Database specific
{
    "yum_repository": "AppStream"
}

Database specific

source
"https://storage.googleapis.com/resf-osv-data/RLSA-2023:6369.json"
qt5-qtmultimedia

Package

Name
qt5-qtmultimedia
Purl
pkg:rpm/rocky-linux/qt5-qtmultimedia?distro=rocky-linux-9&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:5.15.9-1.el9
Database specific
{
    "yum_repository": "AppStream"
}

Database specific

source
"https://storage.googleapis.com/resf-osv-data/RLSA-2023:6369.json"
qt5-qtquickcontrols

Package

Name
qt5-qtquickcontrols
Purl
pkg:rpm/rocky-linux/qt5-qtquickcontrols?distro=rocky-linux-9&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:5.15.9-1.el9
Database specific
{
    "yum_repository": "AppStream"
}

Database specific

source
"https://storage.googleapis.com/resf-osv-data/RLSA-2023:6369.json"
qt5-qtquickcontrols2

Package

Name
qt5-qtquickcontrols2
Purl
pkg:rpm/rocky-linux/qt5-qtquickcontrols2?distro=rocky-linux-9&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:5.15.9-1.el9
Database specific
{
    "yum_repository": "AppStream"
}

Database specific

source
"https://storage.googleapis.com/resf-osv-data/RLSA-2023:6369.json"
qt5-qtscript

Package

Name
qt5-qtscript
Purl
pkg:rpm/rocky-linux/qt5-qtscript?distro=rocky-linux-9&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:5.15.9-1.el9
Database specific
{
    "yum_repository": "AppStream"
}

Database specific

source
"https://storage.googleapis.com/resf-osv-data/RLSA-2023:6369.json"
qt5-qtsensors

Package

Name
qt5-qtsensors
Purl
pkg:rpm/rocky-linux/qt5-qtsensors?distro=rocky-linux-9&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:5.15.9-1.el9
Database specific
{
    "yum_repository": "AppStream"
}

Database specific

source
"https://storage.googleapis.com/resf-osv-data/RLSA-2023:6369.json"
qt5-qtserialbus

Package

Name
qt5-qtserialbus
Purl
pkg:rpm/rocky-linux/qt5-qtserialbus?distro=rocky-linux-9&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:5.15.9-1.el9
Database specific
{
    "yum_repository": "AppStream"
}

Database specific

source
"https://storage.googleapis.com/resf-osv-data/RLSA-2023:6369.json"
qt5-qtserialport

Package

Name
qt5-qtserialport
Purl
pkg:rpm/rocky-linux/qt5-qtserialport?distro=rocky-linux-9&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:5.15.9-1.el9
Database specific
{
    "yum_repository": "AppStream"
}

Database specific

source
"https://storage.googleapis.com/resf-osv-data/RLSA-2023:6369.json"
qt5-qtsvg

Package

Name
qt5-qtsvg
Purl
pkg:rpm/rocky-linux/qt5-qtsvg?distro=rocky-linux-9&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:5.15.9-2.el9
Database specific
{
    "yum_repository": "AppStream"
}

Database specific

source
"https://storage.googleapis.com/resf-osv-data/RLSA-2023:6369.json"
qt5-qttranslations

Package

Name
qt5-qttranslations
Purl
pkg:rpm/rocky-linux/qt5-qttranslations?distro=rocky-linux-9&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:5.15.9-1.el9
Database specific
{
    "yum_repository": "AppStream"
}

Database specific

source
"https://storage.googleapis.com/resf-osv-data/RLSA-2023:6369.json"
qt5-qtwayland

Package

Name
qt5-qtwayland
Purl
pkg:rpm/rocky-linux/qt5-qtwayland?distro=rocky-linux-9&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:5.15.9-1.el9
Database specific
{
    "yum_repository": "AppStream"
}

Database specific

source
"https://storage.googleapis.com/resf-osv-data/RLSA-2023:6369.json"
qt5-qtwebchannel

Package

Name
qt5-qtwebchannel
Purl
pkg:rpm/rocky-linux/qt5-qtwebchannel?distro=rocky-linux-9&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:5.15.9-1.el9
Database specific
{
    "yum_repository": "AppStream"
}

Database specific

source
"https://storage.googleapis.com/resf-osv-data/RLSA-2023:6369.json"
qt5-qtwebsockets

Package

Name
qt5-qtwebsockets
Purl
pkg:rpm/rocky-linux/qt5-qtwebsockets?distro=rocky-linux-9&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:5.15.9-2.el9
Database specific
{
    "yum_repository": "AppStream"
}

Database specific

source
"https://storage.googleapis.com/resf-osv-data/RLSA-2023:6369.json"
qt5-qtx11extras

Package

Name
qt5-qtx11extras
Purl
pkg:rpm/rocky-linux/qt5-qtx11extras?distro=rocky-linux-9&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:5.15.9-1.el9
Database specific
{
    "yum_repository": "AppStream"
}

Database specific

source
"https://storage.googleapis.com/resf-osv-data/RLSA-2023:6369.json"
qt5-qtxmlpatterns

Package

Name
qt5-qtxmlpatterns
Purl
pkg:rpm/rocky-linux/qt5-qtxmlpatterns?distro=rocky-linux-9&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:5.15.9-2.el9
Database specific
{
    "yum_repository": "AppStream"
}

Database specific

source
"https://storage.googleapis.com/resf-osv-data/RLSA-2023:6369.json"