Lucene search
AmazonALAS-2024-2533HistoryApr 24, 2024 - 10:15 p.m.
Important: qt5-qtbase
2024-04-2422:15:00
alas.aws.amazon.com
1
qxmlstreamreader buffer overflow
cve-2023-37369
update qt5-qtbase
Issue Overview:
Potential buffer overflow issue in QXmlStreamReader.
When given specifically crafted data then QXmlStreamReader can end up causing a buffer overflow and subsequently a crash. (CVE-2023-37369)
Affected Packages:
qt5-qtbase
Note:
This advisory is applicable to Amazon Linux 2 (AL2) Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories.
Issue Correction:
Run yum update qt5-qtbase to update your system.
New Packages:
aarch64:
qt5-qtbase-5.9.2-3.amzn2.0.14.aarch64
qt5-qtbase-devel-5.9.2-3.amzn2.0.14.aarch64
qt5-qtbase-doc-5.9.2-3.amzn2.0.14.aarch64
qt5-qtbase-examples-5.9.2-3.amzn2.0.14.aarch64
qt5-qtbase-static-5.9.2-3.amzn2.0.14.aarch64
qt5-qtbase-mysql-5.9.2-3.amzn2.0.14.aarch64
qt5-qtbase-odbc-5.9.2-3.amzn2.0.14.aarch64
qt5-qtbase-postgresql-5.9.2-3.amzn2.0.14.aarch64
qt5-qtbase-gui-5.9.2-3.amzn2.0.14.aarch64
qt5-qtbase-debuginfo-5.9.2-3.amzn2.0.14.aarch64
i686:
qt5-qtbase-5.9.2-3.amzn2.0.14.i686
qt5-qtbase-devel-5.9.2-3.amzn2.0.14.i686
qt5-qtbase-doc-5.9.2-3.amzn2.0.14.i686
qt5-qtbase-examples-5.9.2-3.amzn2.0.14.i686
qt5-qtbase-static-5.9.2-3.amzn2.0.14.i686
qt5-qtbase-mysql-5.9.2-3.amzn2.0.14.i686
qt5-qtbase-odbc-5.9.2-3.amzn2.0.14.i686
qt5-qtbase-postgresql-5.9.2-3.amzn2.0.14.i686
qt5-qtbase-gui-5.9.2-3.amzn2.0.14.i686
qt5-qtbase-debuginfo-5.9.2-3.amzn2.0.14.i686
noarch:
qt5-qtbase-common-5.9.2-3.amzn2.0.14.noarch
qt5-rpm-macros-5.9.2-3.amzn2.0.14.noarch
src:
qt5-qtbase-5.9.2-3.amzn2.0.14.src
x86_64:
qt5-qtbase-5.9.2-3.amzn2.0.14.x86_64
qt5-qtbase-devel-5.9.2-3.amzn2.0.14.x86_64
qt5-qtbase-doc-5.9.2-3.amzn2.0.14.x86_64
qt5-qtbase-examples-5.9.2-3.amzn2.0.14.x86_64
qt5-qtbase-static-5.9.2-3.amzn2.0.14.x86_64
qt5-qtbase-mysql-5.9.2-3.amzn2.0.14.x86_64
qt5-qtbase-odbc-5.9.2-3.amzn2.0.14.x86_64
qt5-qtbase-postgresql-5.9.2-3.amzn2.0.14.x86_64
qt5-qtbase-gui-5.9.2-3.amzn2.0.14.x86_64
qt5-qtbase-debuginfo-5.9.2-3.amzn2.0.14.x86_64
Additional References
Red Hat: CVE-2023-37369
Mitre: CVE-2023-37369
Related
fedora
fedora
[SECURITY] Fedora 38 Update: mingw-qt5-qtbase-5.15.10-4.fc38
2023-08-30 01:37:29
[SECURITY] Fedora 38 Update: qt5-qtbase-5.15.10-5.fc38
2023-08-18 01:59:53
[SECURITY] Fedora 37 Update: mingw-qt5-qtbase-5.15.10-4.fc37
2023-08-30 01:27:54
openvas
openvas
Fedora: Security Advisory for qt5-qtbase (FEDORA-2023-04d519d0b3)
2023-08-19 00:00:00
Fedora: Security Advisory for mingw-qt5-qtbase (FEDORA-2023-0e68827d36)
2023-08-30 00:00:00
openSUSE: Security Advisory for libqt5 (SUSE-SU-2023:4951-1)
2024-03-04 00:00:00
osv
osv
CVE-2023-37369
2023-08-20 07:15:08
Moderate: qt5-qtbase security update
2023-11-14 00:00:00
Moderate: qt5 security and bug fix update
2023-11-07 00:00:00
nessus
nessus
Fedora 38 : qt5-qtbase (2023-04d519d0b3)
2023-08-18 00:00:00
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libqt5-qtbase (SUSE-SU-2023:4950-1)
2023-12-22 00:00:00
Fedora 37 : mingw-qt5-qtbase (2023-fd45b50121)
2023-08-30 00:00:00
redhatcve
redhatcve
CVE-2023-37369
2023-08-16 13:49:04
cvelist
cvelist
CVE-2023-37369
2023-08-20 00:00:00
qt
qt
Security advisory: QXmlStreamReader
2023-07-07 00:00:00
cbl_mariner
cbl_mariner
CVE-2023-37369 affecting package qt5-qtbase for versions less than 5.12.11-9
2023-08-10 16:37:57
cve
cve
CVE-2023-37369
2023-08-20 07:15:08
debiancve
debiancve
CVE-2023-37369
2023-08-20 07:15:08
prion
prion
Design/Logic Flaw
2023-08-20 07:15:00
ubuntucve
ubuntucve
CVE-2023-37369
2023-08-20 00:00:00
almalinux
almalinux
Moderate: qt5-qtbase security update
2023-11-14 00:00:00
Moderate: qt5 security and bug fix update
2023-11-07 00:00:00
oraclelinux
oraclelinux
qt5-qtbase security update
2023-11-17 00:00:00
qt5 security and bug fix update
2023-11-12 00:00:00
redhat
redhat
(RHSA-2023:6967) Moderate: qt5-qtbase security update
2023-11-14 08:41:31
(RHSA-2023:6369) Moderate: qt5 security and bug fix update
2023-11-07 06:03:15
debian
debian
[SECURITY] [DLA 3805-1] qtbase-opensource-src security update
2024-04-30 23:30:28
[SECURITY] [DLA 3539-1] qt4-x11 security update
2023-08-22 22:41:19
ibm
ibm