CLSA-2026-1778107793 qt5-qtbase: Fix of 3 CVEs

CVE-2025-5455: fix qDecodeDataUrl crash on malformed data URL with charset - CVE-2024-25580: fix KTX file reading buffer overflow - CVE-2024-39936: delay HTTP/2 communication until encrypted can be responded to includes prerequisite to emit encrypted on H2 path...

Apple macOS AMDRadeonX6000MTLDriver KTX Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the Metal framework is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...

Apple macOS AMDRadeonX6000MTLDriver KTX Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the Metal framework is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...

AZL-38737 CVE-2024-25580 affecting package qtbase for versions less than 6.6.2-1

An issue was discovered in gui/util/qktxhandler.cpp in Qt before 5.15.17, 6.x before 6.2.12, 6.3.x through 6.5.x before 6.5.5, and 6.6.x before 6.6.2. A buffer overflow and application crash can occur via a crafted KTX image file...