diff options
author | Marek Vasut <marex@denx.de> | 2023-10-10 16:09:29 +0200 |
---|---|---|
committer | Martin Jansa <martin.jansa@gmail.com> | 2023-10-11 14:18:48 +0200 |
commit | c75c6ac99a5323746d8c92058ec7fe081efe28fe (patch) | |
tree | b033fbb916fd119ecc966b98ad7f03ee7ebfaa1c /recipes-qt/qt5/qtbase_git.bb | |
parent | 51cd2acfb67bbbd89985004c064835e7b2f5ac09 (diff) |
qtbase: Pick CVE-2023-34410 fix
An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and
6.3.x through 6.5.x before 6.5.2. Certificate validation for TLS
does not always consider whether the root of a chain is a configured
CA certificate.
Advisory:
https://nvd.nist.gov/vuln/detail/CVE-2023-34410
Patch:
https://download.qt.io/official_releases/qt/5.15/CVE-2023-34410-qtbase-5.15.diff
Signed-off-by: Marek Vasut <marex@denx.de>
Diffstat (limited to 'recipes-qt/qt5/qtbase_git.bb')
-rw-r--r-- | recipes-qt/qt5/qtbase_git.bb | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/recipes-qt/qt5/qtbase_git.bb b/recipes-qt/qt5/qtbase_git.bb index 66e45392..8fcbec4e 100644 --- a/recipes-qt/qt5/qtbase_git.bb +++ b/recipes-qt/qt5/qtbase_git.bb @@ -42,6 +42,7 @@ SRC_URI += "\ file://CVE-2023-32762.patch \ file://CVE-2023-32763-qtbase-5.15.diff \ file://CVE-2023-33285-qtbase-5.15.diff \ + file://CVE-2023-34410-qtbase-5.15.diff \ " # Disable LTO for now, QT5 patches are being worked upstream, perhaps revisit with |