qtbase: Pick CVE-2023-34410 fix

An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2. Certificate validation for TLS does not always consider whether the root of a chain is a configured CA certificate. Advisory: https://nvd.nist.gov/vuln/detail/CVE-2023-34410 Patch: https://download.qt.io/official_releases/qt/5.15/CVE-2023-34410-qtbase-5.15.diff Signed-off-by: Marek Vasut <marex@denx.de>
author: Marek Vasut <marex@denx.de> 2023-10-10 16:09:29 +0200
committer: Martin Jansa <martin.jansa@gmail.com> 2023-10-11 14:18:48 +0200
commit: c75c6ac99a5323746d8c92058ec7fe081efe28fe (patch)
tree: b033fbb916fd119ecc966b98ad7f03ee7ebfaa1c /recipes-qt/qt5/qtbase_git.bb
parent: 51cd2acfb67bbbd89985004c064835e7b2f5ac09 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/recipes-qt/qt5/qtbase_git.bb b/recipes-qt/qt5/qtbase_git.bb
index 66e45392..8fcbec4e 100644
--- a/recipes-qt/qt5/qtbase_git.bb
+++ b/recipes-qt/qt5/qtbase_git.bb
@@ -42,6 +42,7 @@ SRC_URI += "\
     file://CVE-2023-32762.patch \
     file://CVE-2023-32763-qtbase-5.15.diff \
     file://CVE-2023-33285-qtbase-5.15.diff \
+    file://CVE-2023-34410-qtbase-5.15.diff \
 "
 
 # Disable LTO for now, QT5 patches are being worked upstream, perhaps revisit with
author	Marek Vasut <marex@denx.de>	2023-10-10 16:09:29 +0200
committer	Martin Jansa <martin.jansa@gmail.com>	2023-10-11 14:18:48 +0200
commit	c75c6ac99a5323746d8c92058ec7fe081efe28fe (patch)
tree	b033fbb916fd119ecc966b98ad7f03ee7ebfaa1c /recipes-qt/qt5/qtbase_git.bb
parent	51cd2acfb67bbbd89985004c064835e7b2f5ac09 (diff)