From nobody Sun Jan 7 22:06:48 2024 X-Original-To: dev-commits-ports-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4T7WWF14yVz566Z7; Sun, 7 Jan 2024 22:06:49 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4T7WWF0cMPz4HLq; Sun, 7 Jan 2024 22:06:49 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1704665209; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=ImV4WeuETZLQ5YI9AOAT+VAPQUrfp4R/f+qPLvJvxpE=; b=c4yH8hSUGHUspb244OsQjhMCGsVmRJpmSbapZM2raZpGKcBY9MMr30bP4CG6IDPUJiF0nj hugiQ/H0x8Z1PsXGVkQ1JV2iYFDhjECprPUshr2VpwgR7zXpJw+OJLztWgg7qRCeiE71QJ QRdWRbHICRTAV6KpEGL1EVZmmXp3wBdRP7tMsV0WtF9B1mshDOnTSrztijk6J9UoPiLndk YpYBtWx1EgYRRcP3o0JjER1vli+JPyj1gnjmThmuqBuUFHTI1/aGDLfdfz8PLWnwLnmqx5 f9Q4lt9v13VBUPSJ99wqg0m46fFjavTZ/+aPpwY9mlAms5NZSigihznEjRe+aw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1704665209; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=ImV4WeuETZLQ5YI9AOAT+VAPQUrfp4R/f+qPLvJvxpE=; b=OWTke8K+qc2bFUQo3iz//XvClOvqOqVb39osHw6OGcdbAxWuZ5Xmam/3zm78ZRrciFoV8L 1E5J81qeLwP8TqAlUofMgoyfExc7hU2EncSdnJKRJo7ly/jxBacXoFUTY5v9TbeWf6w/FJ Sy6Jk7WwSDbZNQDDtSFAPEgfsybdunFKrTM9iZCgWPIuN51QxsoPG3aihbGlwT9QwH5B7B 5Dc1U7wNzXfmFrpKOOTveoCIQceUCoRHLYVxIA8nUyfyHU8ljfc8GFuRrwSy+CqIps/awF PMaWnRq+aE19HMmUm90CjXni3vDUoUhRQ6jYBxgVytGUv0GPe4yFHFh6blMZqw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1704665209; a=rsa-sha256; cv=none; b=F3JGqAS94iVI3f3qu4edL6uKXNkrx3f6hR2q3eMF4V8AgSc8SMyEu0PcX6bhOP/H/uDFT4 77GEveT7m1vYHDowGFGaAOy9EHhNz7knxtNnk3tFWSvoWRyTI3q+fhOEc3GMAJN/s75wQf OKjI2PAPDMVIyV+YcWR8gQHDmcV73DheyJgWYjCQP0L/Ltxsoy8ZEUzxob0uWYhVbXNU8M EXVlKF9zI124JDYvcR2unQUnYqq0GMpgvfzK4JJNhdMKX8k7HNFea0kTD6cC87mhCNomRB x5lpwKsabUrEnAbqAOjVCef9TkE3B75t4hTxc/0J8dsngkQEGgrwKd+8EVlZMA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4T7WWD6YhWzhcR; Sun, 7 Jan 2024 22:06:48 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 407M6msT051342; Sun, 7 Jan 2024 22:06:48 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 407M6mdR051339; Sun, 7 Jan 2024 22:06:48 GMT (envelope-from git) Date: Sun, 7 Jan 2024 22:06:48 GMT Message-Id: <202401072206.407M6mdR051339@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org From: "Jason E. Hale" Subject: git: 06b20337d293 - main - security/vuxml: Document QtNetwork buffer overflow List-Id: Commit messages for all branches of the ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-all@freebsd.org X-BeenThere: dev-commits-ports-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: jhale X-Git-Repository: ports X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 06b20337d2933e72ac3c5f8f0be5b5ac2fc1694f Auto-Submitted: auto-generated The branch main has been updated by jhale: URL: https://cgit.FreeBSD.org/ports/commit/?id=06b20337d2933e72ac3c5f8f0be5b5ac2fc1694f commit 06b20337d2933e72ac3c5f8f0be5b5ac2fc1694f Author: Jason E. Hale AuthorDate: 2024-01-07 21:42:17 +0000 Commit: Jason E. Hale CommitDate: 2024-01-07 22:01:55 +0000 security/vuxml: Document QtNetwork buffer overflow An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check. Base Score: 9.8 CRITICAL Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H --- security/vuxml/vuln/2024.xml | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) diff --git a/security/vuxml/vuln/2024.xml b/security/vuxml/vuln/2024.xml index b4787537bfcf..b45d24cddd4d 100644 --- a/security/vuxml/vuln/2024.xml +++ b/security/vuxml/vuln/2024.xml @@ -1,3 +1,36 @@ + + QtNetwork -- potential buffer overflow + + + qt5-network + 5.15.12p148_1 + + + qt6-base + 6.6.1_2 + + + + +

Andy Shaw reports:

+
+

A potential integer overflow has been discovered in Qt's HTTP2 + implementation. If the HTTP2 implementation receives more then 4GiB + in total headers, or more than 2GiB for any given header pair, then + the internal buffers may overflow.

+
+ + + + CVE-2023-51714 + https://www.qt.io/blog/security-advisory-potential-integer-overflow-in-qts-http2-implementation + + + 2023-12-14 + 2024-01-07 + + + mantis -- multiple vulnerabilities