NS-SA-2025-0154
2025-07-25 16:49:52
简介
critical: strongswan/python-qt5 security update
严重级别
critical
主题
An update for strongswan/python-qt5 is now available for NewStart CGSL MAIN 7.02.
NewStart Security has rated this update as having a security impact of critical. A Common Vunlnerability Scoring System(CVSS)base score, which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.
详细描述
strongswan:
python-qt5:
Security Fix(es):
strongswan: strongSwan before 5.9.12 has a buffer overflow and possible unauthenticated remote code execution via a DH public value that exceeds the internal buffer in charon-tkm's DH proxy. The earliest affected version is 5.3.0. An attack can occur via a crafted IKE_SA_INIT message.(CVE-2023-41913)
strongswan: bugfix
python-qt5: A flaw was found in the qtbase package. When given specifically crafted data, the QXmlStreamReader can end up causing a buffer overflow and, subsequently, a crash.(CVE-2023-37369)
python-qt5: A vulnerability was found in Qtbase, where it is vulnerable to a denial of service caused by an infinite loop flaw in the QXmlStreamReader() function. This flaw occurs because the QXmlStreamReader function accepts multiple DOCTYPE elements containing DTD fragments in the XML prolog and the XML body. Well-formed but invalid XML files - with multiple DTD fragments in prolog and body, combined with recursive entity expansions, causes infinite loops in QXmlStreamReader. By persuading a victim to open specially crafted XML content, an attacker can cause a denial of service condition.(CVE-2023-38197)
python-qt5: bugfix
Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
http://security.gd-linux.com/how_to_apply_patch.html
Remember the build tag is 7.02.03B8.
影响组件
影响产品
更新包
{"fix":[{"product":"CGSL MAIN 7.02","pkgs":[{"binary":["strongswan-tnc-imcvs-5.9.14-5.zncgsl7.x86_64.rpm","strongswan-sqlite-5.9.14-5.zncgsl7.x86_64.rpm","strongswan-libipsec-5.9.14-5.zncgsl7.x86_64.rpm","strongswan-5.9.14-5.zncgsl7.x86_64.rpm","strongswan-charon-nm-5.9.14-5.zncgsl7.x86_64.rpm"],"source":"strongswan-5.9.14-5.zncgsl7.src.rpm"},{"binary":["python3-qt5-x11extras-5.15.10-3.zncgsl7.2.x86_64.rpm","python3-qt5-tools-5.15.10-3.zncgsl7.2.x86_64.rpm","python3-qt5-test-5.15.10-3.zncgsl7.2.x86_64.rpm","python3-qt5-svg-5.15.10-3.zncgsl7.2.x86_64.rpm","python3-qt5-xmlpatterns-5.15.10-3.zncgsl7.2.x86_64.rpm","python3-qt5-remoteobjects-5.15.10-3.zncgsl7.2.x86_64.rpm","python3-qt5-quickwidgets-5.15.10-3.zncgsl7.2.x86_64.rpm","python3-qt5-quick-5.15.10-3.zncgsl7.2.x86_64.rpm","python3-qt5-printsupport-5.15.10-3.zncgsl7.2.x86_64.rpm","python3-qt5-webchannel-5.15.10-3.zncgsl7.2.x86_64.rpm","python3-qt5-qml-5.15.10-3.zncgsl7.2.x86_64.rpm","python3-qt5-websockets-5.15.10-3.zncgsl7.2.x86_64.rpm","python3-qt5-quick3d-5.15.10-3.zncgsl7.2.x86_64.rpm","python3-qt5-sql-5.15.10-3.zncgsl7.2.x86_64.rpm","python3-qt5-webkitwidgets-5.15.10-3.zncgsl7.2.x86_64.rpm","python3-qt5-widgets-5.15.10-3.zncgsl7.2.x86_64.rpm","python3-qt5-xml-5.15.10-3.zncgsl7.2.x86_64.rpm","python3-qt5-webkit-5.15.10-3.zncgsl7.2.x86_64.rpm","python3-qt5-opengl-5.15.10-3.zncgsl7.2.x86_64.rpm","python3-qt5-sensors-5.15.10-3.zncgsl7.2.x86_64.rpm","python3-qt5-serialport-5.15.10-3.zncgsl7.2.x86_64.rpm","python3-qt5-positioning-5.15.10-3.zncgsl7.2.x86_64.rpm","python3-qt5-dbus-5.15.10-3.zncgsl7.2.x86_64.rpm","python3-qt5-base-5.15.10-3.zncgsl7.2.noarch.rpm","python3-qt5-nfc-5.15.10-3.zncgsl7.2.x86_64.rpm","python3-qt5-network-5.15.10-3.zncgsl7.2.x86_64.rpm","python3-qt5-multimedia-5.15.10-3.zncgsl7.2.x86_64.rpm","python3-qt5-multimediawidgets-5.15.10-3.zncgsl7.2.x86_64.rpm","python3-qt5-gui-5.15.10-3.zncgsl7.2.x86_64.rpm","python3-qt5-core-5.15.10-3.zncgsl7.2.x86_64.rpm","python3-qt5-bluetooth-5.15.10-3.zncgsl7.2.x86_64.rpm","python3-qt5-designer-5.15.10-3.zncgsl7.2.x86_64.rpm","python3-qt5-5.15.10-3.zncgsl7.2.noarch.rpm","python3-qt5-location-5.15.10-3.zncgsl7.2.x86_64.rpm","python-qt5-rpm-macros-5.15.10-3.zncgsl7.2.noarch.rpm"],"source":"python-qt5-5.15.10-3.zncgsl7.2.src.rpm"}]}]}
CVE
参考