Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
libqt4-sql-plugins.31633
CVE-2023-34410.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2023-34410.patch of Package libqt4-sql-plugins.31633
From 295d72210968ea51710bd1c39045498aa55a10ad Mon Sep 17 00:00:00 2001 From: Than Ngo <than@redhat.com> Date: Jun 09 2023 15:29:40 +0000 Subject: fix #2212749, CVE-2023-34410 --- --- a/src/network/ssl/qsslsocket.cpp +++ b/src/network/ssl/qsslsocket.cpp 2023-06-09 16:42:50.152993830 +0200 @@ -1863,6 +1863,10 @@ QSslSocketPrivate::QSslSocketPrivate() , plainSocket(0) { QSslConfigurationPrivate::deepCopyDefaultConfiguration(&configuration); + // If the global configuration doesn't allow root certificates to be loaded + // on demand then we have to disable it for this socket as well. + if (!configuration.allowRootCertOnDemandLoading) + allowRootCertOnDemandLoading = false; } /*! @@ -2041,6 +2045,7 @@ void QSslConfigurationPrivate::deepCopyD ptr->sessionCipher = global->sessionCipher; ptr->ciphers = global->ciphers; ptr->caCertificates = global->caCertificates; + ptr->allowRootCertOnDemandLoading = global->allowRootCertOnDemandLoading; ptr->protocol = global->protocol; ptr->peerVerifyMode = global->peerVerifyMode; ptr->peerVerifyDepth = global->peerVerifyDepth;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor