Qt is a software toolkit for developing applications. The qt5-base packages contain base tools for string, xml, and network handling in Qt.
Security Fix(es):
qt: buffer over-read via a crafted reply from a DNS server (CVE-2023-33285)
qt: allows remote attacker to bypass security restrictions caused by flaw in certificate validation (CVE-2023-34410)
qtbase: buffer overflow in QXmlStreamReader (CVE-2023-37369)
qtbase: infinite loops in QXmlStreamReader (CVE-2023-38197)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.9 Release Notes linked from the References section.