Hi, I hope that my message finds you well.
1) Is QColorTransferGenericFunction a middleware service/function or an application(applicative) Code? 2) was it loaded only on Qt creator or on distribution such as Unix/Linux using Qt +=gui and qmake to compile and install ? Feel free to correct me if I am wrong. Kindly, Jerry. On Fri, 11 Jul 2025, 11:04 List for announcements regarding Qt releases and development via Announce via Development, <development@qt-project.org> wrote: > Hi, > > When passing values outside of the expected range to > QColorTransferGenericFunction it can cause a denial of service, for > example, this can happen when passing a specifically crafted ICC profile to > QColorSpace::fromICCProfile. > This has been assigned the CVE id CVE-2025-5992. > *Affected versions:* Qt from 6.8.0 through 6.8.3, from 6.9.0 through > 6.9.1. > *Vulnerability Score: *CVSS v4.0: 2.3 > *Solution:* As a workaround if you are loading ICC profiles then ensure > that you are doing so from a trusted source. Alternatively, you can apply > the appropriate patch for your Qt version: > 6.9: > https://download.qt.io/official_releases/qt/6.9/CVE-2025-5992-qtbase-6.9.patch > or > https://codereview.qt-project.org/c/qt/qtbase/+/657023 > <https://download.qt.io/official_releases/qt/6.9/CVE-2025-5992-qtbase-6.9.patch> > 6.8: > https://download.qt.io/official_releases/qt/6.8/CVE-2025-5992-qtbase-6.8.patch > or https://codereview.qt-project.org/c/qt/tqtc-qtbase/+/657094 > <https://download.qt.io/official_releases/qt/6.8/CVE-2025-5992-qtbase-6.8.patch> > Kind regards, > > Andy > > -- > > Andy Shaw, > > Director, Customer Services - SQS > > The Qt Company > > > > Confidential > _______________________________________________ > Announce mailing list > annou...@qt-project.org > https://lists.qt-project.org/listinfo/announce > -- > Development mailing list > Development@qt-project.org > https://lists.qt-project.org/listinfo/development >
-- Development mailing list Development@qt-project.org https://lists.qt-project.org/listinfo/development
