[Development] [Announce] Security advisory: A Heap-buffer-overflow issue in QTextMarkdownImporter impacts Qt

List for announcements regarding Qt releases and development via Announce announce at qt-project.org
Mon Apr 14 10:57:43 CEST 2025 

A Heap-buffer-overflow issue in QTextMarkdownImporter has been discovered and has been assigned the CVE id CVE-2025-3512.

Affected versions: From 6.8.0 up to 6.8.3. Versions before 6.6.0 are known to be unaffected.

Impact: Passing an incorrectly formatted markdown file to QTextMarkdownImporter can trigger a heap-buffer-overflow.

Solution: Apply the following patch or update to Qt 6.9.0 or 6.8.4

Patches:
Qt 6.8: https://codereview.qt-project.org/c/qt/qtbase/+/635699 or https://download.qt.io/official_releases/qt/6.8/CVE-2025-3512-qtbase-6.8.diff

______________________
Tuukka Kettunen
Senior Manager, Technical Customer Success
The Qt Company
Tutkijantie 4C
FI-90590 Oulu
Finland
www.qt.io<https://www.qt.io/>
[cid:image001.png at 01DBAD34.6D3758D0]<https://www.qt.io/>
[cid:image002.png at 01DBAD34.6D3758D0]<https://www.facebook.com/qt/>
[cid:image003.png at 01DBAD34.6D3758D0]<https://twitter.com/qtproject>
[cid:image004.png at 01DBAD34.6D3758D0]<https://www.linkedin.com/company/the-qt-company/>
[cid:image005.png at 01DBAD34.6D3758D0]<https://www.youtube.com/QtStudios>


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.qt-project.org/pipermail/development/attachments/20250414/b79c6480/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 6489 bytes
Desc: image001.png
URL: <http://lists.qt-project.org/pipermail/development/attachments/20250414/b79c6480/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 695 bytes
Desc: image002.png
URL: <http://lists.qt-project.org/pipermail/development/attachments/20250414/b79c6480/attachment-0001.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.png
Type: image/png
Size: 873 bytes
Desc: image003.png
URL: <http://lists.qt-project.org/pipermail/development/attachments/20250414/b79c6480/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image004.png
Type: image/png
Size: 761 bytes
Desc: image004.png
URL: <http://lists.qt-project.org/pipermail/development/attachments/20250414/b79c6480/attachment-0003.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image005.png
Type: image/png
Size: 732 bytes
Desc: image005.png
URL: <http://lists.qt-project.org/pipermail/development/attachments/20250414/b79c6480/attachment-0004.png>
-------------- next part --------------
_______________________________________________
Announce mailing list
Announce at qt-project.org
https://lists.qt-project.org/listinfo/announce

More information about the Development mailing list