Bug 2369870

Summary:	CVE-2025-5455 qt6-qtbase: QtCore Assertion Failure Denial of Service [epel-9]
Product:	[Fedora] Fedora EPEL	Reporter:	Jon Moroney <jmoroney>
Component:	qt6-qtbase	Assignee:	Troy Dawson <tdawson>
Status:	ASSIGNED ---	QA Contact:
Severity:	medium	Docs Contact:
Priority:	medium
Version:	epel9	CC:	jgrulich, kde-sig, mfindra, tdawson
Target Milestone:	---	Keywords:	Security, SecurityTracking
Target Release:	---
Hardware:	Unspecified
OS:	Unspecified
Whiteboard:	{"flaws": ["18af4671-b7b4-4f85-8a93-08af4cf17199"]}
Fixed In Version:		Doc Type:	---
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:		Type:	---
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:
Bug Depends On:
Bug Blocks:	2369722

Description Jon Moroney 2025-06-02 19:10:54 UTC

More information about this security flaw is available in the following bug:

https://bugzilla.redhat.com/show_bug.cgi?id=2369722

Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.

Comment 1 Fedora Admin user for bugzilla script actions 2025-06-10 14:14:05 UTC

This package has changed maintainer in Fedora. Reassigning to the new maintainer of this component.

Comment 2 Troy Dawson 2025-06-13 19:46:32 UTC

working on updating qt6 to 6.9.1 which will fix this CVE.