An update for qt5-qtnetworkauth is now available for openEuler-24.03-LTS-SP1 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2025-1140 Final 1.0 1.0 2025-02-21 Initial 2025-02-21 2025-02-21 openEuler SA Tool V1.0 2025-02-21 qt5-qtnetworkauth security update An update for qt5-qtnetworkauth is now available for openEuler-24.03-LTS-SP1 Qt5 - NetworkAuth component Security Fix(es): QAbstractOAuth in Qt Network Authorization in Qt before 5.15.17, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.6, and 6.6.x through 6.7.x before 6.7.1 uses only the time to seed the PRNG, which may result in guessable values.(CVE-2024-36048) An update for qt5-qtnetworkauth is now available for openEuler-24.03-LTS-SP1. openEuler Security has rated this update as having a security impact of critical. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. Critical qt5-qtnetworkauth https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1140 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-36048 https://nvd.nist.gov/vuln/detail/CVE-2024-36048 openEuler-24.03-LTS-SP1 qt5-qtnetworkauth-5.15.10-2.oe2403sp1.aarch64.rpm qt5-qtnetworkauth-debuginfo-5.15.10-2.oe2403sp1.aarch64.rpm qt5-qtnetworkauth-debugsource-5.15.10-2.oe2403sp1.aarch64.rpm qt5-qtnetworkauth-devel-5.15.10-2.oe2403sp1.aarch64.rpm qt5-qtnetworkauth-examples-5.15.10-2.oe2403sp1.aarch64.rpm qt5-qtnetworkauth-5.15.10-2.oe2403sp1.src.rpm qt5-qtnetworkauth-5.15.10-2.oe2403sp1.x86_64.rpm qt5-qtnetworkauth-debuginfo-5.15.10-2.oe2403sp1.x86_64.rpm qt5-qtnetworkauth-debugsource-5.15.10-2.oe2403sp1.x86_64.rpm qt5-qtnetworkauth-devel-5.15.10-2.oe2403sp1.x86_64.rpm qt5-qtnetworkauth-examples-5.15.10-2.oe2403sp1.x86_64.rpm QAbstractOAuth in Qt Network Authorization in Qt before 5.15.17, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.6, and 6.6.x through 6.7.x before 6.7.1 uses only the time to seed the PRNG, which may result in guessable values. 2025-02-21 CVE-2024-36048 openEuler-24.03-LTS-SP1 Critical 9.8 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H qt5-qtnetworkauth security update 2025-02-21 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1140