openSUSE-SU-2024:0358-1: moderate: Security update for qbittorrent
openSUSE Security Update: Security update for qbittorrent ______________________________________________________________________________ Announcement ID: openSUSE-SU-2024:0358-1 Rating: moderate References: #1232731 Cross-References: CVE-2024-51774 Affected Products: openSUSE Backports SLE-15-SP6 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for qbittorrent fixes the following issues: - Update to version 5.0.1 (fixes boo#1232731 CVE-2024-51774) Added features: * Add "Simple pread/pwrite" disk IO type Bug fixes: * Don't ignore SSL errors (boo#1232731 CVE-2024-51774) * Don't try to apply Mark-of-the-Web to nonexistent files * Disable "Move to trash" option by default * Disable the ability to create torrents with a piece size of 256MiB * Allow to choose Qt style * Always notify user about duplicate torrent * Correctly handle "torrent finished after move" event * Correctly apply filename filter when `!qB` extension is enabled * Improve color scheme change detection * Fix button state for SSL certificate check Web UI: * Fix CSS that results in hidden torrent list in some browsers * Use proper text color to highlight items in all filter lists * Fix 'rename files' dialog cannot be opened more than once * Fix UI of Advanced Settings to show all settings * Free resources allocated by web session once it is destructed Search: * Import correct libraries Other changes: * Sync flag icons with upstream Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP6: zypper in -t patch openSUSE-2024-358=1 Package List: - openSUSE Backports SLE-15-SP6 (aarch64 ppc64le s390x x86_64): qbittorrent-5.0.1-bp156.3.6.1 qbittorrent-nox-5.0.1-bp156.3.6.1 References: https://www.suse.com/security/cve/CVE-2024-51774.html https://bugzilla.suse.com/1232731
participants (1)
-
opensuse-security@opensuse.org