SUSE 5149 Published by

Updated qbittorrent packages are available for SUSE Linux Enterprise 15 SP6:

openSUSE-SU-2024:0358-1: moderate: Security update for qbittorrent




openSUSE-SU-2024:0358-1: moderate: Security update for qbittorrent


openSUSE Security Update: Security update for qbittorrent
_______________________________

Announcement ID: openSUSE-SU-2024:0358-1
Rating: moderate
References: #1232731
Cross-References: CVE-2024-51774
Affected Products:
openSUSE Backports SLE-15-SP6
_______________________________

An update that fixes one vulnerability is now available.

Description:

This update for qbittorrent fixes the following issues:

- Update to version 5.0.1 (fixes boo#1232731 CVE-2024-51774)

Added features:

* Add "Simple pread/pwrite" disk IO type

Bug fixes:

* Don't ignore SSL errors (boo#1232731 CVE-2024-51774)
* Don't try to apply Mark-of-the-Web to nonexistent files
* Disable "Move to trash" option by default
* Disable the ability to create torrents with a piece size of 256MiB
* Allow to choose Qt style
* Always notify user about duplicate torrent
* Correctly handle "torrent finished after move" event
* Correctly apply filename filter when `!qB` extension is enabled
* Improve color scheme change detection
* Fix button state for SSL certificate check

Web UI:

* Fix CSS that results in hidden torrent list in some browsers
* Use proper text color to highlight items in all filter lists
* Fix 'rename files' dialog cannot be opened more than once
* Fix UI of Advanced Settings to show all settings
* Free resources allocated by web session once it is destructed

Search:

* Import correct libraries

Other changes:

* Sync flag icons with upstream

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP6:

zypper in -t patch openSUSE-2024-358=1

Package List:

- openSUSE Backports SLE-15-SP6 (aarch64 ppc64le s390x x86_64):

qbittorrent-5.0.1-bp156.3.6.1
qbittorrent-nox-5.0.1-bp156.3.6.1

References:

https://www.suse.com/security/cve/CVE-2024-51774.html
https://bugzilla.suse.com/1232731