From: Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
Date: Sat, 13 Jan 2024 13:53:25 +0000 (+0100)
Subject: cve-2023-32762
X-Git-Tag: archive/raspbian/6.4.2+dfsg-21+rpi1^2~16
X-Git-Url: https://dgit.raspbian.org/%22http:/www.example.com/cgi/%22https://%22Program/%22http:/www.example.com/cgi/%22https:/%22Program?a=commitdiff_plain;h=cd349f9ece3ac14d7e268152afef7f8a8f775b9a;p=qt6-base.git

cve-2023-32762


Gbp-Pq: Name cve-2023-32762.diff
---

diff --git a/src/network/access/qhsts.cpp b/src/network/access/qhsts.cpp
index 39905f35..26d9f369 100644
--- a/src/network/access/qhsts.cpp
+++ b/src/network/access/qhsts.cpp
@@ -328,7 +328,7 @@ bool QHstsHeaderParser::parse(const QList<QPair<QByteArray, QByteArray>> &header
 {
     for (const auto &h : headers) {
         // We use '==' since header name was already 'trimmed' for us:
-        if (h.first == "Strict-Transport-Security") {
+        if (h.first.compare("Strict-Transport-Security", Qt::CaseInsensitive) == 0) {
             header = h.second;
             // RFC6797, 8.1:
             //