From: Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
Date: Fri, 22 Dec 2023 15:11:45 +0000 (+0100)
Subject: cve-2023-32762
X-Git-Tag: archive/raspbian/6.4.2+dfsg-20+rpi1^2~16
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=08b43e0e4894b813e66fb64010e6fe6acd0f6d68;p=qt6-base.git

cve-2023-32762


Gbp-Pq: Name cve-2023-32762.diff
---

diff --git a/src/network/access/qhsts.cpp b/src/network/access/qhsts.cpp
index 39905f35..26d9f369 100644
--- a/src/network/access/qhsts.cpp
+++ b/src/network/access/qhsts.cpp
@@ -328,7 +328,7 @@ bool QHstsHeaderParser::parse(const QList<QPair<QByteArray, QByteArray>> &header
 {
     for (const auto &h : headers) {
         // We use '==' since header name was already 'trimmed' for us:
-        if (h.first == "Strict-Transport-Security") {
+        if (h.first.compare("Strict-Transport-Security", Qt::CaseInsensitive) == 0) {
             header = h.second;
             // RFC6797, 8.1:
             //