Tuukka Turunen

Qt 5.11.3 Released with Important Security Updates

Published Tuesday December 4th, 2018
6 Comments on Qt 5.11.3 Released with Important Security Updates
Posted in Dev Loop, Releases, Security

Qt 5.11.3 is released today. As a patch release it does not add any new functionality, but provides important bug fixes, security updates and other improvements.

Compared to Qt 5.11.2, the Qt 5.11.3 release provides fixes for over 100 bugs and it contains around 300 changes in total. For details of the most important changes, please check the Change files of Qt 5.11.3.

Qt 5.11.3 contains the following important security fixes:

All these security fixes are included in the upcoming Qt 5.12.0 release.

Qt 5.9.7 released earlier contains all the fixes, except the one for virtual keyboard, which is available as a set of patches here, here and here.

Qt 5.6.3 release can be patched with these security fixes available here, here, here, herehere, herehere and here.

Qt 5.11.3 is the last release of the Qt 5.11.x series. The 5.11 branch is now closed. All bug fixes go into Qt 5.12 and the most important ones are cherry picked into Qt 5.9 LTS.

The recommended way for getting Qt 5.11.3 is using the maintenance tool of the online installer. For new installations, please download latest online installer from Qt Account portal (commercial license holders) or from qt.io Download page (open source).

Offline packages are also available for those can’t use the online installer.

Do you like this? Share it
Share on LinkedInGoogle+Share on FacebookTweet about this on Twitter

Posted in Dev Loop, Releases, Security


rp says:

Does it officially support macOS 10.14 and XCode 10? Or do we have to wait till version 5.12? Thanks.

Tor Arne says:

No, Xcode 10/SDK 10.14 is not supported. See http://blog.qt.io/blog/2018/11/08/qt-macos-10-14-mojave/ for more details.

trebla says:

It would be good if you would be a good citizen and issued CVEs for those security issues, because at least for “Qt Virtual Keyboard logs all key presses” updating is not enough, you need to clean the log files.

@trebla: CVEs are in process. We’ll link these to the blog post when available.

Andreas says:

I sure hope that this is not “[…] the last release of the Qt 5.11.x series” as stated as it introduced some major regressions making it unusable. A quick check showed that dynamically created menu items disappear on hover – which seems like https://bugreports.qt.io/browse/QTBUG-71066 which has already been fixed in the latest 5.12 beta (which we can’t use either due to another regression – see https://bugreports.qt.io/browse/QTBUG-71042).

CVE numbers and links added. Note that some of the links are not active yet, when activated will lead to description of the vulnerability.

Leave a Reply

Your email address will not be published.

Get started today with Qt Download now