This is a forwarded bug from Debian BTS:
The following vulnerability has been reported in libqt4-network.
> The part of the network library which handles the SSL connection can be
> tricked into an endless loop that freezes the whole application with
> CPU at 100%.
> The problem is located in the QSslSocketBackendPrivate::transmit()
> function in src_network_ssl_qsslsocket_openssl.cpp that never exits
> from the main "while" loop.
There's no known patch at the moment and an exploit is linked by the advisory.