- qtbase-opensource-src (5.15.2+dfsg-9+rpi1) bullseye-staging; urgency=medium
++qtbase-opensource-src (5.15.2+dfsg-9+rpi1+deb11u1) bullseye-staging; urgency=medium
+
+ [changes introduced in 5.6.1+dfsg-2+rpi1] by Peter Michael Green]
+ * Partially fix clean target.
+
+ [changes introduced in 5.9.1+dfsg-9+rpi1 by Peter Michael Green]
+ * Disable neon (-no-neon no longer seems to work, so edit configure.json instead)
+
- -- Raspbian forward porter <root@raspbian.org> Thu, 15 Jul 2021 22:18:33 +0000
++ -- Raspbian forward porter <root@raspbian.org> Sun, 30 Jun 2024 13:09:59 +0000
++
+ qtbase-opensource-src (5.15.2+dfsg-9+deb11u1) bullseye; urgency=medium
+
+ * Non-maintainer upload by the LTS Team.
+ * CVE-2024-25580 (Closes: #1064053)
+ fix buffer overflow due to crafted KTX image file
+ * CVE-2023-32763 (Closes: #1036702)
+ fix QTextLayout buffer overflow due to crafted SVG file
+ * CVE-2022-25255
+ prevent QProcess from execution of a binary from the current working
+ directory when not found in the PATH
+ * CVE-2023-24607 (Closes: #1031872)
+ fix denial of service via a crafted string when the SQL ODBC driver
+ plugin is used
+ * fix regression caused by patch for CVE-2023-24607
+ * CVE-2023-32762
+ prevent incorrect parsing of the strict-transport-security (HSTS) header
+ * CVE-2023-51714 (Closes: #1060694)
+ fix incorrect HPack integer overflow check.
+ * CVE-2023-38197 (Closes: #1041105)
+ fix infinite loop in recursive entity expansion
+ * CVE-2023-37369 (Closes: #1059302)
+ fix crash of application in QXmlStreamReader due to crafted XML string
+ * CVE-2023-34410 (Closes: #1037210)
+ fix checking during TLS whether root of the chain really is a
+ configured CA certificate
+ * CVE-2023-33285 (Closes: #1036848)
+ fix buffer overflow in QDnsLookup
+
+ -- Thorsten Alteholz <debian@alteholz.de> Sun, 28 Apr 2024 22:48:02 +0200
qtbase-opensource-src (5.15.2+dfsg-9) unstable; urgency=medium
projects / qtbase-opensource-src.git / commitdiff