dgit.raspbian.org Git - qtbase-opensource-src.git/log

adjust QMimeDatabase implementation

Origin: upstream, https://code.qt.io/cgit/qt/qtbase.git/commit/?id=0cbbba2aa5b47224
Last-Update: 2021-06-12

When multiple globs match, and the result from magic sniffing is
unrelated to any of those globs, globs have priority and one of them
should be picked up.

Gbp-Pq: Name mime_globs.diff

fix allocated memory of QByteArray returned by QIODevice::readLine

Origin: upstream, https://code.qt.io/cgit/qt/qtbase.git/commit/?id=6485b6d45ad165cf
Last-Update: 2021-02-20

Gbp-Pq: Name qiodevice_readline_memory.diff

include <limits> to fix some GCC 11 build issues

Origin: upstream, commits:
https://code.qt.io/cgit/qt/qtbase.git/commit/?id=813a928c7c3cf986
https://code.qt.io/cgit/qt/qtbase.git/commit/?id=9c56d4da2ff631a8
Last-Update: 2021-01-26

Gbp-Pq: Name gcc_11_limits.diff

QNAM: work around QObject finicky orphan cleanup details

Origin: upstream, https://code.qt.io/cgit/qt/qtbase.git/commit/?id=0807f16eb407eaf8
Last-Update: 2021-01-26

Gbp-Pq: Name qnam_connect_memory_leak.diff

Avoid use-after-free in QXcbConnection::initializeScreens()

Origin: upstream, https://code.qt.io/cgit/qt/qtbase.git/commit/?id=86b8c5c3f32c2457
Last-Update: 2020-11-23

Gbp-Pq: Name xcb_screens_uaf.patch

qtbase-opensource-src (5.15.2+dfsg-9+deb11u1) bullseye; urgency=medium

  * Non-maintainer upload by the LTS Team.
  * CVE-2024-25580 (Closes: #1064053)
    fix buffer overflow due to crafted KTX image file
  * CVE-2023-32763 (Closes: #1036702)
    fix QTextLayout buffer overflow due to crafted SVG file
  * CVE-2022-25255
    prevent QProcess from execution of a binary from the current working
    directory when not found in the PATH
  * CVE-2023-24607 (Closes: #1031872)
    fix denial of service via a crafted string when the SQL ODBC driver
    plugin is used
  * fix regression caused by patch for CVE-2023-24607
  * CVE-2023-32762
    prevent incorrect parsing of the strict-transport-security (HSTS) header
  * CVE-2023-51714 (Closes: #1060694)
    fix incorrect HPack integer overflow check.
  * CVE-2023-38197 (Closes: #1041105)
    fix infinite loop in recursive entity expansion
  * CVE-2023-37369 (Closes: #1059302)
    fix crash of application in QXmlStreamReader due to crafted XML string
  * CVE-2023-34410 (Closes: #1037210)
    fix checking during TLS whether root of the chain really is a
    configured CA certificate
  * CVE-2023-33285 (Closes: #1036848)
    fix buffer overflow in QDnsLookup

[dgit import unpatched qtbase-opensource-src 5.15.2+dfsg-9+deb11u1]

Import qtbase-opensource-src_5.15.2+dfsg-9+deb11u1.debian.tar.xz

[dgit import tarball qtbase-opensource-src 5.15.2+dfsg-9+deb11u1 qtbase-opensource-src_5.15.2+dfsg-9+deb11u1.debian.tar.xz]

Import qtbase-opensource-src_5.15.2+dfsg.orig.tar.xz

[dgit import orig qtbase-opensource-src_5.15.2+dfsg.orig.tar.xz]