From: Raspbian automatic forward porter <root@raspbian.org>
Date: Thu, 1 Oct 2020 19:15:49 +0000 (+0100)
Subject: Merge version 4:4.8.7+dfsg-11+rpi1 and 4:4.8.7+dfsg-11+deb9u1 to produce 4:4.8.7... 
X-Git-Tag: archive/raspbian/4%4.8.7+dfsg-11+rpi1+deb9u1^0
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=8b6c83f0ae8af2e02f419705dc1818b23e0b8b79;p=qt4-x11.git

Merge version 4:4.8.7+dfsg-11+rpi1 and 4:4.8.7+dfsg-11+deb9u1 to produce 4:4.8.7+dfsg-11+rpi1+deb9u1
---

8b6c83f0ae8af2e02f419705dc1818b23e0b8b79
diff --cc debian/changelog
index 2aec92bb9,6c50f5c09..943136b4a
--- a/debian/changelog
+++ b/debian/changelog
@@@ -1,9 -1,17 +1,24 @@@
- qt4-x11 (4:4.8.7+dfsg-11+rpi1) stretch-staging; urgency=medium
++qt4-x11 (4:4.8.7+dfsg-11+rpi1+deb9u1) stretch-staging; urgency=medium
 +
 +  [changes brought forward from 4:4.8.6+git64-g5dc8b2b+dfsg-2+rpi1 by Peter Micheal Green <plugwash@raspbian.org> at Thu, 31 Jul 2014 22:56:54 +0000]
 +  * Disable neon
 +
-  -- Raspbian forward porter <root@raspbian.org>  Tue, 15 Nov 2016 19:34:19 +0000
++ -- Raspbian forward porter <root@raspbian.org>  Thu, 01 Oct 2020 19:15:48 +0000
++
+ qt4-x11 (4:4.8.7+dfsg-11+deb9u1) stretch-security; urgency=medium
+ 
+   * Non-maintainer upload by the LTS team.
+   * CVE-2018-15518: Double-free or corruption in QXmlStreamReader
+     during parsing of a specially crafted illegal XML document.
+   * CVE-2018-19869: A malformed SVG image causes a segmentation fault.
+   * CVE-2018-19870: A malformed GIF image causes a NULL pointer
+     dereference in QGifHandler resulting in a segmentation fault.
+   * CVE-2018-19871: Uncontrolled Resource Consumption in QTgaFile.
+   * CVE-2018-19872: A malformed PPM image causes a crash.
+   * CVE-2018-19873: QBmpHandler segfault on malformed BMP file.
+   * CVE-2020-17507: Buffer over-read in the XBM parser.
+ 
+  -- Adrian Bunk <bunk@debian.org>  Sun, 20 Sep 2020 22:01:50 +0300
  
  qt4-x11 (4:4.8.7+dfsg-11) unstable; urgency=medium