summary |
shortlog | log |
commit |
commitdiff |
tree
first ⋅ prev ⋅ next
Roberto C. Sánchez [Tue, 22 Aug 2023 13:42:24 +0000 (14:42 +0100)]
qt4-x11 (4:4.8.7+dfsg-18+deb10u2) buster-security; urgency=medium
[ Scarlett Moore ]
* Non-maintainer upload by LTS team.
* Patch from Fedora to fix root certificates issue.
If the global configuration doesn't allow root certificates to be loaded
on demand then we have to disable it for qsslsocketprivate as well.
(Fixes: CVE-2023-34410)
* Patch from Fedora to fix: Uninitialized variable usage in m_unitsPerEm.
(Fixes: CVE-2023-32573)
* Add patch to do stricter error checking when parsing
path nodes. (Fixes: CVE-2021-45930)
* Add patch to clamp parsed doubles to float representable
values. (Fixes: CVE-2021-3481)
[ Roberto C. Sánchez ]
* Add patch to prevent buffer overflow when a SVG file with an image inside
it is rendered.
(Fixes: CVE-2023-32763)
* Add patch to prevent an application crash in QXmlStreamReader via a
crafted XML string that triggers a situation in which a prefix is greater
than a length.
(Fixes: CVE-2023-37369)
* Add patch to prevent infinite loops in recursive entity expansion.
(Fixes: CVE-2023-38197)
[dgit import unpatched qt4-x11 4:4.8.7+dfsg-18+deb10u2]
Roberto C. Sánchez [Tue, 22 Aug 2023 13:42:24 +0000 (14:42 +0100)]
Import qt4-x11_4.8.7+dfsg-18+deb10u2.debian.tar.xz
[dgit import tarball qt4-x11 4:4.8.7+dfsg-18+deb10u2 qt4-x11_4.8.7+dfsg-18+deb10u2.debian.tar.xz]
Lisandro Damián Nicanor Pérez Meyer [Tue, 26 May 2015 12:18:39 +0000 (13:18 +0100)]
Import qt4-x11_4.8.7+dfsg.orig.tar.xz
[dgit import orig qt4-x11_4.8.7+dfsg.orig.tar.xz]
projects / qt4-x11.git / log