summary |
shortlog | log |
commit |
commitdiff |
tree
first ⋅ prev ⋅ next
Debian Qt/KDE Maintainers [Tue, 22 Aug 2023 13:42:24 +0000 (14:42 +0100)]
CVE-2023-32763
Gbp-Pq: Name CVE-2023-32763.patch
Than Ngo [Fri, 9 Jun 2023 15:29:40 +0000 (15:29 +0000)]
fix #
2212749, CVE-2023-34410
Gbp-Pq: Name CVE-2023-34410.patch
Than Ngo [Thu, 18 May 2023 15:15:05 +0000 (15:15 +0000)]
fix #
2208136, CVE-2023-32573 Uninitialized variable usage in m_unitsPerEm
Gbp-Pq: Name CVE-2023-32573.patch
Eirik Aavitsland [Mon, 25 Oct 2021 12:17:55 +0000 (14:17 +0200)]
[PATCH] Do stricter error checking when parsing path nodes
The SVG spec mandates that path parsing should terminate on the first
error encountered, and an error be reported. To improve the handling
of corrupt files, implement such error handling, and also limit the
number of QPainterPath elements to a reasonable range.
Fixes: QTBUG-96044
Change-Id: Ic5e65d6b658516d6f1317c72de365c8c7ad81891
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Reviewed-by: Robert Löhning <robert.loehning@qt.io>
(cherry picked from commit
36cfd9efb9b22b891adee9c48d30202289cfa620)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
Gbp-Pq: Name CVE-2021-45930.patch
Allan Sandfeld Jensen [Thu, 4 Mar 2021 13:28:48 +0000 (14:28 +0100)]
[PATCH] Clamp parsed doubles to float representable values
Parts of our rendering assumes incoming doubles can still be sane
floats.
Fixes: QTBUG-91507
Change-Id: I7086a121e1b5ed47695a1251ea90e774dd8f148d
Reviewed-by: Robert Löhning <robert.loehning@qt.io>
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
(cherry picked from commit
bfd6ee0d8cf34b63d32adf10ed93daa0086b359f)
Gbp-Pq: Name CVE-2021-3481.patch
Debian Qt/KDE Maintainers [Tue, 22 Aug 2023 13:42:24 +0000 (14:42 +0100)]
fix buffer overflow in XBM parser
Origin: upstream, https://code.qt.io/cgit/qt/qtbase.git/commit/?id=
1616c71921b73b22
Last-Update: 2020-08-18
Gbp-Pq: Name CVE-2020-17507.patch
Eirik Aavitsland [Tue, 4 Sep 2018 09:08:06 +0000 (11:08 +0200)]
[PATCH] bmp image handler: check for out of range image size
Make the decoder fail early to avoid spending time and memory on
attempting to decode a corrupt image file.
Change-Id: I874e04f3b43122d73f8e58c7a5bcc4a741b68264
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
Gbp-Pq: Name CVE-2018-19873.patch
Eirik Aavitsland [Thu, 2 Aug 2018 11:11:20 +0000 (13:11 +0200)]
[PATCH] Fix crash in qppmhandler for certain malformed image files
The ppm format specifies that the maximum color value field must be
less than 65536. The handler did not enforce this, leading to
potentional overflow when the value was used in 16 bits context.
Task-number: QTBUG-69449
Change-Id: Iea7a7e0f8953ec1ea8571e215687d12a9d77e11c
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
Gbp-Pq: Name CVE-2018-19872.patch
Eirik Aavitsland [Fri, 24 Aug 2018 10:03:00 +0000 (12:03 +0200)]
[PATCH] TGA handler: check for out of range image size
Make the decoder fail early to avoid spending time and memory on
attempting to decode a corrupt image file.
Change-Id: Iac35e72de743f412a65d11c58fe7faa275dc4e41
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
Gbp-Pq: Name CVE-2018-19871.patch
Eirik Aavitsland [Fri, 3 Aug 2018 11:25:15 +0000 (13:25 +0200)]
[PATCH] Check for QImage allocation failure in qgifhandler
Since image files easily can be (or corrupt files claim to be) huge,
it is worth checking for out of memory situations.
Change-Id: I635a3ec6852288079fdec4e14cf7e776fe59e9e0
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
Gbp-Pq: Name CVE-2018-19870.patch
Eirik Aavitsland [Mon, 9 Jul 2018 08:45:22 +0000 (10:45 +0200)]
[PATCH] Fix crash when parsing malformed url reference
The parsing did not check for end of input.
Change-Id: I56a478877d242146395977b767511425d2b8ced1
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
Gbp-Pq: Name CVE-2018-19869.patch
Allan Sandfeld Jensen [Mon, 13 Aug 2018 13:29:16 +0000 (15:29 +0200)]
[PATCH] Fix possible heap corruption in QXmlStream
The value of 'tos' at the check might already be on the last element,
so triggering stack expansion on the second last element is too late.
Change-Id: Ib3ab2662d4d27a71effe9e988b9e172923af2908
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Gbp-Pq: Name CVE-2018-15518.patch
Debian Qt/KDE Maintainers [Tue, 22 Aug 2023 13:42:24 +0000 (14:42 +0100)]
Replace timestamps from qhelpgenerator by a fixed date
In order to make qhelpgenerator output reproducible, we need a way to get
deterministic embedded timestaps. Backport the patch from qttools5 [1] to
make qch files reproducible by replacing the current time by a fixed date.
[1] https://codereview.qt-project.org/#/c/106296/
Author: Eduard Sanou <dhole@openmailbox.org>
Gbp-Pq: Name replace_timestamps_with_fixed_date_in_qhelpgenerator.patch
Debian Qt/KDE Maintainers [Tue, 22 Aug 2023 13:42:24 +0000 (14:42 +0100)]
Introduce a plugin system for QSystemTrayIcon.
Forwarded: no
Designed to be used with sni-qt (https://launchpad.net/sni-qt)
Introduce a plugin system for QSystemTrayIcon. Designed to be used with sni-qt
(https://launchpad.net/sni-qt)
Gbp-Pq: Name plugin_system_for_systemtray.patch
Lisandro Damián Nicanor Pérez Meyer [Sat, 15 Mar 2014 18:40:49 +0000 (15:40 -0300)]
[PATCH] Add qatomic support for AArch64 (aka arm64).
Patch by Mark Salter <msalter@redhat.com>
licensed under BSD:
<https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=735488#195>
This patch is known to not be the most correct way
to implement them, as it seems to be possible to do it in a faster way,
but should work non the less until we can provide something better.
Change-Id: Ib392b27dc54691fd4c2ea9896240ad71fb8128cc
Gbp-Pq: Name aarch64_arm64_qatomic_support.patch
Eskil Abrahamsen Blomfeldt [Fri, 10 Jul 2015 11:22:32 +0000 (13:22 +0200)]
[PATCH] Better handling of invalid font tables
Specifically when reading files with broken cmap tables, we could
get some undeterministic results. We handle this more gracefully
by verifying that the offsets are sane and bailing out early if not.
This replaces the current pattern throughout the font engine for
consistency.
This is a back-port of
4a1e5dbade4bab55f39bd368480dcca9a11e4b38
from Qt 5.
Change-Id: If4172b9ef0808801c8e27ffaad962535afe572ed
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Lars Knoll <lars.knoll@theqtcompany.com>
Gbp-Pq: Name Better-handling-of-invalid-font-tables.patch
Debian Qt/KDE Maintainers [Tue, 22 Aug 2023 13:42:24 +0000 (14:42 +0100)]
xmlpatterns_stack_overflow_fix
commit
d1b17740ed4d9b1e3c3ad5898bb8259969dc77df
Author: Kamil Rojewski <kamil.rojewski@gmail.com>
Date: Wed Aug 13 10:38:38 2014 +0200
fix for stack overflow
Recursion in item mapping iterator caused a stack
overflow for large datasets.
Task-number: QTBUG-40153
Change-Id: I693798de0ecfd3a920a3dd270172ce7ec3c13d8d
Reviewed-by: Jędrzej Nowacki <jedrzej.nowacki@digia.com>
Gbp-Pq: Name xmlpatterns_stack_overflow_fix.diff
Lars Knoll [Thu, 24 Apr 2014 13:33:27 +0000 (15:33 +0200)]
[PATCH] Don't crash on broken GIF images
Broken GIF images could set invalid width and height
values inside the image, leading to Qt creating a null
QImage for it. In that case we need to abort decoding
the image and return an error.
Initial patch by Rich Moore.
Backport of Id82a4036f478bd6e49c402d6598f57e7e5bb5e1e from Qt 5
Task-number: QTBUG-38367
Change-Id: I0680740018aaa8356d267b7af3f01fac3697312a
Security-advisory: CVE-2014-0190
Gbp-Pq: Name dont_crash_on_broken_gif_images.patch
Owen W. Taylor [Mon, 17 Oct 2011 21:27:43 +0000 (17:27 -0400)]
[PATCH] Fix logic for figuring out what ConfigureNotify positions can be trusted
When reading ahead in the queue for ConfigureNotify events, it's necessary
to look for intermediate ReparentNotify events as well, since they will
determine whether the position in the event can be trusted or not.
Bug: https://bugreports.qt.nokia.com/browse/QTBUG-21900
Gbp-Pq: Name QTBUG-21900_Buttons_in_Qt_applications_not_clickable_when_run_under_gnome-shell.patch
Debian Qt/KDE Maintainers [Tue, 22 Aug 2023 13:42:24 +0000 (14:42 +0100)]
support reading of default value for startDragDistance property
from QT_USE_DRAG_DISTANCE environment variable.
See also http://bugreports.qt.nokia.com/browse/QTBUG-12594
Author: Joonas Tanskanen <joonas.tanskanen@sasken.com>
Gbp-Pq: Name Add_support_for_QT_USE_DRAG_DISTANCE_env_var.patch
Roberto C. Sánchez [Tue, 22 Aug 2023 13:42:24 +0000 (14:42 +0100)]
qt4-x11 (4:4.8.7+dfsg-18+deb10u2) buster-security; urgency=medium
[ Scarlett Moore ]
* Non-maintainer upload by LTS team.
* Patch from Fedora to fix root certificates issue.
If the global configuration doesn't allow root certificates to be loaded
on demand then we have to disable it for qsslsocketprivate as well.
(Fixes: CVE-2023-34410)
* Patch from Fedora to fix: Uninitialized variable usage in m_unitsPerEm.
(Fixes: CVE-2023-32573)
* Add patch to do stricter error checking when parsing
path nodes. (Fixes: CVE-2021-45930)
* Add patch to clamp parsed doubles to float representable
values. (Fixes: CVE-2021-3481)
[ Roberto C. Sánchez ]
* Add patch to prevent buffer overflow when a SVG file with an image inside
it is rendered.
(Fixes: CVE-2023-32763)
* Add patch to prevent an application crash in QXmlStreamReader via a
crafted XML string that triggers a situation in which a prefix is greater
than a length.
(Fixes: CVE-2023-37369)
* Add patch to prevent infinite loops in recursive entity expansion.
(Fixes: CVE-2023-38197)
[dgit import unpatched qt4-x11 4:4.8.7+dfsg-18+deb10u2]
Roberto C. Sánchez [Tue, 22 Aug 2023 13:42:24 +0000 (14:42 +0100)]
Import qt4-x11_4.8.7+dfsg-18+deb10u2.debian.tar.xz
[dgit import tarball qt4-x11 4:4.8.7+dfsg-18+deb10u2 qt4-x11_4.8.7+dfsg-18+deb10u2.debian.tar.xz]
Lisandro Damián Nicanor Pérez Meyer [Tue, 26 May 2015 12:18:39 +0000 (13:18 +0100)]
Import qt4-x11_4.8.7+dfsg.orig.tar.xz
[dgit import orig qt4-x11_4.8.7+dfsg.orig.tar.xz]
projects / qt4-x11.git / log