projects / qt4-x11.git / log
? search:
summary | shortlog | log | commit | commitdiff | tree
first ⋅ prev ⋅ next
qt4-x11.git
2 years ago[PATCH] Don't crash on broken GIF images
commit | commitdiff | tree
Lars Knoll [Thu, 24 Apr 2014 13:33:27 +0000 (15:33 +0200)]
[PATCH] Don't crash on broken GIF images

Broken GIF images could set invalid width and height
values inside the image, leading to Qt creating a null
QImage for it. In that case we need to abort decoding
the image and return an error.

Initial patch by Rich Moore.

Backport of Id82a4036f478bd6e49c402d6598f57e7e5bb5e1e from Qt 5

Task-number: QTBUG-38367
Change-Id: I0680740018aaa8356d267b7af3f01fac3697312a
Security-advisory: CVE-2014-0190

Gbp-Pq: Name dont_crash_on_broken_gif_images.patch

2 years ago[PATCH] Fix logic for figuring out what ConfigureNotify positions can be trusted
commit | commitdiff | tree
Owen W. Taylor [Mon, 17 Oct 2011 21:27:43 +0000 (17:27 -0400)]
[PATCH] Fix logic for figuring out what ConfigureNotify positions can be trusted

When reading ahead in the queue for ConfigureNotify events, it's necessary
to look for intermediate ReparentNotify events as well, since they will
determine whether the position in the event can be trusted or not.

Bug: https://bugreports.qt.nokia.com/browse/QTBUG-21900

Gbp-Pq: Name QTBUG-21900_Buttons_in_Qt_applications_not_clickable_when_run_under_gnome-shell.patch

2 years agosupport reading of default value for startDragDistance property
commit | commitdiff | tree
Debian Qt/KDE Maintainers [Tue, 22 Aug 2023 13:42:24 +0000 (14:42 +0100)]
support reading of default value for startDragDistance property

from QT_USE_DRAG_DISTANCE environment variable.
See also http://bugreports.qt.nokia.com/browse/QTBUG-12594
Author: Joonas Tanskanen <joonas.tanskanen@sasken.com>

Gbp-Pq: Name Add_support_for_QT_USE_DRAG_DISTANCE_env_var.patch

2 years agoqt4-x11 (4:4.8.7+dfsg-18+deb10u2) buster-security; urgency=medium
commit | commitdiff | tree
Roberto C. Sánchez [Tue, 22 Aug 2023 13:42:24 +0000 (14:42 +0100)]
qt4-x11 (4:4.8.7+dfsg-18+deb10u2) buster-security; urgency=medium

  [ Scarlett Moore ]
  * Non-maintainer upload by LTS team.
  * Patch from Fedora to fix root certificates issue.
    If the global configuration doesn't allow root certificates to be loaded
    on demand then we have to disable it for qsslsocketprivate as well.
    (Fixes: CVE-2023-34410)
  * Patch from Fedora to fix: Uninitialized variable usage in m_unitsPerEm.
    (Fixes: CVE-2023-32573)
  * Add patch to do stricter error checking when parsing
    path nodes. (Fixes: CVE-2021-45930)
  * Add patch to clamp parsed doubles to float representable
    values. (Fixes: CVE-2021-3481)

  [ Roberto C. Sánchez ]
  * Add patch to prevent buffer overflow when a SVG file with an image inside
    it is rendered.
    (Fixes: CVE-2023-32763)
  * Add patch to prevent an application crash in QXmlStreamReader via a
    crafted XML string that triggers a situation in which a prefix is greater
    than a length.
    (Fixes: CVE-2023-37369)
  * Add patch to prevent infinite loops in recursive entity expansion.
    (Fixes: CVE-2023-38197)

[dgit import unpatched qt4-x11 4:4.8.7+dfsg-18+deb10u2]

2 years agoImport qt4-x11_4.8.7+dfsg-18+deb10u2.debian.tar.xz
commit | commitdiff | tree
Roberto C. Sánchez [Tue, 22 Aug 2023 13:42:24 +0000 (14:42 +0100)]
Import qt4-x11_4.8.7+dfsg-18+deb10u2.debian.tar.xz

[dgit import tarball qt4-x11 4:4.8.7+dfsg-18+deb10u2 qt4-x11_4.8.7+dfsg-18+deb10u2.debian.tar.xz]

10 years agoImport qt4-x11_4.8.7+dfsg.orig.tar.xz
commit | commitdiff | tree
Lisandro Damián Nicanor Pérez Meyer [Tue, 26 May 2015 12:18:39 +0000 (13:18 +0100)]
Import qt4-x11_4.8.7+dfsg.orig.tar.xz

[dgit import orig qt4-x11_4.8.7+dfsg.orig.tar.xz]

Unnamed repository; edit this file 'description' to name the repository.