Revisions of libqt5-qtbase
Gustavo Yokoyama Ribeiro (gyribeiro)
committed
(revision 5)
Mirrored from OBS SR#958079 place missed in the first version (boo#1195386, CVE-2022-23853, boo#1196501, CVE-2022-25255): (boo#1195386, CVE-2022-23853, boo#1196501, CVE-2022-25255):
Gustavo Yokoyama Ribeiro (gyribeiro)
committed
(revision 4)
- Update patch after it was merged to dev upstream and fix another place missed in the first version (boo#1195386, CVE-2022-23853): * 0001-QProcess-Unix-ensure-we-don-t-accidentally-execute-s.patch
Stefan Weiberg (suntorytimed)
committed
(revision 3)
Related to jsc#SLE-18248. - Add patch to avoid unintentionally using binaries from CWD (boo#1195386, CVE-2022-23853): * 0001-QProcess-Unix-ensure-we-don-t-accidentally-execute-s.patch
Gustavo Yokoyama Ribeiro (gyribeiro)
committed
(revision 2)
Update package libqt5-qtbase from 5.12.7 to 5.15.2+kde294 (jsc#SLE-18248) Some notes on this SR: The following patches are not parsed correctly by factory-auto: 0001-Sanitize-QXcbScreen-s-pixelDensity-values.patch 0001-Fix-qfloat16-methods-definition-without-declaration-.patch They're referenced correctly as being dropped in the changelog entry from "Mon Sep 30 13:29:55 UTC 2019" Also there are some bug references that seem to be removed from the changelog in this SR but they're fine: * CVE-2020-0569 is a wrong link (as can be seen at https://nvd.nist.gov/vuln/detail/CVE-2020-0569 which is not related to Qt at all) should be CVE-2020-0570, which is referenced correctly. * bsc#1179165 and kde#425188 are both actually the same bug (QTBUG-88288) which doesn't affect the submitted Qt version (quoting https://bugreports.qt.io/browse/QTBUG-88288: This bug does not apply to Qt 5.14, because there QDesktopWidget is not used anymore, and setDpiFromWidget() handles this case robustly) - Update to version 5.15.2+kde294: * QTzTimeZonePrivate::init(): fix handling of empty ID * Restore support for reading /etc/timezone for system zone name * QPathEdge: Fix array initialization * QTzTimeZonePrivate: fix UB (data race on m_icu) * Don't access QObject::objectName during QThread start * Restore C++11 compatibility after e8b9f4c28d3ab5e960dc54f2dc0c4b749b0b50e0 * QVarLengthArray: fix size update on failed append() * Call statx() with AT_NO_AUTOMOUNT * QThread: Remove superfluous initialization of threadId on Unix * QThread: Reset the system thread ID when thread exits on Unix * Add missing macOS header file that was indirectly included before * QXcb: don't dereference pointer before checking * xcb: avoid to use invalid pointers * QVarLengthArray: fix insert() type/alias mismatch between decl and impl * Use qint64 to replace int while qt_transform_image_rasterize * QVarLengthArray: assert that the range passed to erase() is valid * Fix pattern type matching * QThread: fix UB (invalid enum value) on Private::Priority * Use block char format to render list item bullets and numbers * QDateTime: Don't require c++17 * QVariantAnimation: fix UB (FP 0/0) in interpolated() arg calculation * QDateTime: fix UB (signed overflow) in addDays() * QString: fix UB (pointer arithmetic on nullptr) in qLastIndexOf * tst_QIODevice: fix UB (precondition violation) in SequentialReadBuffer::readData() * QVarLengthArray: fix UB (precondition violation) in range-erase() * Fix segmentation fault in QObject::dumpObjectInfo - Update to version 5.15.2+kde268: * Adapt for q_EVP_PKEY_base_id â q_EVP_PKEY_get_base_id rename in OpenSSL 3
Gustavo Yokoyama Ribeiro (gyribeiro)
committed
(revision 1)
initialize package
Displaying all 5 revisions