Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/dev-qt/qtbase/files
diff options
context:
space:
mode:
authorJimi Huotari <chiitoo@gentoo.org>2023-06-07 17:34:14 +0300
committerJimi Huotari <chiitoo@gentoo.org>2023-06-10 16:33:04 +0300
commitdea3d4525da6db5bcf9f466c0233880b4a04b2b8 (patch)
tree044bc337aed059eac39922965424dd901b474b5a /dev-qt/qtbase/files
parentdev-qt/qt5compat: drop 6.5.0 (diff)
downloadgentoo-dea3d4525da6db5bcf9f466c0233880b4a04b2b8.tar.gz
gentoo-dea3d4525da6db5bcf9f466c0233880b4a04b2b8.tar.bz2
gentoo-dea3d4525da6db5bcf9f466c0233880b4a04b2b8.zip
dev-qt/qtbase: drop 6.5.0-r3
Signed-off-by: Jimi Huotari <chiitoo@gentoo.org>
Diffstat (limited to 'dev-qt/qtbase/files')
-rw-r--r--dev-qt/qtbase/files/qtbase-6.5.0-CVE-2023-32762.patch54
-rw-r--r--dev-qt/qtbase/files/qtbase-6.5.0-CVE-2023-33285.patch101
-rw-r--r--dev-qt/qtbase/files/qtbase-6.5.0-setActiveWindow-deprecated-version.patch35
3 files changed, 0 insertions, 190 deletions
diff --git a/dev-qt/qtbase/files/qtbase-6.5.0-CVE-2023-32762.patch b/dev-qt/qtbase/files/qtbase-6.5.0-CVE-2023-32762.patch
deleted file mode 100644
index 3574706fcd85..000000000000
--- a/dev-qt/qtbase/files/qtbase-6.5.0-CVE-2023-32762.patch
+++ /dev/null
@@ -1,54 +0,0 @@
-From eae7c36d681acfb82572b56e24bbb2cd42242e57 Mon Sep 17 00:00:00 2001
-From: =?utf8?q?M=C3=A5rten=20Nordheim?= <marten.nordheim@qt.io>
-Date: Fri, 5 May 2023 11:07:26 +0200
-Subject: [PATCH] Hsts: match header names case insensitively
-
-Header field names are always considered to be case-insensitive.
-
-Fixes: QTBUG-113392
-Change-Id: Ifb4def4bb7f2ac070416cdc76581a769f1e52b43
-Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
-Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
-Reviewed-by: Volker Hilsheimer <volker.hilsheimer@qt.io>
-(cherry picked from commit 1b736a815be0222f4b24289cf17575fc15707305)
-Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
----
- src/network/access/qhsts.cpp | 4 ++--
- tests/auto/network/access/hsts/tst_qhsts.cpp | 6 ++++++
- 2 files changed, 8 insertions(+), 2 deletions(-)
-
-diff --git a/src/network/access/qhsts.cpp b/src/network/access/qhsts.cpp
-index 39905f354807..82deede17298 100644
---- a/src/network/access/qhsts.cpp
-+++ b/src/network/access/qhsts.cpp
-@@ -327,8 +327,8 @@ quoted-pair = "\" CHAR
- bool QHstsHeaderParser::parse(const QList<QPair<QByteArray, QByteArray>> &headers)
- {
- for (const auto &h : headers) {
-- // We use '==' since header name was already 'trimmed' for us:
-- if (h.first == "Strict-Transport-Security") {
-+ // We compare directly because header name was already 'trimmed' for us:
-+ if (h.first.compare("Strict-Transport-Security", Qt::CaseInsensitive) == 0) {
- header = h.second;
- // RFC6797, 8.1:
- //
-diff --git a/tests/auto/network/access/hsts/tst_qhsts.cpp b/tests/auto/network/access/hsts/tst_qhsts.cpp
-index 252f5e8f5792..97a2d2889e57 100644
---- a/tests/auto/network/access/hsts/tst_qhsts.cpp
-+++ b/tests/auto/network/access/hsts/tst_qhsts.cpp
-@@ -216,6 +216,12 @@ void tst_QHsts::testSTSHeaderParser()
- QVERIFY(parser.expirationDate() > QDateTime::currentDateTimeUtc());
- QVERIFY(parser.includeSubDomains());
-
-+ list.pop_back();
-+ list << Header("strict-transport-security", "includeSubDomains;max-age=1000");
-+ QVERIFY(parser.parse(list));
-+ QVERIFY(parser.expirationDate() > QDateTime::currentDateTimeUtc());
-+ QVERIFY(parser.includeSubDomains());
-+
- list.pop_back();
- // Invalid (includeSubDomains twice):
- list << Header("Strict-Transport-Security", "max-age = 1000 ; includeSubDomains;includeSubDomains");
---
-2.16.3
-
diff --git a/dev-qt/qtbase/files/qtbase-6.5.0-CVE-2023-33285.patch b/dev-qt/qtbase/files/qtbase-6.5.0-CVE-2023-33285.patch
deleted file mode 100644
index c982cce36e9e..000000000000
--- a/dev-qt/qtbase/files/qtbase-6.5.0-CVE-2023-33285.patch
+++ /dev/null
@@ -1,101 +0,0 @@
-From a2dc11b37fd71f785c342c40549f54edfdd1a6f8 Mon Sep 17 00:00:00 2001
-From: Thiago Macieira <thiago.macieira@intel.com>
-Date: Thu, 11 May 2023 21:40:15 -0700
-Subject: [PATCH] QDnsLookup/Unix: make sure we don't overflow the buffer
-MIME-Version: 1.0
-Content-Type: text/plain; charset=utf8
-Content-Transfer-Encoding: 8bit
-
-The DNS Records are variable length and encode their size in 16 bits
-before the Record Data (RDATA). Ensure that both the RDATA and the
-Record header fields before it fall inside the buffer we have.
-
-Additionally reject any replies containing more than one query records.
-
-[ChangeLog][QtNetwork][QDnsLookup] Fixed a bug that could cause a buffer
-overflow in Unix systems while parsing corrupt, malicious, or truncated
-replies.
-
-Pick-to: 5.15 6.2 6.5.1
-Change-Id: I3e3bfef633af4130a03afffd175e4b9547654b95
-Reviewed-by: MÃ¥rten Nordheim <marten.nordheim@qt.io>
-Reviewed-by: Jani Heikkinen <jani.heikkinen@qt.io>
-(cherry picked from commit 7dba2c87619d558a61a30eb30cc1d9c3fe6df94c)
-Reviewed-by: Daniel Smith <Daniel.Smith@qt.io>
----
- src/network/kernel/qdnslookup_unix.cpp | 31 +++++++++++++++++++++++++------
- 1 file changed, 25 insertions(+), 6 deletions(-)
-
-diff --git a/src/network/kernel/qdnslookup_unix.cpp b/src/network/kernel/qdnslookup_unix.cpp
-index 8db79028f775..ad7bb51f67a5 100644
---- a/src/network/kernel/qdnslookup_unix.cpp
-+++ b/src/network/kernel/qdnslookup_unix.cpp
-@@ -193,7 +193,6 @@ void QDnsLookupRunnable::query(const int requestType, const QByteArray &requestN
- // responseLength in case of error, we still can extract the
- // exact error code from the response.
- HEADER *header = (HEADER*)response;
-- const int answerCount = ntohs(header->ancount);
- switch (header->rcode) {
- case NOERROR:
- break;
-@@ -227,18 +226,31 @@ void QDnsLookupRunnable::query(const int requestType, const QByteArray &requestN
- return;
- }
-
-- // Skip the query host, type (2 bytes) and class (2 bytes).
- char host[PACKETSZ], answer[PACKETSZ];
- unsigned char *p = response + sizeof(HEADER);
-- int status = local_dn_expand(response, response + responseLength, p, host, sizeof(host));
-- if (status < 0) {
-+ int status;
-+
-+ if (ntohs(header->qdcount) == 1) {
-+ // Skip the query host, type (2 bytes) and class (2 bytes).
-+ status = local_dn_expand(response, response + responseLength, p, host, sizeof(host));
-+ if (status < 0) {
-+ reply->error = QDnsLookup::InvalidReplyError;
-+ reply->errorString = tr("Could not expand domain name");
-+ return;
-+ }
-+ if ((p - response) + status + 4 >= responseLength)
-+ header->qdcount = 0xffff; // invalid reply below
-+ else
-+ p += status + 4;
-+ }
-+ if (ntohs(header->qdcount) > 1) {
- reply->error = QDnsLookup::InvalidReplyError;
-- reply->errorString = tr("Could not expand domain name");
-+ reply->errorString = tr("Invalid reply received");
- return;
- }
-- p += status + 4;
-
- // Extract results.
-+ const int answerCount = ntohs(header->ancount);
- int answerIndex = 0;
- while ((p < response + responseLength) && (answerIndex < answerCount)) {
- status = local_dn_expand(response, response + responseLength, p, host, sizeof(host));
-@@ -250,6 +262,11 @@ void QDnsLookupRunnable::query(const int requestType, const QByteArray &requestN
- const QString name = QUrl::fromAce(host);
-
- p += status;
-+
-+ if ((p - response) + 10 > responseLength) {
-+ // probably just a truncated reply, return what we have
-+ return;
-+ }
- const quint16 type = (p[0] << 8) | p[1];
- p += 2; // RR type
- p += 2; // RR class
-@@ -257,6 +274,8 @@ void QDnsLookupRunnable::query(const int requestType, const QByteArray &requestN
- p += 4;
- const quint16 size = (p[0] << 8) | p[1];
- p += 2;
-+ if ((p - response) + size > responseLength)
-+ return; // truncated
-
- if (type == QDnsLookup::A) {
- if (size != 4) {
---
-2.16.3
-
diff --git a/dev-qt/qtbase/files/qtbase-6.5.0-setActiveWindow-deprecated-version.patch b/dev-qt/qtbase/files/qtbase-6.5.0-setActiveWindow-deprecated-version.patch
deleted file mode 100644
index 0ba60e01e02a..000000000000
--- a/dev-qt/qtbase/files/qtbase-6.5.0-setActiveWindow-deprecated-version.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-Upstream commit: https://code.qt.io/cgit/qt/qtbase.git/commit/?h=6.5&id=bbb330c95fd
-
-From bbb330c95fdf6161b23227cb08cec58cca31e465 Mon Sep 17 00:00:00 2001
-From: Nicolas Fella <nicolas.fella@kdab.com>
-Date: Tue, 14 Mar 2023 19:14:41 +0100
-Subject: QApplication: Fix DEPRECATED_VERSION for setActiveWindow
-
-It's not deprecated in 6.4, only 6.5
-
-Change-Id: I86a09b9ce5a7f4d8b1d80a6e67218dfe00f93844
-Reviewed-by: Volker Hilsheimer <volker.hilsheimer@qt.io>
-(cherry picked from commit 99975ec07feb6b1a9f6be9e0d392a35e40f9550a)
-Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
----
- src/widgets/kernel/qapplication.h | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/src/widgets/kernel/qapplication.h b/src/widgets/kernel/qapplication.h
-index c4c73d4cf8..fd698fb69f 100644
---- a/src/widgets/kernel/qapplication.h
-+++ b/src/widgets/kernel/qapplication.h
-@@ -79,8 +79,8 @@ public:
-
- static QWidget *activeWindow();
-
--#if QT_DEPRECATED_SINCE(6,4)
-- QT_DEPRECATED_VERSION_X_6_4("Use QWidget::activateWindow() instead.")
-+#if QT_DEPRECATED_SINCE(6, 5)
-+ QT_DEPRECATED_VERSION_X_6_5("Use QWidget::activateWindow() instead.")
- static void setActiveWindow(QWidget* act);
- #endif
-
---
-cgit v1.2.3
-