From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-1528409-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id E6B2C158008
	for <garchives@archives.gentoo.org>; Tue, 13 Jun 2023 03:27:48 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id DDF85E0956;
	Tue, 13 Jun 2023 03:27:47 +0000 (UTC)
Received: from smtp.gentoo.org (woodpecker.gentoo.org [140.211.166.183])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id BEA79E0956
	for <gentoo-commits@lists.gentoo.org>; Tue, 13 Jun 2023 03:27:47 +0000 (UTC)
Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by smtp.gentoo.org (Postfix) with ESMTPS id 620B2341392
	for <gentoo-commits@lists.gentoo.org>; Tue, 13 Jun 2023 03:27:46 +0000 (UTC)
Received: from localhost.localdomain (localhost [IPv6:::1])
	by oystercatcher.gentoo.org (Postfix) with ESMTP id A1BE8A8C
	for <gentoo-commits@lists.gentoo.org>; Tue, 13 Jun 2023 03:27:44 +0000 (UTC)
From: "orbea" <orbea@riseup.net>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "orbea" <orbea@riseup.net>
Message-ID: <1686626802.e4e6f57cf6b634a506908ae401ff9488368c3e92.orbea@gentoo>
Subject: [gentoo-commits] repo/proj/libressl:master commit in: dev-qt/qtbase/files/
X-VCS-Repository: repo/proj/libressl
X-VCS-Files: dev-qt/qtbase/files/qtbase-6.5.0-CVE-2023-33285.patch
X-VCS-Directories: dev-qt/qtbase/files/
X-VCS-Committer: orbea
X-VCS-Committer-Name: orbea
X-VCS-Revision: e4e6f57cf6b634a506908ae401ff9488368c3e92
X-VCS-Branch: master
Date: Tue, 13 Jun 2023 03:27:44 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply
X-Archives-Salt: fb7fe159-ad0f-46b8-9656-3c295312f385
X-Archives-Hash: 3413910f1ddbabcca7f3abfa9d94c974

commit:     e4e6f57cf6b634a506908ae401ff9488368c3e92
Author:     orbea <orbea <AT> riseup <DOT> net>
AuthorDate: Tue Jun 13 03:26:42 2023 +0000
Commit:     orbea <orbea <AT> riseup <DOT> net>
CommitDate: Tue Jun 13 03:26:42 2023 +0000
URL:        https://gitweb.gentoo.org/repo/proj/libressl.git/commit/?id=e4e6f57c

dev-qt/qtbase: drop unused patch

Signed-off-by: orbea <orbea <AT> riseup.net>

 .../qtbase/files/qtbase-6.5.0-CVE-2023-33285.patch | 101 ---------------------
 1 file changed, 101 deletions(-)

diff --git a/dev-qt/qtbase/files/qtbase-6.5.0-CVE-2023-33285.patch b/dev-qt/qtbase/files/qtbase-6.5.0-CVE-2023-33285.patch
deleted file mode 100644
index c982cce..0000000
--- a/dev-qt/qtbase/files/qtbase-6.5.0-CVE-2023-33285.patch
+++ /dev/null
@@ -1,101 +0,0 @@
-From a2dc11b37fd71f785c342c40549f54edfdd1a6f8 Mon Sep 17 00:00:00 2001
-From: Thiago Macieira <thiago.macieira@intel.com>
-Date: Thu, 11 May 2023 21:40:15 -0700
-Subject: [PATCH] QDnsLookup/Unix: make sure we don't overflow the buffer
-MIME-Version: 1.0
-Content-Type: text/plain; charset=utf8
-Content-Transfer-Encoding: 8bit
-
-The DNS Records are variable length and encode their size in 16 bits
-before the Record Data (RDATA). Ensure that both the RDATA and the
-Record header fields before it fall inside the buffer we have.
-
-Additionally reject any replies containing more than one query records.
-
-[ChangeLog][QtNetwork][QDnsLookup] Fixed a bug that could cause a buffer
-overflow in Unix systems while parsing corrupt, malicious, or truncated
-replies.
-
-Pick-to: 5.15 6.2 6.5.1
-Change-Id: I3e3bfef633af4130a03afffd175e4b9547654b95
-Reviewed-by: MÃ¥rten Nordheim <marten.nordheim@qt.io>
-Reviewed-by: Jani Heikkinen <jani.heikkinen@qt.io>
-(cherry picked from commit 7dba2c87619d558a61a30eb30cc1d9c3fe6df94c)
-Reviewed-by: Daniel Smith <Daniel.Smith@qt.io>
----
- src/network/kernel/qdnslookup_unix.cpp | 31 +++++++++++++++++++++++++------
- 1 file changed, 25 insertions(+), 6 deletions(-)
-
-diff --git a/src/network/kernel/qdnslookup_unix.cpp b/src/network/kernel/qdnslookup_unix.cpp
-index 8db79028f775..ad7bb51f67a5 100644
---- a/src/network/kernel/qdnslookup_unix.cpp
-+++ b/src/network/kernel/qdnslookup_unix.cpp
-@@ -193,7 +193,6 @@ void QDnsLookupRunnable::query(const int requestType, const QByteArray &requestN
-     // responseLength in case of error, we still can extract the
-     // exact error code from the response.
-     HEADER *header = (HEADER*)response;
--    const int answerCount = ntohs(header->ancount);
-     switch (header->rcode) {
-     case NOERROR:
-         break;
-@@ -227,18 +226,31 @@ void QDnsLookupRunnable::query(const int requestType, const QByteArray &requestN
-         return;
-     }
- 
--    // Skip the query host, type (2 bytes) and class (2 bytes).
-     char host[PACKETSZ], answer[PACKETSZ];
-     unsigned char *p = response + sizeof(HEADER);
--    int status = local_dn_expand(response, response + responseLength, p, host, sizeof(host));
--    if (status < 0) {
-+    int status;
-+
-+    if (ntohs(header->qdcount) == 1) {
-+        // Skip the query host, type (2 bytes) and class (2 bytes).
-+        status = local_dn_expand(response, response + responseLength, p, host, sizeof(host));
-+        if (status < 0) {
-+            reply->error = QDnsLookup::InvalidReplyError;
-+            reply->errorString = tr("Could not expand domain name");
-+            return;
-+        }
-+        if ((p - response) + status + 4 >= responseLength)
-+            header->qdcount = 0xffff;   // invalid reply below
-+        else
-+            p += status + 4;
-+    }
-+    if (ntohs(header->qdcount) > 1) {
-         reply->error = QDnsLookup::InvalidReplyError;
--        reply->errorString = tr("Could not expand domain name");
-+        reply->errorString = tr("Invalid reply received");
-         return;
-     }
--    p += status + 4;
- 
-     // Extract results.
-+    const int answerCount = ntohs(header->ancount);
-     int answerIndex = 0;
-     while ((p < response + responseLength) && (answerIndex < answerCount)) {
-         status = local_dn_expand(response, response + responseLength, p, host, sizeof(host));
-@@ -250,6 +262,11 @@ void QDnsLookupRunnable::query(const int requestType, const QByteArray &requestN
-         const QString name = QUrl::fromAce(host);
- 
-         p += status;
-+
-+        if ((p - response) + 10 > responseLength) {
-+            // probably just a truncated reply, return what we have
-+            return;
-+        }
-         const quint16 type = (p[0] << 8) | p[1];
-         p += 2; // RR type
-         p += 2; // RR class
-@@ -257,6 +274,8 @@ void QDnsLookupRunnable::query(const int requestType, const QByteArray &requestN
-         p += 4;
-         const quint16 size = (p[0] << 8) | p[1];
-         p += 2;
-+        if ((p - response) + size > responseLength)
-+            return;             // truncated
- 
-         if (type == QDnsLookup::A) {
-             if (size != 4) {
--- 
-2.16.3
-