[gentoo-commits] repo/proj/libressl:master commit in: dev-qt/qtbase/files/, dev-qt/qtbase/

public inbox for gentoo-commits@lists.gentoo.org
 help / color / mirror / Atom feed

From: "orbea" <orbea@riseup.net>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] repo/proj/libressl:master commit in: dev-qt/qtbase/files/, dev-qt/qtbase/
Date: Fri,  3 May 2024 00:59:59 +0000 (UTC)	[thread overview]
Message-ID: <1714697893.062236cf874509ab4640351ec35a277b7e61d0c2.orbea@gentoo> (raw)

commit:     062236cf874509ab4640351ec35a277b7e61d0c2
Author:     Saki Xi <space_raccoon <AT> riseup <DOT> net>
AuthorDate: Fri May  3 00:34:23 2024 +0000
Commit:     orbea <orbea <AT> riseup <DOT> net>
CommitDate: Fri May  3 00:58:13 2024 +0000
URL:        https://gitweb.gentoo.org/repo/proj/libressl.git/commit/?id=062236cf

dev-qt/qtbase: upstream sync

Signed-off-by: Saki Xi <space_raccoon <AT> riseup.net>
Closes: https://github.com/gentoo/libressl/pull/558
Signed-off-by: orbea <orbea <AT> riseup.net>

 .../qtbase/files/qtbase-6.7.0-CVE-2024-33861.patch | 23 ++++++++++++++++++++++
 ...base-6.7.0-r1.ebuild => qtbase-6.7.0-r2.ebuild} |  1 +
 2 files changed, 24 insertions(+)

diff --git a/dev-qt/qtbase/files/qtbase-6.7.0-CVE-2024-33861.patch b/dev-qt/qtbase/files/qtbase-6.7.0-CVE-2024-33861.patch
new file mode 100644
index 0000000..0a73d72
--- /dev/null
+++ b/dev-qt/qtbase/files/qtbase-6.7.0-CVE-2024-33861.patch
@@ -0,0 +1,23 @@
+https://bugs.gentoo.org/931096
+https://www.qt.io/blog/security-advisory-qstringconverter
+https://codereview.qt-project.org/c/qt/qtbase/+/556191
+--- a/src/corelib/text/qstringconverter.cpp
++++ b/src/corelib/text/qstringconverter.cpp
+@@ -1954,7 +1954,7 @@ struct QStringConverterICU : QStringConverter
+         const void *context;
+         ucnv_getToUCallBack(icu_conv, &action, &context);
+         if (context != state)
+-             ucnv_setToUCallBack(icu_conv, action, &state, nullptr, nullptr, &err);
++             ucnv_setToUCallBack(icu_conv, action, state, nullptr, nullptr, &err);
+ 
+         ucnv_toUnicode(icu_conv, &target, targetLimit, &source, sourceLimit, nullptr, flush, &err);
+         // We did reserve enough space:
+@@ -1987,7 +1987,7 @@ struct QStringConverterICU : QStringConverter
+         const void *context;
+         ucnv_getFromUCallBack(icu_conv, &action, &context);
+         if (context != state)
+-             ucnv_setFromUCallBack(icu_conv, action, &state, nullptr, nullptr, &err);
++             ucnv_setFromUCallBack(icu_conv, action, state, nullptr, nullptr, &err);
+ 
+         ucnv_fromUnicode(icu_conv, &target, targetLimit, &source, sourceLimit, nullptr, flush, &err);
+         // We did reserve enough space:

diff --git a/dev-qt/qtbase/qtbase-6.7.0-r1.ebuild b/dev-qt/qtbase/qtbase-6.7.0-r2.ebuild
similarity index 99%
rename from dev-qt/qtbase/qtbase-6.7.0-r1.ebuild
rename to dev-qt/qtbase/qtbase-6.7.0-r2.ebuild
index fb2a882..50d8950 100644
--- a/dev-qt/qtbase/qtbase-6.7.0-r1.ebuild
+++ b/dev-qt/qtbase/qtbase-6.7.0-r2.ebuild
@@ -142,6 +142,7 @@ PATCHES=(
 	"${FILESDIR}"/${PN}-6.6.3-gcc14-avx512fp16.patch
 	"${FILESDIR}"/${PN}-6.6.3-pkgconf-deps.patch
 	"${FILESDIR}"/${PN}-6.7.0-qspan-ifdef.patch
+	"${FILESDIR}"/${PN}-6.7.0-CVE-2024-33861.patch
 )
 
 src_prepare() {

next             reply	other threads:[~2024-05-03  1:00 UTC|newest]

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-05-03  0:59 orbea [this message]
  -- strict thread matches above, loose matches on Subject: below --
2025-02-18 15:45 [gentoo-commits] repo/proj/libressl:master commit in: dev-qt/qtbase/files/, dev-qt/qtbase/ orbea
2025-02-07 15:41 orbea
2024-10-09  4:25 orbea
2024-10-02 15:08 orbea
2024-07-19  3:40 orbea
2024-06-11 19:21 orbea
2024-04-22 23:44 orbea
2024-02-25  2:42 orbea
2023-12-29 15:34 orbea
2023-12-06  4:58 orbea
2023-09-28 16:55 orbea
2023-09-06 18:11 orbea
2023-07-26 15:23 orbea
2023-07-21 20:56 orbea
2023-05-24 18:06 orbea
2023-04-21 15:02 orbea

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:0a73d72 dfblob:fb2a882 dfblob:50d8950 )
 OR (
bs:"[gentoo-commits] repo/proj/libressl:master commit in: dev-qt/qtbase/files/, dev-qt/qtbase/" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1714697893.062236cf874509ab4640351ec35a277b7e61d0c2.orbea@gentoo \
    --to=orbea@riseup.net \
    --cc=gentoo-commits@lists.gentoo.org \
    --cc=gentoo-dev@lists.gentoo.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox