--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian....@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: qtbase-opensource-src-g...@packages.debian.org
Control: affects -1 + src:qtbase-opensource-src-gles
Please unblock package qtbase-opensource-src-gles.
[ Reason ]
* Fixes for two CVEs (CVE-2023-24607 and CVE-2023-32763).
* Updated image_deletion_order.diff to fix dangling or incorrect
device pointers during handler destruction.
* Fix for cross-building (#1029082).
* Minor update for debian/libqt5gui5-gles.symbols.
[ Impact ]
Of these fixes, CVE-2023-32763 is the most important. It is possible to
trigger a buffer overflow when rendering SVG files.
[ Tests ]
No automated tests are run for this package. But patches that come from
upstream are covered by upstream tests.
[ Risks ]
I think the risk is low. Most of these fixes are already present in the
non-gles variant of the package in testing (5.15.8+dfsg-10) and have been
tested by many users. Except for the cross-build fix which is specific to
the -gles variant, but that fix is only applied when cross-building and
does not affect regular builds.
[ Checklist ]
[x] all changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in testing
[ Other info ]
(Anything else the release team should know.)
unblock qtbase-opensource-src-gles/5.15.8+dfsg-3
--
Dmitry Shachnev
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,28 @@
+qtbase-opensource-src-gles (5.15.8+dfsg-3) unstable; urgency=medium
+
+ * Add a patch to fix CVE-2023-32763: buffer overflow in Qt SVG
+ (closes: #1036702).
+
+ -- Dmitry Shachnev <mity...@debian.org> Wed, 24 May 2023 20:52:26 +0300
+
+qtbase-opensource-src-gles (5.15.8+dfsg-2) unstable; urgency=medium
+
+ * Merge qtbase-opensource-src 5.15.8+dfsg-3 upload.
+ * Compare only upstream version of qt5-qmake-bin when cross-building
+ (closes: #1029082).
+
+ -- Dmitry Shachnev <mity...@debian.org> Sat, 04 Mar 2023 14:39:27 +0300
+
+qtbase-opensource-src (5.15.8+dfsg-3) unstable; urgency=medium
+
+ * Use ${DEB_HOST_GNU_TYPE} substitution in debian/qt5-qmake.install.
+ * Add upstream patch to fix denial-of-service in Qt SQL ODBC plugin
+ (CVE-2023-24607, closes: #1031872).
+ * Update debian/libqt5gui5.symbols from s390x build log.
+ * Amend image_deletion_order.diff from one more upstream commit.
+
+ -- Dmitry Shachnev <mity...@debian.org> Mon, 27 Feb 2023 11:28:53 +0300
+
qtbase-opensource-src-gles (5.15.8+dfsg-1) unstable; urgency=medium
* Merge qtbase-opensource-src 5.15.8+dfsg-2 upload.
--- a/debian/libqt5gui5-gles.symbols
+++ b/debian/libqt5gui5-gles.symbols
@@ -1,4 +1,4 @@
-# SymbolsHelper-Confirmed: 5.15.4 amd64 hppa powerpc ppc64 s390x sparc64
+# SymbolsHelper-Confirmed: 5.15.8 s390x
libQt5Gui.so.5 libqt5gui5 #MINVER# | libqt5gui5-gles #MINVER#
| libqt5gui5 #MINVER# | libqt5gui5-gles #MINVER#, qtbase-abi-5-15-8
| libqt5gui5 #MINVER#
@@ -1563,7 +1563,7 @@ libQt5Gui.so.5 libqt5gui5 #MINVER# | libqt5gui5-gles #MINVER#
_ZN16QDoubleValidatorD0Ev@Qt_5 5.0.2
_ZN16QDoubleValidatorD1Ev@Qt_5 5.0.2
_ZN16QDoubleValidatorD2Ev@Qt_5 5.0.2
- (optional=inline|arch=!hppa !ia64 !s390x)_ZN16QOpenGLFunctions17glBindFramebufferEjj@Qt_5 5.15.2
+ (optional=inline|arch=!hppa !ia64)_ZN16QOpenGLFunctions17glBindFramebufferEjj@Qt_5 5.15.2
_ZN16QOpenGLFunctions25initializeOpenGLFunctionsEv@Qt_5 5.0.2
_ZN16QOpenGLFunctionsC1EP14QOpenGLContext@Qt_5 5.0.2
_ZN16QOpenGLFunctionsC1Ev@Qt_5 5.0.2
--- /dev/null
+++ b/debian/patches/CVE-2023-24607.diff
@@ -0,0 +1,330 @@
+Description: Fix denial-of-service in Qt SQL ODBC driver plugin
+Origin: upstream, https://download.qt.io/official_releases/qt/5.15/CVE-2023-24607-qtbase-5.15.diff
+Last-Update: 2023-02-26
+
+--- a/src/plugins/sqldrivers/odbc/qsql_odbc.cpp
++++ b/src/plugins/sqldrivers/odbc/qsql_odbc.cpp
+@@ -92,23 +92,39 @@ inline static QString fromSQLTCHAR(const
+ return result;
+ }
+
++template <size_t SizeOfChar = sizeof(SQLTCHAR)>
++void toSQLTCHARImpl(QVarLengthArray<SQLTCHAR> &result, const QString &input); // primary template undefined
++
++template <typename Container>
++void do_append(QVarLengthArray<SQLTCHAR> &result, const Container &c)
++{
++ result.append(reinterpret_cast<const SQLTCHAR *>(c.data()), c.size());
++}
++
++template <>
++void toSQLTCHARImpl<1>(QVarLengthArray<SQLTCHAR> &result, const QString &input)
++{
++ const auto u8 = input.toUtf8();
++ do_append(result, u8);
++}
++
++template <>
++void toSQLTCHARImpl<2>(QVarLengthArray<SQLTCHAR> &result, const QString &input)
++{
++ do_append(result, input);
++}
++
++template <>
++void toSQLTCHARImpl<4>(QVarLengthArray<SQLTCHAR> &result, const QString &input)
++{
++ const auto u32 = input.toUcs4();
++ do_append(result, u32);
++}
++
+ inline static QVarLengthArray<SQLTCHAR> toSQLTCHAR(const QString &input)
+ {
+ QVarLengthArray<SQLTCHAR> result;
+- result.resize(input.size());
+- switch(sizeof(SQLTCHAR)) {
+- case 1:
+- memcpy(result.data(), input.toUtf8().data(), input.size());
+- break;
+- case 2:
+- memcpy(result.data(), input.unicode(), input.size() * 2);
+- break;
+- case 4:
+- memcpy(result.data(), input.toUcs4().data(), input.size() * 4);
+- break;
+- default:
+- qCritical("sizeof(SQLTCHAR) is %d. Don't know how to handle this.", int(sizeof(SQLTCHAR)));
+- }
++ toSQLTCHARImpl(result, input);
+ result.append(0); // make sure it's null terminated, doesn't matter if it already is, it does if it isn't.
+ return result;
+ }
+@@ -763,6 +779,14 @@ QChar QODBCDriverPrivate::quoteChar()
+ return quote;
+ }
+
++static SQLRETURN qt_string_SQLSetConnectAttr(SQLHDBC handle, SQLINTEGER attr, const QString &val)
++{
++ auto encoded = toSQLTCHAR(val);
++ return SQLSetConnectAttr(handle, attr,
++ encoded.data(),
++ SQLINTEGER(encoded.size() * sizeof(SQLTCHAR))); // size in bytes
++}
++
+
+ bool QODBCDriverPrivate::setConnectionOptions(const QString& connOpts)
+ {
+@@ -798,10 +822,7 @@ bool QODBCDriverPrivate::setConnectionOp
+ v = val.toUInt();
+ r = SQLSetConnectAttr(hDbc, SQL_ATTR_LOGIN_TIMEOUT, (SQLPOINTER) size_t(v), 0);
+ } else if (opt.toUpper() == QLatin1String("SQL_ATTR_CURRENT_CATALOG")) {
+- val.utf16(); // 0 terminate
+- r = SQLSetConnectAttr(hDbc, SQL_ATTR_CURRENT_CATALOG,
+- toSQLTCHAR(val).data(),
+- val.length()*sizeof(SQLTCHAR));
++ r = qt_string_SQLSetConnectAttr(hDbc, SQL_ATTR_CURRENT_CATALOG, val);
+ } else if (opt.toUpper() == QLatin1String("SQL_ATTR_METADATA_ID")) {
+ if (val.toUpper() == QLatin1String("SQL_TRUE")) {
+ v = SQL_TRUE;
+@@ -816,10 +837,7 @@ bool QODBCDriverPrivate::setConnectionOp
+ v = val.toUInt();
+ r = SQLSetConnectAttr(hDbc, SQL_ATTR_PACKET_SIZE, (SQLPOINTER) size_t(v), 0);
+ } else if (opt.toUpper() == QLatin1String("SQL_ATTR_TRACEFILE")) {
+- val.utf16(); // 0 terminate
+- r = SQLSetConnectAttr(hDbc, SQL_ATTR_TRACEFILE,
+- toSQLTCHAR(val).data(),
+- val.length()*sizeof(SQLTCHAR));
++ r = qt_string_SQLSetConnectAttr(hDbc, SQL_ATTR_TRACEFILE, val);
+ } else if (opt.toUpper() == QLatin1String("SQL_ATTR_TRACE")) {
+ if (val.toUpper() == QLatin1String("SQL_OPT_TRACE_OFF")) {
+ v = SQL_OPT_TRACE_OFF;
+@@ -1022,9 +1040,12 @@ bool QODBCResult::reset (const QString&
+ return false;
+ }
+
+- r = SQLExecDirect(d->hStmt,
+- toSQLTCHAR(query).data(),
+- (SQLINTEGER) query.length());
++ {
++ auto encoded = toSQLTCHAR(query);
++ r = SQLExecDirect(d->hStmt,
++ encoded.data(),
++ SQLINTEGER(encoded.size()));
++ }
+ if (r != SQL_SUCCESS && r != SQL_SUCCESS_WITH_INFO && r!= SQL_NO_DATA) {
+ setLastError(qMakeError(QCoreApplication::translate("QODBCResult",
+ "Unable to execute statement"), QSqlError::StatementError, d));
+@@ -1371,9 +1392,12 @@ bool QODBCResult::prepare(const QString&
+ return false;
+ }
+
+- r = SQLPrepare(d->hStmt,
+- toSQLTCHAR(query).data(),
+- (SQLINTEGER) query.length());
++ {
++ auto encoded = toSQLTCHAR(query);
++ r = SQLPrepare(d->hStmt,
++ encoded.data(),
++ SQLINTEGER(encoded.size()));
++ }
+
+ if (r != SQL_SUCCESS) {
+ setLastError(qMakeError(QCoreApplication::translate("QODBCResult",
+@@ -1401,7 +1425,7 @@ bool QODBCResult::exec()
+ SQLCloseCursor(d->hStmt);
+
+ QVector<QVariant>& values = boundValues();
+- QVector<QByteArray> tmpStorage(values.count(), QByteArray()); // holds temporary buffers
++ QVector<QByteArray> tmpStorage(values.count(), QByteArray()); // targets for SQLBindParameter()
+ QVarLengthArray<SQLLEN, 32> indicators(values.count());
+ memset(indicators.data(), 0, indicators.size() * sizeof(SQLLEN));
+
+@@ -1580,35 +1604,36 @@ bool QODBCResult::exec()
+ case QVariant::String:
+ if (d->unicode) {
+ QByteArray &ba = tmpStorage[i];
+- QString str = val.toString();
++ {
++ const auto encoded = toSQLTCHAR(val.toString());
++ ba = QByteArray(reinterpret_cast<const char *>(encoded.data()),
++ encoded.size() * sizeof(SQLTCHAR));
++ }
++
+ if (*ind != SQL_NULL_DATA)
+- *ind = str.length() * sizeof(SQLTCHAR);
+- int strSize = str.length() * sizeof(SQLTCHAR);
++ *ind = ba.size();
+
+ if (bindValueType(i) & QSql::Out) {
+- const QVarLengthArray<SQLTCHAR> a(toSQLTCHAR(str));
+- ba = QByteArray((const char *)a.constData(), a.size() * sizeof(SQLTCHAR));
+ r = SQLBindParameter(d->hStmt,
+ i + 1,
+ qParamType[bindValueType(i) & QSql::InOut],
+ SQL_C_TCHAR,
+- strSize > 254 ? SQL_WLONGVARCHAR : SQL_WVARCHAR,
++ ba.size() > 254 ? SQL_WLONGVARCHAR : SQL_WVARCHAR,
+ 0, // god knows... don't change this!
+ 0,
+- ba.data(),
++ const_cast<char *>(ba.constData()), // don't detach
+ ba.size(),
+ ind);
+ break;
+ }
+- ba = QByteArray ((const char *)toSQLTCHAR(str).constData(), str.size()*sizeof(SQLTCHAR));
+ r = SQLBindParameter(d->hStmt,
+ i + 1,
+ qParamType[bindValueType(i) & QSql::InOut],
+ SQL_C_TCHAR,
+- strSize > 254 ? SQL_WLONGVARCHAR : SQL_WVARCHAR,
+- strSize,
++ ba.size() > 254 ? SQL_WLONGVARCHAR : SQL_WVARCHAR,
++ ba.size(),
+ 0,
+- const_cast<char *>(ba.constData()),
++ const_cast<char *>(ba.constData()), // don't detach
+ ba.size(),
+ ind);
+ break;
+@@ -1716,10 +1741,11 @@ bool QODBCResult::exec()
+ case QVariant::String:
+ if (d->unicode) {
+ if (bindValueType(i) & QSql::Out) {
+- const QByteArray &first = tmpStorage.at(i);
+- QVarLengthArray<SQLTCHAR> array;
+- array.append((const SQLTCHAR *)first.constData(), first.size());
+- values[i] = fromSQLTCHAR(array, first.size()/sizeof(SQLTCHAR));
++ const QByteArray &bytes = tmpStorage.at(i);
++ const auto strSize = bytes.size() / int(sizeof(SQLTCHAR));
++ QVarLengthArray<SQLTCHAR> string(strSize);
++ memcpy(string.data(), bytes.data(), strSize * sizeof(SQLTCHAR));
++ values[i] = fromSQLTCHAR(string);
+ }
+ break;
+ }
+@@ -1966,14 +1992,16 @@ bool QODBCDriver::open(const QString & d
+ SQLSMALLINT cb;
+ QVarLengthArray<SQLTCHAR> connOut(1024);
+ memset(connOut.data(), 0, connOut.size() * sizeof(SQLTCHAR));
+- r = SQLDriverConnect(d->hDbc,
+- NULL,
+- toSQLTCHAR(connQStr).data(),
+- (SQLSMALLINT)connQStr.length(),
+- connOut.data(),
+- 1024,
+- &cb,
+- /*SQL_DRIVER_NOPROMPT*/0);
++ {
++ auto encoded = toSQLTCHAR(connQStr);
++ r = SQLDriverConnect(d->hDbc,
++ nullptr,
++ encoded.data(), SQLSMALLINT(encoded.size()),
++ connOut.data(),
++ 1024,
++ &cb,
++ /*SQL_DRIVER_NOPROMPT*/0);
++ }
+
+ if (r != SQL_SUCCESS && r != SQL_SUCCESS_WITH_INFO) {
+ setLastError(qMakeError(tr("Unable to connect"), QSqlError::ConnectionError, d));
+@@ -2352,17 +2380,15 @@ QStringList QODBCDriver::tables(QSql::Ta
+ if (tableType.isEmpty())
+ return tl;
+
+- QString joinedTableTypeString = tableType.join(QLatin1Char(','));
++ {
++ auto joinedTableTypeString = toSQLTCHAR(tableType.join(u','));
+
+- r = SQLTables(hStmt,
+- NULL,
+- 0,
+- NULL,
+- 0,
+- NULL,
+- 0,
+- toSQLTCHAR(joinedTableTypeString).data(),
+- joinedTableTypeString.length() /* characters, not bytes */);
++ r = SQLTables(hStmt,
++ nullptr, 0,
++ nullptr, 0,
++ nullptr, 0,
++ joinedTableTypeString.data(), joinedTableTypeString.size());
++ }
+
+ if (r != SQL_SUCCESS)
+ qSqlWarning(QLatin1String("QODBCDriver::tables Unable to execute table list"), d);
+@@ -2436,28 +2462,30 @@ QSqlIndex QODBCDriver::primaryIndex(cons
+ SQL_ATTR_CURSOR_TYPE,
+ (SQLPOINTER)SQL_CURSOR_FORWARD_ONLY,
+ SQL_IS_UINTEGER);
+- r = SQLPrimaryKeys(hStmt,
+- catalog.length() == 0 ? NULL : toSQLTCHAR(catalog).data(),
+- catalog.length(),
+- schema.length() == 0 ? NULL : toSQLTCHAR(schema).data(),
+- schema.length(),
+- toSQLTCHAR(table).data(),
+- table.length() /* in characters, not in bytes */);
++ {
++ auto c = toSQLTCHAR(catalog);
++ auto s = toSQLTCHAR(schema);
++ auto t = toSQLTCHAR(table);
++ r = SQLPrimaryKeys(hStmt,
++ catalog.isEmpty() ? nullptr : c.data(), c.size(),
++ schema.isEmpty() ? nullptr : s.data(), s.size(),
++ t.data(), t.size());
++ }
+
+ // if the SQLPrimaryKeys() call does not succeed (e.g the driver
+ // does not support it) - try an alternative method to get hold of
+ // the primary index (e.g MS Access and FoxPro)
+ if (r != SQL_SUCCESS) {
+- r = SQLSpecialColumns(hStmt,
+- SQL_BEST_ROWID,
+- catalog.length() == 0 ? NULL : toSQLTCHAR(catalog).data(),
+- catalog.length(),
+- schema.length() == 0 ? NULL : toSQLTCHAR(schema).data(),
+- schema.length(),
+- toSQLTCHAR(table).data(),
+- table.length(),
+- SQL_SCOPE_CURROW,
+- SQL_NULLABLE);
++ auto c = toSQLTCHAR(catalog);
++ auto s = toSQLTCHAR(schema);
++ auto t = toSQLTCHAR(table);
++ r = SQLSpecialColumns(hStmt,
++ SQL_BEST_ROWID,
++ catalog.isEmpty() ? nullptr : c.data(), c.size(),
++ schema.isEmpty() ? nullptr : s.data(), s.size(),
++ t.data(), t.size(),
++ SQL_SCOPE_CURROW,
++ SQL_NULLABLE);
+
+ if (r != SQL_SUCCESS) {
+ qSqlWarning(QLatin1String("QODBCDriver::primaryIndex: Unable to execute primary key list"), d);
+@@ -2538,15 +2566,17 @@ QSqlRecord QODBCDriver::record(const QSt
+ SQL_ATTR_CURSOR_TYPE,
+ (SQLPOINTER)SQL_CURSOR_FORWARD_ONLY,
+ SQL_IS_UINTEGER);
+- r = SQLColumns(hStmt,
+- catalog.length() == 0 ? NULL : toSQLTCHAR(catalog).data(),
+- catalog.length(),
+- schema.length() == 0 ? NULL : toSQLTCHAR(schema).data(),
+- schema.length(),
+- toSQLTCHAR(table).data(),
+- table.length(),
+- NULL,
+- 0);
++ {
++ auto c = toSQLTCHAR(catalog);
++ auto s = toSQLTCHAR(schema);
++ auto t = toSQLTCHAR(table);
++ r = SQLColumns(hStmt,
++ catalog.isEmpty() ? nullptr : c.data(), c.size(),
++ schema.isEmpty() ? nullptr : s.data(), s.size(),
++ t.data(), t.size(),
++ nullptr,
++ 0);
++ }
+ if (r != SQL_SUCCESS)
+ qSqlWarning(QLatin1String("QODBCDriver::record: Unable to execute column list"), d);
+
--- /dev/null
+++ b/debian/patches/CVE-2023-32763.diff
@@ -0,0 +1,50 @@
+Description: fix buffer overflow in Qt SVG
+ Adds qAddOverflow and qMulOverflow definitions to QFixed.
+Origin: upstream, https://download.qt.io/official_releases/qt/5.15/CVE-2023-32763-qtbase-5.15.diff
+Last-Update: 2023-05-22
+
+--- a/src/gui/painting/qfixed_p.h
++++ b/src/gui/painting/qfixed_p.h
+@@ -54,6 +54,7 @@
+ #include <QtGui/private/qtguiglobal_p.h>
+ #include "QtCore/qdebug.h"
+ #include "QtCore/qpoint.h"
++#include <QtCore/private/qnumeric_p.h>
+ #include "QtCore/qsize.h"
+
+ QT_BEGIN_NAMESPACE
+@@ -182,6 +183,14 @@ Q_DECL_CONSTEXPR inline bool operator<(i
+ Q_DECL_CONSTEXPR inline bool operator>(const QFixed &f, int i) { return f.value() > i * 64; }
+ Q_DECL_CONSTEXPR inline bool operator>(int i, const QFixed &f) { return i * 64 > f.value(); }
+
++inline bool qAddOverflow(QFixed v1, QFixed v2, QFixed *r)
++{
++ int val;
++ bool result = add_overflow(v1.value(), v2.value(), &val);
++ r->setValue(val);
++ return result;
++}
++
+ #ifndef QT_NO_DEBUG_STREAM
+ inline QDebug &operator<<(QDebug &dbg, const QFixed &f)
+ { return dbg << f.toReal(); }
+--- a/src/gui/text/qtextlayout.cpp
++++ b/src/gui/text/qtextlayout.cpp
+@@ -2150,11 +2150,14 @@ found:
+ eng->maxWidth = qMax(eng->maxWidth, line.textWidth);
+ } else {
+ eng->minWidth = qMax(eng->minWidth, lbh.minw);
+- eng->maxWidth += line.textWidth;
++ if (qAddOverflow(eng->maxWidth, line.textWidth, &eng->maxWidth))
++ eng->maxWidth = QFIXED_MAX;
+ }
+
+- if (line.textWidth > 0 && item < eng->layoutData->items.size())
+- eng->maxWidth += lbh.spaceData.textWidth;
++ if (line.textWidth > 0 && item < eng->layoutData->items.size()) {
++ if (qAddOverflow(eng->maxWidth, lbh.spaceData.textWidth, &eng->maxWidth))
++ eng->maxWidth = QFIXED_MAX;
++ }
+
+ line.textWidth += trailingSpace;
+ if (lbh.spaceData.length) {
--- a/debian/patches/image_deletion_order.diff
+++ b/debian/patches/image_deletion_order.diff
@@ -2,8 +2,10 @@ Description: fix deletion order in QImageReader/Writer destructors
The device would be deleted before the image format handler, and hence
be a dangling pointer that could easily cause a crash if the handler
or codec would access it on destruction, e.g. for cleanup.
-Origin: upstream, https://code.qt.io/cgit/qt/qtbase.git/commit/?id=f091026be1deb4b4
-Last-Update: 2023-01-12
+Origin: upstream, commits
+ https://code.qt.io/cgit/qt/qtbase.git/commit/?id=f091026be1deb4b4
+ https://code.qt.io/cgit/qt/qtbase.git/commit/?id=5633cb69f68ca3d3
+Last-Update: 2023-02-26
--- a/src/gui/image/qimagereader.cpp
+++ b/src/gui/image/qimagereader.cpp
@@ -18,6 +20,21 @@ Last-Update: 2023-01-12
}
/*!
+@@ -774,12 +774,12 @@ bool QImageReader::decideFormatFromConte
+ */
+ void QImageReader::setDevice(QIODevice *device)
+ {
++ delete d->handler;
++ d->handler = nullptr;
+ if (d->device && d->deleteDevice)
+ delete d->device;
+ d->device = device;
+ d->deleteDevice = false;
+- delete d->handler;
+- d->handler = nullptr;
+ d->text.clear();
+ }
+
--- a/src/gui/image/qimagewriter.cpp
+++ b/src/gui/image/qimagewriter.cpp
@@ -349,9 +349,9 @@ QImageWriter::QImageWriter(const QString
@@ -31,3 +48,19 @@ Last-Update: 2023-01-12
delete d;
}
+@@ -396,13 +396,13 @@ QByteArray QImageWriter::format() const
+ */
+ void QImageWriter::setDevice(QIODevice *device)
+ {
++ delete d->handler;
++ d->handler = nullptr;
+ if (d->device && d->deleteDevice)
+ delete d->device;
+
+ d->device = device;
+ d->deleteDevice = false;
+- delete d->handler;
+- d->handler = nullptr;
+ }
+
+ /*!
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -13,6 +13,8 @@ recreate_xcb_window.diff
fix_alt_backtick.diff
image_deletion_order.diff
qxcbwindow_set_geometry.diff
+CVE-2023-24607.diff
+CVE-2023-32763.diff
# Debian specific.
gnukfreebsd.diff
--- a/debian/rules
+++ b/debian/rules
@@ -70,7 +70,7 @@ endif
override_dh_auto_configure:
ifneq (,$(filter cross,$(DEB_BUILD_PROFILES)))
- test "`dpkg-query -f '$${Version}' -W qt5-qmake-bin`" = "$(DEB_VERSION)"
+ test "`dpkg-query -f '$${source:Upstream-Version}' -W qt5-qmake-bin`" = "$(DEB_VERSION_UPSTREAM)"
endif
MAKEFLAGS="-j$(NUMJOBS) ${CXXFLAGS:%=EXTRA_CXXFLAGS+=%} ${LDFLAGS:%=EXTRA_LFLAGS+=%}" \
./configure \
signature.asc
Description: PGP signature
--- End Message ---
