rpms
/
qt5-qtbase
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

fixed bz#1409600, stack overflow in QXmlSimpleReader, CVE-2016-1004

This commit is contained in:
Than Ngo 2017-07-07 14:45:55 +02:00
parent 265a0921d9
commit 4c4bc81e4d
2 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
qt5-qtbase.spec
View File

@ -66,7 +66,7 @@ BuildRequires: pkgconfig(libsystemd)
Name: qt5-qtbase
Summary: Qt5 - QtBase components
Version: 5.7.1
Release: 17%{?dist}
Release: 18%{?dist}
# See LGPL_EXCEPTIONS.txt, for exception details
License: LGPLv2 with exceptions or GPLv3 with exceptions
@ -993,6 +993,9 @@ fi
%changelog
* Fri Jul 07 2017 Than Ngo <than@redhat.com> - 5.7.1-18
- fixed bz#1409600, stack overflow in QXmlSimpleReader, CVE-2016-10040
* Mon May 15 2017 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 5.7.1-17
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_27_Mass_Rebuild

2
qtbase-opensource-src-5.3.2-QTBUG-35459.patch
View File

@ -7,7 +7,7 @@ diff -up qtbase-opensource-src-5.3.2/src/xml/sax/qxml_p.h.QTBUG-35459 qtbase-ope
static const int dtdRecursionLimit = 2;
// The maximum amount of characters an entity value may contain, after expansion.
- static const int entityCharacterLimit = 1024;
+ static const int entityCharacterLimit = 65536;
+ static const int entityCharacterLimit = 4096;
const QString &string();
void stringClear();