Fixed bz#1994724, CVE-2021-38593
This commit is contained in:
parent
fac656cd23
commit
aebce69e3b
|
@ -58,7 +58,7 @@ BuildRequires: pkgconfig(libsystemd)
|
|||
Name: qt5-qtbase
|
||||
Summary: Qt5 - QtBase components
|
||||
Version: 5.15.3
|
||||
Release: 1%{?dist}
|
||||
Release: 2%{?dist}
|
||||
|
||||
# See LGPL_EXCEPTIONS.txt, for exception details
|
||||
License: LGPLv2 with exceptions or GPLv3 with exceptions
|
||||
|
@ -146,6 +146,7 @@ Patch90: %{name}-gcc11.patch
|
|||
Patch100: kde-5.15-rollup-20220304.patch.gz
|
||||
# HACK to make 'fedpkg sources' consider it 'used"
|
||||
Source100: kde-5.15-rollup-20220304.patch.gz
|
||||
Patch101: qtbase-everywhere-src-5.15.4-cve-2021-38593.patch
|
||||
Patch102: qtbase-everywhere-src-5.15.2-CVE-2022-2525.patch
|
||||
|
||||
# Do not check any files in %%{_qt5_plugindir}/platformthemes/ for requires.
|
||||
|
@ -420,6 +421,7 @@ Qt5 libraries used for drawing widgets and OpenGL items.
|
|||
|
||||
## upstream patches
|
||||
%patch100 -p1
|
||||
%patch101 -p1
|
||||
%patch102 -p1
|
||||
|
||||
# move some bundled libs to ensure they're not accidentally used
|
||||
|
@ -1094,6 +1096,9 @@ fi
|
|||
|
||||
|
||||
%changelog
|
||||
* Mon May 30 2022 Than Ngo <than@redhat.com> - 5.15.3-2
|
||||
- Fixed bz#1994724, CVE-2021-38593
|
||||
|
||||
* Fri Mar 04 2022 Jan Grulich <jgrulich@redhat.com> - 5.15.3-1
|
||||
- 5.15.3 + kde-5.15 fixes
|
||||
|
||||
|
|
|
@ -0,0 +1,12 @@
|
|||
diff -up qtbase-everywhere-src-5.15.4/src/gui/painting/qpaintengineex.cpp.me qtbase-everywhere-src-5.15.4/src/gui/painting/qpaintengineex.cpp
|
||||
--- qtbase-everywhere-src-5.15.4/src/gui/painting/qpaintengineex.cpp.me 2022-05-30 14:21:52.215469841 +0200
|
||||
+++ qtbase-everywhere-src-5.15.4/src/gui/painting/qpaintengineex.cpp 2022-05-30 14:22:39.552558748 +0200
|
||||
@@ -426,7 +426,7 @@ void QPaintEngineEx::stroke(const QVecto
|
||||
patternLength *= pw;
|
||||
if (qFuzzyIsNull(patternLength)) {
|
||||
pen.setStyle(Qt::NoPen);
|
||||
- } else if (extent / patternLength > 10000) {
|
||||
+ } else if (qFuzzyIsNull(extent) || extent / patternLength > 10000) {
|
||||
// approximate stream of tiny dashes with semi-transparent solid line
|
||||
pen.setStyle(Qt::SolidLine);
|
||||
QColor color(pen.color());
|
Loading…
Reference in New Issue