diff --git a/.gitignore b/.gitignore index 7dbc4f4..3990bc4 100644 --- a/.gitignore +++ b/.gitignore @@ -5,3 +5,5 @@ /kde-5.15-rollup-20220131.patch.gz /qtbase-everywhere-opensource-src-5.15.3.tar.xz /kde-5.15-rollup-20220304.patch.gz +/qtbase-everywhere-opensource-src-5.15.4.tar.xz +/kde-5.15-rollup-20220516.patch.gz diff --git a/qt5-qtbase.spec b/qt5-qtbase.spec index 49486e1..3462d09 100644 --- a/qt5-qtbase.spec +++ b/qt5-qtbase.spec @@ -60,8 +60,8 @@ BuildRequires: pkgconfig(libsystemd) Name: qt5-qtbase Summary: Qt5 - QtBase components -Version: 5.15.3 -Release: 2%{?dist} +Version: 5.15.4 +Release: 1%{?dist} # See LGPL_EXCEPTIONS.txt, for exception details License: LGPLv2 with exceptions or GPLv3 with exceptions @@ -144,12 +144,11 @@ Patch90: %{name}-gcc11.patch ## upstream patches # https://invent.kde.org/qt/qt/qtbase, kde/5.15 branch -# git diff v5.15.3-lts-lgpl..HEAD | gzip > kde-5.15-rollup-$(date +%Y%m%d).patch.gz +# git diff v5.15.4-lts-lgpl..HEAD | gzip > kde-5.15-rollup-$(date +%Y%m%d).patch.gz # patch100 in lookaside cache due to large'ish size -- rdieter -Patch100: kde-5.15-rollup-20220304.patch.gz +Patch100: kde-5.15-rollup-20220516.patch.gz # HACK to make 'fedpkg sources' consider it 'used" -Source100: kde-5.15-rollup-20220304.patch.gz -Patch102: qtbase-everywhere-src-5.15.2-CVE-2022-2525.patch +Source100: kde-5.15-rollup-20220516.patch.gz # Do not check any files in %%{_qt5_plugindir}/platformthemes/ for requires. # Those themes are there for platform integration. If the required libraries are @@ -427,7 +426,6 @@ Qt5 libraries used for drawing widgets and OpenGL items. ## upstream patches %patch100 -p1 -%patch102 -p1 # move some bundled libs to ensure they're not accidentally used pushd src/3rdparty @@ -589,7 +587,7 @@ translationdir=%{_qt5_translationdir} Name: Qt5 Description: Qt5 Configuration -Version: 5.15.3 +Version: 5.15.4 EOF # rpm macros @@ -1105,6 +1103,9 @@ fi %changelog +* Mon May 16 2022 Jan Grulich - 5.15.4-1 +- 5.15.4 + * Fri Apr 01 2022 Than Ngo - 5.15.3-2 - bz#2070958, enable zstd diff --git a/qtbase-everywhere-src-5.15.2-CVE-2022-2525.patch b/qtbase-everywhere-src-5.15.2-CVE-2022-2525.patch deleted file mode 100644 index 998b25a..0000000 --- a/qtbase-everywhere-src-5.15.2-CVE-2022-2525.patch +++ /dev/null @@ -1,35 +0,0 @@ -diff --git a/src/corelib/io/qprocess_unix.cpp b/src/corelib/io/qprocess_unix.cpp -index 7a2daa2..cfd1ca3 100644 ---- a/src/corelib/io/qprocess_unix.cpp -+++ b/src/corelib/io/qprocess_unix.cpp -@@ -422,11 +422,11 @@ - // Add the program name to the argument list. - argv[0] = nullptr; - if (!program.contains(QLatin1Char('/'))) { -+ // findExecutable() returns its argument if it's an absolute path, -+ // otherwise it searches $PATH; returns empty if not found (we handle -+ // that case much later) - const QString &exeFilePath = QStandardPaths::findExecutable(program); -- if (!exeFilePath.isEmpty()) { -- const QByteArray &tmp = QFile::encodeName(exeFilePath); -- argv[0] = ::strdup(tmp.constData()); -- } -+ argv[0] = ::strdup(QFile::encodeName(exeFilePath).constData()); - } - if (!argv[0]) - argv[0] = ::strdup(encodedProgramName.constData()); -@@ -978,11 +978,10 @@ - QByteArray tmp; - if (!program.contains(QLatin1Char('/'))) { - const QString &exeFilePath = QStandardPaths::findExecutable(program); -- if (!exeFilePath.isEmpty()) -- tmp = QFile::encodeName(exeFilePath); -- } -- if (tmp.isEmpty()) -+ tmp = QFile::encodeName(exeFilePath); -+ } else { - tmp = QFile::encodeName(program); -+ } - argv[0] = tmp.data(); - - if (envp) diff --git a/sources b/sources index ff90289..9db65a2 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -SHA512 (qtbase-everywhere-opensource-src-5.15.3.tar.xz) = 01723eff5116a1d7d136fa32d2aee2691b227a241dbc160953ee72a8c0f3bc7ab771c17434629cabef419983ef43bb38aa6956ddcc09c9a82e116a50073b0079 -SHA512 (kde-5.15-rollup-20220304.patch.gz) = eee2ee1fbb6be6042261dc35f008b8a91ebd7ceedba469d37220d6185b296d6de9bb65c8c4da4d83d0462d7eb183f9e06fc6c2f748700c400af77980d1c8ed5f +SHA512 (qtbase-everywhere-opensource-src-5.15.4.tar.xz) = 91a1d95c2891939ae55134e8897cbc423142bd8eda954a1e65bb563b0932ed9e2da34db374fd86858b4a819e8abe824a967b31f4fb316528ec8aaf15016c6ad3 +SHA512 (kde-5.15-rollup-20220516.patch.gz) = a56a97b67a82dcd15ea282cf15dce23ac1fda530fdfdf36f805d7f9380a04de8a80d876fb6b277888af63ccaf417c8db6fe5814bf5dc91d9a71b513c22427371