rpms/qt5-qtbase
6
0
Fork 0
Code Issues Pull Requests Releases Activity

import CS qt5-qtbase-5.15.9-11.el9_6

Browse Source
This commit is contained in:
eabdullin 2025-06-24 08:11:29 +00:00
parent 923c05c4e5
commit 7e8af6e6c2
2 changed files with 27 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
SOURCES/CVE-2025-5455-qtbase-5.15.patch Normal file
View File

@ -0,0 +1,20 @@
diff --git a/src/corelib/io/qdataurl.cpp b/src/corelib/io/qdataurl.cpp
index f14d399301f..83e59e3ac00 100644
--- a/src/corelib/io/qdataurl.cpp
+++ b/src/corelib/io/qdataurl.cpp
@@ -76,10 +76,11 @@ Q_CORE_EXPORT bool qDecodeDataUrl(const QUrl &uri, QString &mimeType, QByteArray
}
if (data.toLower().startsWith("charset")) {
- int i = 7; // strlen("charset")
- while (data.at(i) == ' ')
- ++i;
- if (data.at(i) == '=')
+ int prefixSize = 7; // strlen("charset")
+ QLatin1String copy(data.constData() + prefixSize, data.size() - prefixSize);
+ while (copy.startsWith(QLatin1String(" ")))
+ copy = copy.mid(1);
+ if (copy.startsWith(QLatin1String("=")))
data.prepend("text/plain;");
}

8
SPECS/qt5-qtbase.spec
View File

@ -57,7 +57,7 @@ BuildRequires: pkgconfig(libsystemd)
Name: qt5-qtbase Name: qt5-qtbase
Summary: Qt5 - QtBase components Summary: Qt5 - QtBase components
Version: 5.15.9 Version: 5.15.9
Release: 10%{?dist} Release: 11%{?dist}
# See LGPL_EXCEPTIONS.txt, for exception details # See LGPL_EXCEPTIONS.txt, for exception details
@ -153,6 +153,7 @@ Patch116: 0001-CVE-2023-51714-qtbase-5.15.patch
Patch117: 0002-CVE-2023-51714-qtbase-5.15.patch Patch117: 0002-CVE-2023-51714-qtbase-5.15.patch
Patch118: CVE-2024-25580-qtbase-5.15.patch Patch118: CVE-2024-25580-qtbase-5.15.patch
Patch119: CVE-2024-39936.patch Patch119: CVE-2024-39936.patch
Patch120: CVE-2025-5455-qtbase-5.15.patch
# gating related patches # gating related patches
Patch200: qtbase-disable-tests-not-working-in-gating.patch Patch200: qtbase-disable-tests-not-working-in-gating.patch
@ -446,6 +447,7 @@ Qt5 libraries used for drawing widgets and OpenGL items.
%patch -P117 -p1 %patch -P117 -p1
%patch -P118 -p1 %patch -P118 -p1
%patch -P119 -p1 %patch -P119 -p1
%patch -P120 -p1
## gating related patches ## gating related patches
%patch -P200 -p1 -b .disable-tests-not-working-in-gating %patch -P200 -p1 -b .disable-tests-not-working-in-gating
@ -1146,6 +1148,10 @@ fi
%changelog %changelog
* Thu Jun 12 2025 Jan Grulich <jgrulich@redhat.com> - 5.15.9-11
- qt5: QtCore Assertion Failure Denial of Service
Resolves: RHEL-96231
* Wed Jul 11 2024 Jan Grulich <jgrulich@redhat.com> - 5.15.9-10 * Wed Jul 11 2024 Jan Grulich <jgrulich@redhat.com> - 5.15.9-10
- HTTP2: Delay any communication until encrypted() can be responded to - HTTP2: Delay any communication until encrypted() can be responded to
Resolves: RHEL-46351 Resolves: RHEL-46351