12 changed files with 717 additions and 277 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,2 +1,2 @@
-SOURCES/kde-5.15-rollup-20220324.patch.gz
-SOURCES/qtbase-everywhere-opensource-src-5.15.3.tar.xz
+SOURCES/kde-5.15-rollup-20230411.patch.gz
+SOURCES/qtbase-everywhere-opensource-src-5.15.9.tar.xz
--- a/.qt5-qtbase.metadata
+++ b/.qt5-qtbase.metadata
@ -1,2 +1,2 @@
-981f5fbeb315c2e4adc122cee944368598466b67 SOURCES/kde-5.15-rollup-20220324.patch.gz
-d7383126e1f412ef26096692b9e50a1887eb11f7 SOURCES/qtbase-everywhere-opensource-src-5.15.3.tar.xz
+677b605bf6033bdfa84a676096ec6e77da6e844d SOURCES/kde-5.15-rollup-20230411.patch.gz
+a5bbeafa6319cd3e666b12ccc722a357de7230be SOURCES/qtbase-everywhere-opensource-src-5.15.9.tar.xz
--- a/SOURCES/CVE-2023-37369-qtbase-5.15.patch
+++ b/SOURCES/CVE-2023-37369-qtbase-5.15.patch
@ -1,8 +1,8 @@
 diff --git a/src/corelib/serialization/qxmlstream.cpp b/src/corelib/serialization/qxmlstream.cpp
-index 4f282f19..6c98e7c0 100644
+index 7cd457ba3a..11d162cb79 100644
 --- a/src/corelib/serialization/qxmlstream.cpp
 +++ b/src/corelib/serialization/qxmlstream.cpp
-@@ -1302,11 +1302,19 @@ inline int QXmlStreamReaderPrivate::fastScanContentCharList()
+@@ -1302,15 +1302,18 @@ inline int QXmlStreamReaderPrivate::fastScanContentCharList()
     return n;
 }

@ -14,16 +14,17 @@ index 4f282f19..6c98e7c0 100644
     int n = 0;
     uint c;
     while ((c = getChar()) != StreamEOF) {
-+        if (n >= 4096) {
-+            // This is too long to be a sensible name, and
+         if (n >= 4096) {
+             // This is too long to be a sensible name, and
+-            // can exhaust memory
+-            return 0;
 +            // can exhaust memory, or the range of decltype(*prefix)
 +            raiseNamePrefixTooLongError();
 +            return {};
-+        }
+         }
         switch (c) {
         case '\n':
-         case ' ':
-@@ -1334,23 +1342,23 @@ inline int QXmlStreamReaderPrivate::fastScanName(int *prefix)
+@@ -1339,23 +1342,23 @@ inline int QXmlStreamReaderPrivate::fastScanName(int *prefix)
         case '+':
         case '*':
             putChar(c);
@ -55,7 +56,7 @@ index 4f282f19..6c98e7c0 100644
             }
             Q_FALLTHROUGH();
         default:
-@@ -1359,12 +1367,12 @@ inline int QXmlStreamReaderPrivate::fastScanName(int *prefix)
+@@ -1364,12 +1367,12 @@ inline int QXmlStreamReaderPrivate::fastScanName(int *prefix)
         }
     }

@ -71,7 +72,7 @@ index 4f282f19..6c98e7c0 100644
 }

 enum NameChar { NameBeginning, NameNotBeginning, NotName };
-@@ -1873,6 +1881,14 @@ void QXmlStreamReaderPrivate::raiseWellFormedError(const QString &message)
+@@ -1878,6 +1881,14 @@ void QXmlStreamReaderPrivate::raiseWellFormedError(const QString &message)
     raiseError(QXmlStreamReader::NotWellFormedError, message);
 }

@ -87,7 +88,7 @@ index 4f282f19..6c98e7c0 100644
 {

 diff --git a/src/corelib/serialization/qxmlstream.g b/src/corelib/serialization/qxmlstream.g
-index b623de95..e4310285 100644
+index 4321fed68a..8c6a1a5887 100644
 --- a/src/corelib/serialization/qxmlstream.g
 +++ b/src/corelib/serialization/qxmlstream.g
@@ -516,7 +516,16 @@ public:
@ -116,7 +117,7 @@ index b623de95..e4310285 100644

     QXmlStreamEntityResolver *entityResolver;

-@@ -1809,7 +1819,12 @@ space_opt ::= space;
+@@ -1811,7 +1821,12 @@ space_opt ::= space;
 qname ::= LETTER;
 /.
         case $rule_number: {
@ -130,7 +131,7 @@ index b623de95..e4310285 100644
             if (atEnd) {
                 resume($rule_number);
                 return false;
-@@ -1820,7 +1835,11 @@ qname ::= LETTER;
+@@ -1822,7 +1837,11 @@ qname ::= LETTER;
 name ::= LETTER;
 /.
         case $rule_number:
@ -144,7 +145,7 @@ index b623de95..e4310285 100644
                 resume($rule_number);
                 return false;
 diff --git a/src/corelib/serialization/qxmlstream_p.h b/src/corelib/serialization/qxmlstream_p.h
-index 103b123b..80e7f740 100644
+index e5bde7b98e..b01484cac3 100644
 --- a/src/corelib/serialization/qxmlstream_p.h
 +++ b/src/corelib/serialization/qxmlstream_p.h
@@ -1005,7 +1005,16 @@ public:
@ -173,7 +174,7 @@ index 103b123b..80e7f740 100644

     QXmlStreamEntityResolver *entityResolver;

-@@ -1937,7 +1947,12 @@ bool QXmlStreamReaderPrivate::parse()
+@@ -1939,7 +1949,12 @@ bool QXmlStreamReaderPrivate::parse()
         break;

         case 262: {
@ -187,7 +188,7 @@ index 103b123b..80e7f740 100644
             if (atEnd) {
                 resume(262);
                 return false;
-@@ -1945,7 +1960,11 @@ bool QXmlStreamReaderPrivate::parse()
+@@ -1947,7 +1962,11 @@ bool QXmlStreamReaderPrivate::parse()
         } break;

         case 263:
--- a/SOURCES/CVE-2024-39936.patch
+++ b/SOURCES/CVE-2024-39936.patch
@ -31,7 +31,7 @@ Reviewed-by: Volker Hilsheimer <volker.hilsheimer@qt.io>
 ---

 diff --git a/src/network/access/qhttp2protocolhandler.cpp b/src/network/access/qhttp2protocolhandler.cpp
-index 91c41d82..562dfd66 100644
+index 39dd4608..bc1dac68 100644
 --- a/src/network/access/qhttp2protocolhandler.cpp
 +++ b/src/network/access/qhttp2protocolhandler.cpp
@@ -371,12 +371,12 @@ bool QHttp2ProtocolHandler::sendRequest()
@ -51,7 +51,7 @@ index 91c41d82..562dfd66 100644
     // Check what was promised/pushed, maybe we do not have to send a request
     // and have a response already?
 diff --git a/src/network/access/qhttpnetworkconnectionchannel.cpp b/src/network/access/qhttpnetworkconnectionchannel.cpp
-index 647ef431..608e7914 100644
+index 7620ca16..e15b0810 100644
 --- a/src/network/access/qhttpnetworkconnectionchannel.cpp
 +++ b/src/network/access/qhttpnetworkconnectionchannel.cpp
@@ -255,6 +255,10 @@ void QHttpNetworkConnectionChannel::abort()
@ -96,7 +96,7 @@ index 647ef431..608e7914 100644
     protocolHandler->_q_readyRead();
 }
 
-@@ -1287,7 +1298,18 @@ void QHttpNetworkConnectionChannel::_q_encrypted()
+@@ -1289,7 +1300,18 @@ void QHttpNetworkConnectionChannel::_q_encrypted()
             // Similar to HTTP/1.1 counterpart below:
             const auto &pairs = spdyRequestsToSend.values(); // (request, reply)
             const auto &pair = pairs.first();
@ -115,13 +115,15 @@ index 647ef431..608e7914 100644
             // In case our peer has sent us its settings (window size, max concurrent streams etc.)
             // let's give _q_receiveReply a chance to read them first ('invokeMethod', QueuedConnection).
             QMetaObject::invokeMethod(connection, "_q_startNextRequest", Qt::QueuedConnection);
-@@ -1305,6 +1327,26 @@ void QHttpNetworkConnectionChannel::_q_encrypted()
+@@ -1307,6 +1329,28 @@ void QHttpNetworkConnectionChannel::_q_encrypted()
     }
 }
 
 +void QHttpNetworkConnectionChannel::checkAndResumeCommunication()
 +{
-+    Q_ASSERT(connection->connectionType() > QHttpNetworkConnection::ConnectionTypeHTTP);
+    Q_ASSERT(connection->connectionType() == QHttpNetworkConnection::ConnectionTypeSPDY
+             || connection->connectionType() == QHttpNetworkConnection::ConnectionTypeHTTP2
+             || connection->connectionType() == QHttpNetworkConnection::ConnectionTypeHTTP2Direct);
 +
 +    // Because HTTP/2 requires that we send a SETTINGS frame as the first thing we do, and respond
 +    // to a SETTINGS frame with an ACK, we need to delay any handling until we can ensure that any
@ -166,3 +168,65 @@ index d8ac3979..eac44464 100644
     bool isSocketBusy() const;
     bool isSocketWriting() const;
     bool isSocketWaiting() const;
+diff --git a/tests/auto/network/access/http2/tst_http2.cpp b/tests/auto/network/access/http2/tst_http2.cpp
+index bf8c7799..8ed95b99 100644
+--- a/tests/auto/network/access/http2/tst_http2.cpp
+++ b/tests/auto/network/access/http2/tst_http2.cpp
+@@ -118,6 +118,8 @@ private slots:
+     void redirect_data();
+     void redirect();
+ 
+    void abortOnEncrypted();
+
+ protected slots:
+     // Slots to listen to our in-process server:
+     void serverStarted(quint16 port);
+@@ -1024,6 +1026,48 @@ void tst_Http2::redirect()
+     QTRY_VERIFY(serverGotSettingsACK);
+ }
+ 
+void tst_Http2::abortOnEncrypted()
+{
+#if !QT_CONFIG(ssl)
+    QSKIP("TLS support is needed for this test");
+#else
+    clearHTTP2State();
+    serverPort = 0;
+
+    ServerPtr targetServer(newServer(defaultServerSettings, H2Type::h2Direct));
+
+    QMetaObject::invokeMethod(targetServer.data(), "startServer", Qt::QueuedConnection);
+    runEventLoop();
+
+    nRequests = 1;
+    nSentRequests = 0;
+
+    const auto url = requestUrl(H2Type::h2Direct);
+    QNetworkRequest request(url);
+    request.setAttribute(QNetworkRequest::Http2DirectAttribute, true);
+
+    std::unique_ptr<QNetworkReply> reply{manager->get(request)};
+    reply->ignoreSslErrors();
+    connect(reply.get(), &QNetworkReply::encrypted, reply.get(), [reply = reply.get()](){
+        reply->abort();
+    });
+    connect(reply.get(), &QNetworkReply::errorOccurred, this, &tst_Http2::replyFinishedWithError);
+
+    runEventLoop();
+    STOP_ON_FAILURE
+
+    QCOMPARE(nRequests, 0);
+    QCOMPARE(reply->error(), QNetworkReply::OperationCanceledError);
+
+    const bool res = QTest::qWaitFor(
+            [this, server = targetServer.get()]() {
+                return serverGotSettingsACK || prefaceOK || nSentRequests > 0;
+            },
+            500);
+    QVERIFY(!res);
+#endif // QT_CONFIG(ssl)
+}
+
+ void tst_Http2::serverStarted(quint16 port)
+ {
+     serverPort = port;
--- a/SOURCES/qtbase-5.15.8-fix-missing-qtsan-include.patch
+++ b/SOURCES/qtbase-5.15.8-fix-missing-qtsan-include.patch
--- a/SOURCES/qtbase-ambiguous-python-shebang.patch
+++ b/SOURCES/qtbase-ambiguous-python-shebang.patch
@ -1,30 +0,0 @@
-diff --git a/mkspecs/features/uikit/devices.py b/mkspecs/features/uikit/devices.py
-index 8cdcb370..b0c927ea 100755
--- a/mkspecs/features/uikit/devices.py
-+++ b/mkspecs/features/uikit/devices.py
-@@ -1,4 +1,4 @@
-#!/usr/bin/python
-+#!/usr/bin/python3
- 
- #############################################################################
- ##
-diff --git a/tests/manual/xembed-raster/gtk-embedder.py b/tests/manual/xembed-raster/gtk-embedder.py
-index 5c37fd44..86ffa9fd 100755
--- a/tests/manual/xembed-raster/gtk-embedder.py
-+++ b/tests/manual/xembed-raster/gtk-embedder.py
-@@ -1,4 +1,4 @@
-#!/usr/bin/python
-+#!/usr/bin/python3
- #############################################################################
- ##
- ## Copyright (C) 2013 Canonical Ltd.
-diff --git a/tests/manual/xembed-widgets/gtk-embedder.py b/tests/manual/xembed-widgets/gtk-embedder.py
-index 2a7c92db..93135b14 100755
--- a/tests/manual/xembed-widgets/gtk-embedder.py
-+++ b/tests/manual/xembed-widgets/gtk-embedder.py
-@@ -1,4 +1,4 @@
-#!/usr/bin/python
-+#!/usr/bin/python3
- #############################################################################
- ##
- ## Copyright (C) 2013 Canonical Ltd.
--- a/SOURCES/qtbase-disable-tests-not-working-in-gating.patch
+++ b/SOURCES/qtbase-disable-tests-not-working-in-gating.patch
@ -0,0 +1,122 @@
+diff --git a/tests/auto/corelib/io/qresourceengine/tst_qresourceengine.cpp b/tests/auto/corelib/io/qresourceengine/tst_qresourceengine.cpp
+index 2accf99c..31478c1d 100644
+--- a/tests/auto/corelib/io/qresourceengine/tst_qresourceengine.cpp
+++ b/tests/auto/corelib/io/qresourceengine/tst_qresourceengine.cpp
+@@ -63,7 +63,7 @@ private slots:
+ #endif
+     void doubleSlashInRoot();
+     void setLocale();
+-    void lastModified();
+    // void lastModified();
+     void resourcesInStaticPlugins();
+
+ private:
+@@ -645,19 +645,19 @@ void tst_QResourceEngine::setLocale()
+     QLocale::setDefault(QLocale::system());
+ }
+
+-void tst_QResourceEngine::lastModified()
+-{
+-    {
+-        QFileInfo fi(":/");
+-        QVERIFY(fi.exists());
+-        QVERIFY2(!fi.lastModified().isValid(), qPrintable(fi.lastModified().toString()));
+-    }
+-    {
+-        QFileInfo fi(":/search_file.txt");
+-        QVERIFY(fi.exists());
+-        QVERIFY(fi.lastModified().isValid());
+-    }
+-}
+// void tst_QResourceEngine::lastModified()
+// {
+//     {
+//         QFileInfo fi(":/");
+//         QVERIFY(fi.exists());
+//         QVERIFY2(!fi.lastModified().isValid(), qPrintable(fi.lastModified().toString()));
+//     }
+//     {
+//         QFileInfo fi(":/search_file.txt");
+//         QVERIFY(fi.exists());
+//         QVERIFY(fi.lastModified().isValid());
+//     }
+// }
+
+ Q_IMPORT_PLUGIN(PluginClass)
+ void tst_QResourceEngine::resourcesInStaticPlugins()
+diff --git a/tests/auto/corelib/io/qstorageinfo/tst_qstorageinfo.cpp b/tests/auto/corelib/io/qstorageinfo/tst_qstorageinfo.cpp
+index fe63cecc..e1686aea 100644
+--- a/tests/auto/corelib/io/qstorageinfo/tst_qstorageinfo.cpp
+++ b/tests/auto/corelib/io/qstorageinfo/tst_qstorageinfo.cpp
+@@ -46,7 +46,7 @@ private slots:
+     void currentStorage();
+     void storageList();
+     void tempFile();
+-    void caching();
+    // void caching();
+ #endif
+ };
+
+@@ -202,34 +202,34 @@ void tst_QStorageInfo::tempFile()
+     QVERIFY(free != storage2.bytesFree());
+ }
+
+-void tst_QStorageInfo::caching()
+-{
+-    QTemporaryFile file;
+-    QVERIFY2(file.open(), qPrintable(file.errorString()));
+-
+-    QStorageInfo storage1(file.fileName());
+-#ifdef Q_OS_LINUX
+-    if (storage1.fileSystemType() == "btrfs")
+-        QSKIP("This test doesn't work on btrfs, probably due to a btrfs bug");
+-#endif
+-
+-    qint64 free = storage1.bytesFree();
+-    QStorageInfo storage2(storage1);
+-    QCOMPARE(free, storage2.bytesFree());
+-    QVERIFY(free != -1);
+-
+-    file.write(QByteArray(1024*1024, '\0'));
+-    file.flush();
+-
+-    QCOMPARE(free, storage1.bytesFree());
+-    QCOMPARE(free, storage2.bytesFree());
+-    storage2.refresh();
+-    QCOMPARE(storage1, storage2);
+-    if (free == storage2.bytesFree() && storage2.fileSystemType() == "apfs") {
+-        QEXPECT_FAIL("", "This test is likely to fail on APFS", Continue);
+-    }
+-    QVERIFY(free != storage2.bytesFree());
+-}
+// void tst_QStorageInfo::caching()
+// {
+//     QTemporaryFile file;
+//     QVERIFY2(file.open(), qPrintable(file.errorString()));
+//
+//     QStorageInfo storage1(file.fileName());
+// #ifdef Q_OS_LINUX
+//     if (storage1.fileSystemType() == "btrfs")
+//         QSKIP("This test doesn't work on btrfs, probably due to a btrfs bug");
+// #endif
+//
+//     qint64 free = storage1.bytesFree();
+//     QStorageInfo storage2(storage1);
+//     QCOMPARE(free, storage2.bytesFree());
+//     QVERIFY(free != -1);
+//
+//     file.write(QByteArray(1024*1024, '\0'));
+//     file.flush();
+//
+//     QCOMPARE(free, storage1.bytesFree());
+//     QCOMPARE(free, storage2.bytesFree());
+//     storage2.refresh();
+//     QCOMPARE(storage1, storage2);
+//     if (free == storage2.bytesFree() && storage2.fileSystemType() == "apfs") {
+//         QEXPECT_FAIL("", "This test is likely to fail on APFS", Continue);
+//     }
+//     QVERIFY(free != storage2.bytesFree());
+// }
+ #endif
+
+ QTEST_MAIN(tst_QStorageInfo)
--- a/SOURCES/qtbase-everywhere-src-5.15.6-private_api_warning.patch
+++ b/SOURCES/qtbase-everywhere-src-5.15.6-private_api_warning.patch
@ -0,0 +1,12 @@
+diff -up qtbase-everywhere-src-5.15.6/src/corelib/kernel/qobject_p.h.private_api_warning qtbase-everywhere-src-5.15.6/src/corelib/kernel/qobject_p.h
+--- qtbase-everywhere-src-5.15.6/src/corelib/kernel/qobject_p.h.private_api_warning	2022-10-11 09:08:33.712070523 -0500
+++ qtbase-everywhere-src-5.15.6/src/corelib/kernel/qobject_p.h	2022-10-11 09:10:58.647038619 -0500
+@@ -435,7 +435,7 @@ inline void QObjectPrivate::checkForInco
+     Q_UNUSED(version);
+ #else
+     if (Q_UNLIKELY(version != QObjectPrivateVersion)) {
+-        qFatal("Cannot mix incompatible Qt library (%d.%d.%d) with this library (%d.%d.%d)",
+        qWarning("Cannot mix incompatible Qt library (%d.%d.%d) with this library (%d.%d.%d)",
+                 (version >> 16) & 0xff, (version >> 8) & 0xff, version & 0xff,
+                 (QObjectPrivateVersion >> 16) & 0xff, (QObjectPrivateVersion >> 8) & 0xff, QObjectPrivateVersion & 0xff);
+     }
--- a/SOURCES/qtbase-h2-emit-encrypted-for-first-reply-similar-to-h1.patch
+++ b/SOURCES/qtbase-h2-emit-encrypted-for-first-reply-similar-to-h1.patch
@ -1,60 +0,0 @@
-From 95064c35826793c5d6a4edff9fa08ad308b047bb Mon Sep 17 00:00:00 2001
-From: Timur Pocheptsov <timur.pocheptsov@qt.io>
-Date: Tue, 20 Jul 2021 08:16:28 +0200
-Subject: [PATCH] H2: emit encrypted for at least the first reply, similar to
- H1
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Fixes: QTBUG-95277
-Change-Id: I1fe01503376c0d6278e366d7bd31b412b7cc3a69
-Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
-(cherry picked from commit c23b7886348dc313ccec1a131850a7cce1b429de)
---
- src/network/access/qhttpnetworkconnectionchannel.cpp | 4 ++++
- tests/auto/network/access/http2/tst_http2.cpp        | 9 +++++++++
- 2 files changed, 13 insertions(+)
-
-diff --git a/src/network/access/qhttpnetworkconnectionchannel.cpp b/src/network/access/qhttpnetworkconnectionchannel.cpp
-index f1db2744..647ef431 100644
--- a/src/network/access/qhttpnetworkconnectionchannel.cpp
-+++ b/src/network/access/qhttpnetworkconnectionchannel.cpp
-@@ -1284,6 +1284,10 @@ void QHttpNetworkConnectionChannel::_q_encrypted()
-         connection->connectionType() == QHttpNetworkConnection::ConnectionTypeHTTP2Direct) {
-         // we call setSpdyWasUsed(true) on the replies in the SPDY handler when the request is sent
-         if (spdyRequestsToSend.count() > 0) {
-+            // Similar to HTTP/1.1 counterpart below:
-+            const auto &pairs = spdyRequestsToSend.values(); // (request, reply)
-+            const auto &pair = pairs.first();
-+            emit pair.second->encrypted();
-             // In case our peer has sent us its settings (window size, max concurrent streams etc.)
-             // let's give _q_receiveReply a chance to read them first ('invokeMethod', QueuedConnection).
-             QMetaObject::invokeMethod(connection, "_q_startNextRequest", Qt::QueuedConnection);
-diff --git a/tests/auto/network/access/http2/tst_http2.cpp b/tests/auto/network/access/http2/tst_http2.cpp
-index 6702f25b..95a97902 100644
--- a/tests/auto/network/access/http2/tst_http2.cpp
-+++ b/tests/auto/network/access/http2/tst_http2.cpp
-@@ -267,6 +267,10 @@ void tst_Http2::singleRequest()
-     request.setAttribute(h2Attribute, QVariant(true));
- 
-     auto reply = manager->get(request);
-+#if QT_CONFIG(ssl)
-+    QSignalSpy encSpy(reply, &QNetworkReply::encrypted);
-+#endif // QT_CONFIG(ssl)
-+
-     connect(reply, &QNetworkReply::finished, this, &tst_Http2::replyFinished);
-     // Since we're using self-signed certificates,
-     // ignore SSL errors:
-@@ -281,6 +285,11 @@ void tst_Http2::singleRequest()
- 
-     QCOMPARE(reply->error(), QNetworkReply::NoError);
-     QVERIFY(reply->isFinished());
-+
-+#if QT_CONFIG(ssl)
-+    if (connectionType == H2Type::h2Alpn || connectionType == H2Type::h2Direct)
-+        QCOMPARE(encSpy.count(), 1);
-+#endif // QT_CONFIG(ssl)
- }
- 
- void tst_Http2::multipleRequests()
--- a/SOURCES/qtbase-use-wayland-on-gnome.patch
+++ b/SOURCES/qtbase-use-wayland-on-gnome.patch
@ -0,0 +1,20 @@
+diff --git a/src/gui/kernel/qguiapplication.cpp b/src/gui/kernel/qguiapplication.cpp
+index b8bfad4f16..676fdfad5e 100644
+--- a/src/gui/kernel/qguiapplication.cpp
+++ b/src/gui/kernel/qguiapplication.cpp
+@@ -1376,14 +1376,7 @@ void QGuiApplicationPrivate::createPlatformIntegration()
+         if (sessionType == QByteArrayLiteral("x11") && !platformName.contains(QByteArrayLiteral("xcb"))) {
+             platformName = QByteArrayLiteral("xcb");
+         } else if (sessionType == QByteArrayLiteral("wayland") && !platformName.contains(QByteArrayLiteral("wayland"))) {
+-            QByteArray currentDesktop = qgetenv("XDG_CURRENT_DESKTOP").toLower();
+-            QByteArray sessionDesktop = qgetenv("XDG_SESSION_DESKTOP").toLower();
+-            if (currentDesktop.contains("gnome") || sessionDesktop.contains("gnome")) {
+-                qInfo() << "Warning: Ignoring XDG_SESSION_TYPE=wayland on Gnome."
+-                        << "Use QT_QPA_PLATFORM=wayland to run on Wayland anyway.";
+-            } else {
+-                platformName = QByteArrayLiteral("wayland");
+-            }
+            platformName = QByteArrayLiteral("wayland");
+         }
+     }
+ #ifdef QT_QPA_DEFAULT_PLATFORM_NAME
--- a/SOURCES/tell-the-truth-about-private-api.patch
+++ b/SOURCES/tell-the-truth-about-private-api.patch
@ -1,16 +0,0 @@
-diff --git a/mkspecs/features/qt_module.prf b/mkspecs/features/qt_module.prf
-index e6a0d97..cf93041 100644
--- a/mkspecs/features/qt_module.prf
-+++ b/mkspecs/features/qt_module.prf
-@@ -216,9 +216,9 @@ android: CONFIG += qt_android_deps no_linker_version_script
-     QMAKE_LFLAGS += $${QMAKE_LFLAGS_VERSION_SCRIPT}$$verscript
-
-     internal_module {
-        verscript_content = "Qt_$${QT_MAJOR_VERSION}_PRIVATE_API { *; };"
-+        verscript_content = "Qt_$${QT_MAJOR_VERSION}.$${QT_MINOR_VERSION}.$${QT_PATCH_VERSION}_PRIVATE_API { *; };"
-     } else {
-        verscript_content = "Qt_$${QT_MAJOR_VERSION}_PRIVATE_API {" \
-+        verscript_content = "Qt_$${QT_MAJOR_VERSION}.$${QT_MINOR_VERSION}.$${QT_PATCH_VERSION}_PRIVATE_API {" \
-                             "    qt_private_api_tag*;"
-
-         private_api_headers = $$SYNCQT.PRIVATE_HEADER_FILES $$SYNCQT.QPA_HEADER_FILES
--- a/SPECS/qt5-qtbase.spec
+++ b/SPECS/qt5-qtbase.spec
@ -2,11 +2,21 @@
 %global multilib_archs x86_64 %{ix86} %{?mips} ppc64 ppc s390x s390 sparc64 sparcv9
 %global multilib_basearchs x86_64 %{?mips64} ppc64 s390x sparc64

-%global openssl -openssl-linked
+%if 0%{?fedora} < 29 && 0%{?rhel} < 9
+%ifarch %{ix86}
+%global no_sse2  -no-sse2
+%endif
+%endif

+# workaround https://bugzilla.redhat.com/show_bug.cgi?id=1668865
+# for current stable releases
+%if 0%{?fedora} < 30  || 0%{?rhel} > 6
 %global no_feature_statx -no-feature-statx
 %global no_feature_renameat2 -no-feature-renameat2
+%endif
+%if 0%{?rhel} && 0%{?rhel} > 6
 %global no_feature_getentropy -no-feature-getentropy
+%endif

 # support qtchooser (adds qtchooser .conf file)
 %global qtchooser 1
@ -30,18 +40,25 @@

 %global rpm_macros_dir %(d=%{_rpmconfigdir}/macros.d; [ -d $d ] || d=%{_sysconfdir}/rpm; echo $d)

-%global journald -journald
+# use external qt_settings pkg
+%if 0%{?fedora}
+%global qt_settings 1
+%endif
+
 BuildRequires: make
 BuildRequires: pkgconfig(libsystemd)

-## skip for now, until we're better at it --rex
 %global examples 1
 %global build_tests 1

+## skip for now, until we're better at it --rex
+#global tests 1
+
 Name:    qt5-qtbase
 Summary: Qt5 - QtBase components
-Version: 5.15.3
-Release: 8%{?dist}
+Version: 5.15.9
+Release: 10%{?dist}
+

 # See LGPL_EXCEPTIONS.txt, for exception details
 License: LGPLv2 with exceptions or GPLv3 with exceptions
@ -66,11 +83,8 @@ Source10: macros.qt5-qtbase
 # support multilib optflags
 Patch2: qtbase-multilib_optflags.patch

-# borrowed from opensuse
-# track private api via properly versioned symbols
-# downside: binaries produced with these differently-versioned symbols are no longer
-# compatible with qt-project.org's Qt binary releases.
-Patch8: tell-the-truth-about-private-api.patch
+# make mixing versions with private apis a warning instead of fatal error
+Patch3: qtbase-everywhere-src-5.15.6-private_api_warning.patch

 # upstreamable patches
 # namespace QT_VERSION_CHECK to workaround major/minor being pre-defined (#1396755)
@ -112,18 +126,22 @@ Patch64: qt5-qtbase-5.12.1-firebird-4.0.0.patch
 # fix for new mariadb
 Patch65: qtbase-opensource-src-5.9.0-mysql.patch

-Patch68: qtbase-ambiguous-python-shebang.patch
+# https://fedoraproject.org/wiki/Changes/Qt_Wayland_By_Default_On_Gnome
+# https://bugzilla.redhat.com/show_bug.cgi?id=1732129
+Patch80: qtbase-use-wayland-on-gnome.patch

 # gcc-11
 Patch90: %{name}-gcc11.patch

 ## upstream patches
 # https://invent.kde.org/qt/qt/qtbase, kde/5.15 branch
-# git diff v5.15.3-lts-lgpl..HEAD | gzip > kde-5.15-rollup-$(date +%Y%m%d).patch.gz
+# git diff v5.15.9-lts-lgpl..HEAD | gzip > kde-5.15-rollup-$(date +%Y%m%d).patch.gz
 # patch100 in lookaside cache due to large'ish size -- rdieter
-Patch100: kde-5.15-rollup-20220324.patch.gz
+Patch100: kde-5.15-rollup-20230411.patch.gz
 # HACK to make 'fedpkg sources' consider it 'used"
-Source100: kde-5.15-rollup-20220324.patch.gz
+Source100: kde-5.15-rollup-20230411.patch.gz
+
+Patch101: qtbase-5.15.8-fix-missing-qtsan-include.patch

 Patch110: CVE-2023-32762-qtbase-5.15.patch
 Patch111: CVE-2023-32763-qtbase-5.15.patch
@ -134,9 +152,10 @@ Patch115: CVE-2023-38197-qtbase-5.15.patch
 Patch116: 0001-CVE-2023-51714-qtbase-5.15.patch
 Patch117: 0002-CVE-2023-51714-qtbase-5.15.patch
 Patch118: CVE-2024-25580-qtbase-5.15.patch
-# Fix related to CVE-2024-39936, which I think is needed to be backported
-Patch119: qtbase-h2-emit-encrypted-for-first-reply-similar-to-h1.patch
-Patch120: CVE-2024-39936.patch
+Patch119: CVE-2024-39936.patch
+
+# gating related patches
+Patch200: qtbase-disable-tests-not-working-in-gating.patch

 # Do not check any files in %%{_qt5_plugindir}/platformthemes/ for requires.
 # Those themes are there for platform integration. If the required libraries are
@ -161,11 +180,8 @@ BuildRequires: clang >= 3.7.0
 %else
 BuildRequires: gcc-c++
 %endif
-# http://bugzilla.redhat.com/1196359
-%if 0%{?fedora} || 0%{?rhel} > 6
 %global dbus -dbus-linked
 BuildRequires: pkgconfig(dbus-1)
-%endif
 BuildRequires: pkgconfig(libdrm)
 BuildRequires: pkgconfig(fontconfig)
 BuildRequires: pkgconfig(gl)
@ -179,15 +195,19 @@ BuildRequires: pkgconfig(libudev)
 BuildRequires: openssl-devel
 BuildRequires: pkgconfig(libpulse) pkgconfig(libpulse-mainloop-glib)
 BuildRequires: pkgconfig(libinput)
+BuildRequires: pkgconfig(libsystemd)
 BuildRequires: pkgconfig(xcb-xkb) >= 1.10
 BuildRequires: pkgconfig(xcb-util)
 BuildRequires: pkgconfig(xkbcommon) >= 0.4.1
 BuildRequires: pkgconfig(xkbcommon-x11) >= 0.4.1
 BuildRequires: pkgconfig(xkeyboard-config)
+%global vulkan 1
+BuildRequires: pkgconfig(vulkan)
 %if 0%{?fedora} || 0%{?rhel} > 6
 %global egl 1
 BuildRequires: libEGL-devel
 BuildRequires: pkgconfig(gbm)
+## TODO: apparently only needed if building opengl_es2 support, do we actually use it?  -- rex
 BuildRequires: pkgconfig(glesv2)
 %global sqlite -system-sqlite
 BuildRequires: pkgconfig(sqlite3) >= 3.7
@ -206,7 +226,9 @@ BuildRequires: libicu-devel
 %endif
 BuildRequires: pkgconfig(xcb) pkgconfig(xcb-glx) pkgconfig(xcb-icccm) pkgconfig(xcb-image) pkgconfig(xcb-keysyms) pkgconfig(xcb-renderutil)
 BuildRequires: pkgconfig(zlib)
+BuildRequires: pkgconfig(libzstd)
 BuildRequires: perl-generators
+# see patch68
 BuildRequires: python3
 BuildRequires: qt5-rpm-macros

@ -224,6 +246,9 @@ Conflicts: qt < 1:4.8.6-10
 Requires(post): %{_sbindir}/update-alternatives
 Requires(postun): %{_sbindir}/update-alternatives
 %endif
+%if 0%{?qt_settings}
+Requires: qt-settings
+%endif
 Requires: %{name}-common = %{version}-%{release}

 ## Sql drivers
@ -236,6 +261,7 @@ Requires: %{name}-common = %{version}-%{release}
 # https://bugzilla.redhat.com/1458003
 # https://sourceware.org/bugzilla/show_bug.cgi?id=21074
 # reportedly fixed or worked-around, re-enable if there's evidence of problems -- rex
+# https://bugzilla.redhat.com/show_bug.cgi?id=1635973
 %global use_gold_linker -no-use-gold-linker

 %description
@ -249,6 +275,12 @@ Summary: Common files for Qt5
 # offer upgrade path for qtquick1 somewhere... may as well be here -- rex
 Obsoletes: qt5-qtquick1 < 5.9.0
 Obsoletes: qt5-qtquick1-devel < 5.9.0
+%if "%{?ibase}" == "-no-sql-ibase"
+Obsoletes: qt5-qtbase-ibase < %{version}-%{release}
+%endif
+%if "%{?tds}" == "-no-sql-tds"
+Obsoletes: qt5-qtbase-tds < %{version}-%{release}
+%endif
 Requires: %{name} = %{version}-%{release}
 BuildArch: noarch
 %description common
@ -262,6 +294,9 @@ Requires: %{name}-gui%{?_isa}
 Requires: libEGL-devel
 %endif
 Requires: pkgconfig(gl)
+%if 0%{?vulkan}
+Requires: pkgconfig(vulkan)
+%endif
 Requires: qt5-rpm-macros
 %if 0%{?use_clang}
 Requires: clang >= 3.7.0
@ -300,10 +335,8 @@ Summary: Static library files for %{name}
 Requires: %{name}-devel%{?_isa} = %{version}-%{release}
 Requires: pkgconfig(fontconfig)
 Requires: pkgconfig(glib-2.0)
-%if 0%{?fedora} || 0%{?rhel} > 7
 Requires: pkgconfig(libinput)
 Requires: pkgconfig(xkbcommon)
-%endif
 Requires: pkgconfig(zlib)

 %description static
@ -320,10 +353,10 @@ Requires: %{name}%{?_isa} = %{version}-%{release}

 %package mysql
 Summary: MySQL driver for Qt5's SQL classes
-%if 0%{?fedora} > 27 || 0%{?rhel} > 7
-BuildRequires: mariadb-connector-c-devel
-%else
+%if 0%{?rhel} && 0%{?rhel} < 9
 BuildRequires: mysql-devel
+%else
+BuildRequires: mariadb-connector-c-devel
 %endif
 Requires: %{name}%{?_isa} = %{version}-%{release}
 %description mysql
@ -356,7 +389,8 @@ Requires: %{name}%{?_isa} = %{version}-%{release}
 %package gui
 Summary: Qt5 GUI-related libraries
 Requires: %{name}%{?_isa} = %{version}-%{release}
-%if 0%{?fedora} > 20
+# where Recommends are supported
+%if 0%{?fedora} || 0%{?rhel} >= 8
 Recommends: mesa-dri-drivers
 %endif
 Obsoletes: qt5-qtbase-x11 < 5.2.0
@ -371,41 +405,50 @@ Qt5 libraries used for drawing widgets and OpenGL items.
 %prep
 %setup -q -n %{qt_module}-everywhere-src-%{version}

+## dowstream patches
+%patch -P3 -p1 -b .private_api_warning
+
 ## upstream fixes
-# omit '-b .tell-the-truth-about-private-api' so it doesn't end up in installed files -- rdieter
-%patch8 -p1
-
-%patch50 -p1 -b .QT_VERSION_CHECK
-# FIXME/TODO : rebase or drop -- rdieter
-#patch51 -p1 -b .hidpi_scale_at_192
-%patch52 -p1 -b .moc_macros
-%patch53 -p1 -b .qt5gui_cmake_isystem_includes
-%patch54 -p1 -b .qmake_LFLAGS
-%patch55 -p1 -b .no_relocatable
-%patch56 -p1 -b .libglvnd
-%patch61 -p1 -b .qt5-qtbase-cxxflag
-%patch64 -p1 -b .firebird
-%if 0%{?fedora} > 27 || 0%{?rhel} > 7
-%patch65 -p1 -b .mysql
+%patch -P50 -p1 -b .QT_VERSION_CHECK
+#patch -P51 -p1 -b .hidpi_scale_at_192
+%patch -P52 -p1 -b .moc_macros
+%patch -P53 -p1 -b .qt5gui_cmake_isystem_includes
+%patch -P54 -p1 -b .qmake_LFLAGS
+%patch -P55 -p1 -b .no_relocatable
+%patch -P56 -p1 -b .libglvnd
+%patch -P61 -p1 -b .qt5-qtbase-cxxflag
+%if 0%{?fedora} < 35
+%patch -P63 -p1 -b .firebird
+%else
+%patch -P64 -p1 -b .firebird
+%endif
+%if 0%{?fedora} > 27
+%patch -P65 -p1 -b .mysql
 %endif
-%patch68 -p1

-%patch90 -p1 -b .gcc11
+%if 0%{?fedora} > 30 || 0%{?rhel} > 9
+%patch -P80 -p1 -b .use-wayland-on-gnome.patch
+%endif
+
+%patch -P90 -p1 -b .gcc11

 ## upstream patches
-%patch100 -p1
+%patch -P100 -p1
+%patch -P101 -p1

-%patch110 -p1
-%patch111 -p1
-%patch112 -p1
-%patch113 -p1
-%patch114 -p1
-%patch115 -p1
-%patch116 -p1
-%patch117 -p1
-%patch118 -p1
-%patch119 -p1
-%patch120 -p1
+%patch -P110 -p1
+%patch -P111 -p1
+%patch -P112 -p1
+%patch -P113 -p1
+%patch -P114 -p1
+%patch -P115 -p1
+%patch -P116 -p1
+%patch -P117 -p1
+%patch -P118 -p1
+%patch -P119 -p1
+
+## gating related patches
+%patch -P200 -p1 -b .disable-tests-not-working-in-gating

 # move some bundled libs to ensure they're not accidentally used
 pushd src/3rdparty
@ -430,6 +473,7 @@ sed -i -e "s|^#!/usr/bin/env perl$|#!%{__perl}|" \
 bin/syncqt.pl \
 mkspecs/features/data/unix/findclasslist.pl

+
 %build
 # QT is known not to work properly with LTO at this point.  Some of the issues
 # are being worked on upstream and disabling LTO should be re-evaluated as
@ -438,6 +482,10 @@ sed -i -e "s|^#!/usr/bin/env perl$|#!%{__perl}|" \
 # https://bugzilla.redhat.com/1900527
 %define _lto_cflags %{nil}

+## FIXME/TODO:
+# * for %%ix86, add sse2 enabled builds for Qt5Gui, Qt5Core, QtNetwork, see also:
+#   http://anonscm.debian.org/cgit/pkg-kde/qt/qtbase.git/tree/debian/rules (234-249)
+
 ## adjust $RPM_OPT_FLAGS
 # remove -fexceptions
 RPM_OPT_FLAGS=`echo $RPM_OPT_FLAGS | sed 's|-fexceptions||g'`
@ -473,22 +521,24 @@ export MAKEFLAGS="%{?_smp_mflags}"
  -release \
  -shared \
  -accessibility \
-  %{?dbus}%{!?dbus:-dbus-runtime} \
+  -dbus-linked \
  %{?egl:-egl -eglfs} \
  -fontconfig \
  -glib \
  -gtk \
  %{?ibase} \
  -icu \
-  %{?journald} \
+  -journald \
  -optimized-qmake \
-  %{?openssl} \
+  -openssl-linked \
+  -libproxy \
  %{!?examples:-nomake examples} \
  %{!?build_tests:-nomake tests} \
  -no-pch \
  -no-reduce-relocations \
  -no-rpath \
  -no-separate-debug-info \
+  %{?no_sse2} \
  -no-strip \
  -system-libjpeg \
  -system-libpng \
@ -509,6 +559,20 @@ export MAKEFLAGS="%{?_smp_mflags}"
  QMAKE_CXXFLAGS_RELEASE="${CXXFLAGS:-$RPM_OPT_FLAGS}" \
  QMAKE_LFLAGS_RELEASE="${LDFLAGS:-$RPM_LD_FLAGS}"

+# Validate config results
+%if "%{?ibase}" != "-no-sql-ibase"
+for config_test in egl-x11 ibase ; do
+%else
+for config_test in egl-x11 ; do
+%endif
+config_result="$(grep ^cache.${config_test}.result config.cache | cut -d= -f2 | tr -d ' ')"
+if [ "${config_result}" != "true" ]; then
+  echo "${config_test} detection failed"
+  config_failed=1
+fi
+done
+if [ ${config_failed} -eq 1 ]; then exit 1; fi
+
 # ensure qmake build using optflags (which can happen if not munging qmake.conf defaults)
 make clean -C qmake
 %make_build -C qmake all binary \
@ -520,7 +584,7 @@ make clean -C qmake
 %make_build

 %if 0%{?build_tests}
-make sub-tests %{?_smp_mflags} -k ||:
+%qt5_build_tests
 %endif

 %install
@ -528,15 +592,7 @@ make install INSTALL_ROOT=%{buildroot}

 %if 0%{?build_tests}
 # Install tests for gating
-mkdir -p %{buildroot}%{_qt5_libdir}/qt5
-find ./tests -not -path '*/\.*' -type d | while read LINE
-do
-    mkdir -p "%{buildroot}%{_qt5_libdir}/qt5/$LINE"
-done
-find ./tests -not -path '*/\.*' -not -name '*.h' -not -name '*.cpp' -not -name '*.pro' -not -name 'uic_wrapper.sh' -not -name 'Makefile' -type f | while read LINE
-do
-    cp -r --parents "$LINE" %{buildroot}%{_qt5_libdir}/qt5/
-done
+%qt5_install_tests

 # Remove tests which will produce error when checking rpath
 rm -rf %{buildroot}%{_qt5_libdir}/qt5/tests/auto/corelib/plugin/qpluginloader/elftest
@ -570,7 +626,7 @@ translationdir=%{_qt5_translationdir}

 Name: Qt5
 Description: Qt5 Configuration
-Version: 5.15.3
+Version: 5.15.9
 EOF

 # rpm macros
@ -614,6 +670,7 @@ popd
  mkdir -p %{buildroot}%{_sysconfdir}/xdg/qtchooser
  pushd    %{buildroot}%{_sysconfdir}/xdg/qtchooser
  echo "%{_qt5_bindir}" >  5-%{__isa_bits}.conf
+## FIXME/TODO: verify qtchooser (still) happy if _qt5_prefix uses %%_prefix instead of %%_libdir/qt5
  echo "%{_qt5_prefix}" >> 5-%{__isa_bits}.conf
  # alternatives targets
  touch default.conf 5.conf
@ -634,6 +691,8 @@ popd

 install -p -m755 -D %{SOURCE6} %{buildroot}%{_sysconfdir}/X11/xinit/xinitrc.d/10-qt5-check-opengl2.sh

+# f29+ enables sse2 unconditionally on ix86 -- rex
+%if 0%{?fedora} < 29 && 0%{?rhel} < 9
 # fix bz#1442553 multilib issue
 privat_header_file=%{buildroot}%{_qt5_headerdir}/QtCore/%{version}/QtCore/private/qconfig_p.h
 grep -v QT_FEATURE_sse2 $privat_header_file > ${privat_header_file}.me
@ -645,6 +704,7 @@ cat >>${privat_header_file}<<EOF
 #define QT_FEATURE_sse2 -1
 #endif
 EOF
+%endif

 # install privat headers for qtxcb
 mkdir -p %{buildroot}%{_qt5_headerdir}/QtXcb
@ -972,6 +1032,12 @@ fi
 %{_qt5_libdir}/libQt5EdidSupport.prl
 %{_qt5_libdir}/libQt5XkbCommonSupport.*a
 %{_qt5_libdir}/libQt5XkbCommonSupport.prl
+%if 0%{?vulkan}
+%{_qt5_headerdir}/QtVulkanSupport/
+%{_qt5_libdir}/cmake/Qt5VulkanSupport/
+%{_qt5_libdir}/libQt5VulkanSupport.*a
+%{_qt5_libdir}/libQt5VulkanSupport.prl
+%endif

 %if 0%{?examples}
 %files examples
@ -1080,127 +1146,348 @@ fi


 %changelog
-* Tue Jul 16 2024 Jan Grulich <jgrulich@redhat.com> - 5.15.3-8
+* Wed Jul 11 2024 Jan Grulich <jgrulich@redhat.com> - 5.15.9-10
 - HTTP2: Delay any communication until encrypted() can be responded to
-  Resolves: RHEL-46340
+  Resolves: RHEL-46351

-* Fri Feb 16 2024 Jan Grulich <jgrulich@redhat.com> - 5.15.3-7
+* Fri Feb 16 2024 Jan Grulich <jgrulich@redhat.com> - 5.15.9-9
 - Fix CVE-2024-25580: potential buffer overflow when reading KTX images
-  Resolves: RHEL-25725
+  Resolves: RHEL-25726

-* Thu Jan 04 2024 Jan Grulich <jgrulich@redhat.com> - 5.15.3-6
+* Thu Jan 04 2024 Jan Grulich <jgrulich@redhat.com> - 5.15.9-8
 - Fix incorrect integer overflow check in HTTP2 implementation
-  Resolves: RHEL-20238
+  Resolves: RHEL-20239

-* Fri Jul 21 2023 Jan Grulich <jgrulich@redhat.com> - 5.15.3-5
+* Fri Jul 21 2023 Jan Grulich <jgrulich@redhat.com> - 5.15.9-7
 - Fix infinite loops in QXmlStreamReader (CVE-2023-38197)
-  Resolves: bz#2222770
+  Resolves: bz#2222771

-* Fri Jun 09 2023 Jan Grulich <jgrulich@redhat.com> - 5.15.3-4
+* Fri Jun 09 2023 Jan Grulich <jgrulich@redhat.com> - 5.15.9-6
 - Don't allow remote attacker to bypass security restrictions caused by
  flaw in certificate validation (CVE-2023-34410) (version #2)
-  Resolves: bz#2212753
+  Resolves: bz#2212754

-* Tue Jun 06 2023 Jan Grulich <jgrulich@redhat.com> - 5.15.3-3
+* Tue Jun 06 2023 Jan Grulich <jgrulich@redhat.com> - 5.15.9-5
 - Don't allow remote attacker to bypass security restrictions caused by
  flaw in certificate validation (CVE-2023-34410)
-  Resolves: bz#2212753
+  Resolves: bz#2212754

-* Wed May 24 2023 Jan Grulich <jgrulich@redhat.com> - 5.15.3-2
+* Wed May 24 2023 Jan Grulich <jgrulich@redhat.com> - 5.15.9-4
 - Fix specific overflow in qtextlayout
 - Fix incorrect parsing of the strict-transport-security (HSTS) header
 - Fix buffer over-read via a crafted reply from a DNS server
-  Resolves: bz#2209491
+  Resolves: bz#2209492
+
+* Wed Apr 26 2023 Jan Grulich <jgrulich@redhat.com> - 5.15.9-3
+- Rebuild (elfutils#2188064)
+  Resolves: bz#2175727
+
+* Tue Apr 25 2023 Jan Grulich <jgrulich@redhat.com> - 5.15.9-2
+- Disable tests failing in gating
+  Resolves: bz#2175727
+
+* Mon Apr 17 2023 Jan Grulich <jgrulich@redhat.com> - 5.15.9-1
+- 5.15.9 + sync with Fedora
+  Resolves: bz#2175727

 * Thu Mar 24 2022 Jan Grulich <jgrulich@redhat.com> - 5.15.3-1
 - 5.15.3 + sync with Fedora
-  Resolves: bz#2061377
-  Resolves: bz#2059853
+  Resolves: bz#2061354

-* Tue Oct 12 2021 Jan Grulich <jgrulich@redhat.com> - 5.15.2-4
- Fix out-of-bounds write in QOutlineMapper::convertPath
-  Resolves: bz#1996877
+* Mon Jan 31 2022 Jan Grulich <jgrulich@redhat.com> - 5.15.2-29
+- Sync with Fedora:
+  - sync kde/5.15 branch patches

-* Wed Apr 28 2021 Jan Grulich <jgrulich@redhat.com> - 5.15.2-3
- Rebuild (binutils)
-  Resolves: bz#1930040
+  Resolves: bz#2018876

-* Thu Apr 15 2021 Jan Grulich <jgrulich@redhat.com> - 5.15.2-2
- Drop apache2 test server from unit tests to drop perl(CGI) dependency
-  Resolves: bz#1930040
+* Tue Dec 07 2021 Jan Grulich <jgrulich@redhat.com> - 5.15.2-28
+- Sync with Fedora:
+  - sync kde/5.15 branch patches

-* Mon Mar 29 2021 Jan Grulich <jgrulich@redhat.com> - 5.15.2-1
- 5.15.2 + sync with Fedora
-  Resolves: bz#1930040
+  Resolves: bz#2018876

-* Mon Oct 05 2020 Jan Grulich <jgrulich@redhat.com> - 5.12.5-8
- Build against system xkb and openssl 1.1
-  Resolves: bz#1882375
+* Mon Oct 18 2021 Jan Grulich <jgrulich@redhat.com> - 5.15.2-27
+- Sync with Fedora:
+  - sync kde/5.15 branch patches
+  - validate configure results (base, egl-x11)

-* Thu Sep 24 2020 Jan Grulich <jgrulich@redhat.com> - 5.12.5-7
- Fix buffer overflow in XBM parser
-  Resolves: bz#1870364
+  Resolves: bz#2014991

-* Tue Jul 14 2020 Jan Grulich <jgrulich@redhat.com> - 5.12.5-6
- OpenSSL: handle SSL_shutdown's errors properly
-  Resolves: bz#1851538
+* Wed Sep 08 2021 Jan Grulich <jgrulich@redhat.com> - 5.15.2-26
+- Sync with Fedora:
+  - sync kde/5.15 branch patches
+  - -gui: add mesa-dri-drivers soft dep for rhel8+ too
+  Resolves: bz#1998959
+- Fix out-of-bound write in QOutlineMapper::converPath
+  Resolves: bz#1996876

-* Mon May 11 2020 Jan Grulich <jgrulich@redhat.com> - 5.12.5-5
- Fix: Files placed by attacker can influence the working directory and lead to malicious code execution
-  Resolves: bz#1814739
-  Resolves: bz#1814683
+* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 5.15.2-25
+- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
+  Related: rhbz#1991688

- Fix: XML entity expansion vulnerability
-  Resolves: bz#1822193
+* Fri Aug  6 2021 Florian Weimer <fweimer@redhat.com> - 5.15.2-24
+- Rebuild to pick up new build flags from redhat-rpm-config (#1984652)

-* Wed Nov 27 2019 Jan Grulich <jgrulich@redhat.com> - 5.12.5-4
- Fix build on RHEL 7 kernel
-  Resolves: bz#1733135
+* Tue Jul 13 2021 Jan Grulich <jgrulich@redhat.com> - 5.15.2-23
+- Drop BR: libproxy
+  Resolves: bz#1981680

-* Thu Nov 07 2019 Jan Grulich <jgrulich@redhat.com> - 5.12.5-2
- Remove Android specific test to avoid unnecessary dependencies
-  Resolves: bz#1733135
+* Wed Jun 16 2021 Mohan Boddu <mboddu@redhat.com> - 5.15.2-22
+- Rebuilt for RHEL 9 BETA for openssl 3.0
+  Related: rhbz#1971065

-* Tue Oct 29 2019 Jan Grulich <jgrulich@redhat.com> - 5.12.5-1
- 5.12.5 + sync with Fedora
-  Resolves: bz#1733135
+* Tue Jun 15 2021 Jan Grulich <jgrulich@redhat.com> - 5.15.2-21
+- Rebuild (qt5)
+  Resolves: bz#1968459

-* Wed May 22 2019 Jan Grulich <jgrulich@redhat.com> - 5.11.1-7
- Move libQt5EglFSDeviceIntegration lib out of the -devel subpkg
-  Resolves: bz#1692970
+* Fri Jun 11 2021 Jan Grulich <jgrulich@redhat.com> - 5.15.2-20
+- Rebuild (qt5)
+  Resolves: bz#1968459

- Fix QImage allocaion failure
-  Resolve: bz#1667860
+* Thu Jun 10 2021 Jan Grulich <jgrulich@redhat.com> - 5.15.2-19
+- Let qt5_install_tests macro handle mangling python shebangs
+  Resolves: bz#1968459

- Fix double free in QXmlStreamReader
-  Resolve: bz#1667858
+* Wed Jun 09 2021 Jan Grulich <jgrulich@redhat.com> - 5.15.2-18
+- Add gating tests
+  Resolves: bz#1968459

- Fix segmentation fault on malformed BMP file
-  Resolve: bz#1667859
+* Tue Jun 01 2021 Jan Grulich <jgrulich@redhat.com> - 5.15.2-17
+- Do not use Wayland backend by default on GNOME wayland session
+  Resolves: bz#1966425

-* Fri May 17 2019 Jan Grulich <jgrulich@redhat.com> - 5.11.1-6
- Create a tests subpkg with unit tests for gating
-  Resolves: bz#1681889
+* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 5.15.2-16
+- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937

-* Mon Dec 10 2018 Jan Grulich <jgrulich@redhat.com> - 5.11.1-5
- Rebuild to fix CET notes
-  Resolves: bz#1657206
+* Tue Mar 09 2021 Jan Grulich <jgrulich@redhat.com> - 5.15.2-15
+- FileChooser portal: send window id in hex

-* Fri Aug 17 2018 Jan Grulich <jgrulich@redhat.com> - 5.11.1-4
- Attempt not to hardcode ABI-tag for specific kernel version
-  Resolves: bz#1612434
+* Fri Feb 19 2021 Rex Dieter <rdieter@fedoraproject.org> - 5.15.2-14
+- %%build: explicitly pass -egl build option
+- unconditional BR: pkgconfig(glesv2) again

-* Fri Aug 03 2018 Jan Grulich <jgrulich@redhat.com> - 5.11.1-3
- Fix build failure with glibc
+* Tue Feb 09 2021 Pavel Raiskup <praiskup@redhat.com> - 5.15.2-13
+- rebuild all postgresql deps once more, for libpq ABI fix rhbz#1908268

-* Wed Aug 01 2018 Charalampos Stratakis <cstratak@redhat.com> - 5.11.1-2
- Rebuild for platform-python
+* Mon Feb 08 2021 Jan Grulich <jgrulich@redhat.com> - 5.15.2-12
+- Use Wayland platform on GNOME for RHEL 9

-* Wed Jun 27 2018 Jan Grulich <jgrulich@redhat.com> - 5.11.1-1
- Update to 5.11.1
+* Mon Feb 08 2021 Pavel Raiskup <praiskup@redhat.com> - 5.15.2-11
+- rebuild for libpq ABI fix rhbz#1908268

-* Wed Jun 27 2018 Jan Grulich <jgrulich@redhat.com> - 5.10.1-7
- Do not require qt-settings package
+* Sat Feb 06 2021 Rex Dieter <rdieter@fedoraproject.org> - 5.15.2-10
+- FTBFS: qendian.h (and qfloat16.h) missing <limits> include (QTBUG-90395)
+- Qt build on GCC 11 (QTBUG-89977)
+
+* Mon Feb 01 2021 Jan Grulich <jgrulich@redhat.com> - 5.15.2-9
+- Disable getentropy on RHEL
+
+* Fri Jan 29 2021 Jan Grulich <jgrulich@redhat.com> - 5.15.2-8
+- Disable statx and renameat2 on RHEL
+
+* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 5.15.2-7
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
+
+* Sat Dec 19 2020 Rex Dieter <rdieter@fedoraproject.org> - 5.15.2-6
+- rebuild (gcc11)
+
+* Mon Nov 30 2020 Rex Dieter <rdieter@fedoraproject.org> - 5.15.2-5
+- re-enable vulkan support on s390x, root cause fixed
+
+* Sun Nov 29 2020 Rex Dieter <rdieter@fedoraproject.org> - 5.15.2-4
+- drop vulkan support on s390x (#1902449)
+
+* Fri Nov 27 2020 Jan Grulich <jgrulich@redhat.com> - 5.15.2-3
+- Require qt-settings only in Fedora builds
+
+* Mon Nov 23 2020 Rex Dieter <rdieter@fedoraproject.org> - 5.15.2-2
+- -no-reduce-relocations (#1900527)
+
+* Fri Nov 20 09:27:41 CET 2020 Jan Grulich <jgrulich@redhat.com> - 5.15.2-1
+- 5.15.2
+
+* Tue Nov 03 2020 Sandro Mani <manisandro@gmail.com> - 5.15.1-7
+- Backport upstream fix for QTBUG-86319
+
+* Sun Oct 18 2020 Jeff Law <law@redhat.com> - 5.15.1-6
+- Fix missing #includes for gcc-11
+
+* Wed Sep 30 2020 Jan Grulich <jgrulich@redhat.com> - 5.15.1-5
+- Upstream fix: Emit QScreen::geometryChanged when the logical DPI changes
+
+* Tue Sep 29 2020 Yaroslav Fedevych <yaroslav@fedevych.name> - 5.15.1-4
+- qt5-qtbase-devel requires vulkan headers
+
+* Thu Sep 17 2020 Rex Dieter <rdieter@fedoraproject.org> - 5.15.1-3
+- enable vulkan support (#1794969)
+
+* Thu Sep 10 2020 Rex Dieter <rdieter@fedoraproject.org> - 5.15.1-2
+- CentOS8 - numpad do not work in KDE Plasma (#1868371)
+
+* Thu Sep 10 2020 Jan Grulich <jgrulich@redhat.com> - 5.15.1-1
+- 5.15.1
+
+* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 5.14.2-8
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Wed Jul 01 2020 Jeff Law <law@redhat.com> - 5.14.2-7
+- Disable LTO
+
+* Mon Jun 15 2020 Rex Dieter <rdieter@fedoraproject.org> - 5.14.2-6
+- Qt5 private header packaging breaks Qt5 Cmake files (#1846613)
+
+* Sat May 16 2020 Pete Walter <pwalter@fedoraproject.org> - 5.14.2-5
+- Rebuild for ICU 67
+
+* Tue Apr 14 2020 Rex Dieter <rdieter@fedoraproject.org> - 5.14.2-4
+- backport "Mutex deadlock in QPluginLoader, Krita fails to start" (QTBUG-83207)
+
+* Mon Apr 13 2020 Rex Dieter <rdieter@fedoraproject.org> - 5.14.2-3
+- %%build: -no-feature-relocatable + matching patch (#1823118)
+
+* Wed Apr 08 2020 Than Ngo <than@redhat.com> - 5.14.2-2
+- Fixed bz#1801370 - CVE-2015-9541 XML entity expansion vulnerability via a crafted SVG document
+
+* Sat Apr 04 2020 Rex Dieter <rdieter@fedoraproject.org> - 5.14.2-1
+- 5.14.2
+
+* Sun Mar 22 2020 Robert-André Mauchin <zebob.m@gmail.com> - 5.13.2-4
+- Upstream patch to add support for PostgreSQL 12 (#1815921)
+
+* Thu Jan 30 2020 Fedora Release Engineering <releng@fedoraproject.org> - 5.13.2-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
+* Mon Jan 20 2020 Than Ngo <than@redhat.com> - 5.13.2-2
+- upstream patches fix following issues:
+    Do-not-load-plugin-from-the-PWD
+    QLibrary-Unix-do-not-attempt-to-load-a-library-relat
+
+* Mon Dec 09 2019 Jan Grulich <jgrulich@redhat.com> - 5.13.2-1
+- 5.13.2
+
+* Fri Nov 01 2019 Pete Walter <pwalter@fedoraproject.org> - 5.12.5-2
+- Rebuild for ICU 65
+
+* Tue Sep 24 2019 Jan Grulich <jgrulich@redhat.com> - 5.12.5-1
+- 5.12.5
+
+* Wed Aug 21 2019 Rex Dieter <rdieter@fedoraproject.org> - 5.12.4-7
+- s/pkgconfig(egl)/libEGL-devel/
+
+* Fri Jul 26 2019 Fedora Release Engineering <releng@fedoraproject.org> - 5.12.4-6
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
+
+* Tue Jul 23 2019 Jan Grulich <jgrulich@redhat.com> - 5.12.4-5
+- Use qtwayland by default on Gnome Wayland sessions
+  Resolves: bz#1732129
+
+* Mon Jul 15 2019 Jan Grulich <jgrulich@redhat.com> - 5.12.4-4
+- Revert "Reset QWidget's winId when backing window surface is destroyed"
+
+* Fri Jun 28 2019 Rex Dieter <rdieter@fedoraproject.org> - 5.12.4-3
+- omit QTBUG-73231 patch fix, appears to introduce incompatible symbols
+
+* Wed Jun 26 2019 Rex Dieter <rdieter@fedoraproject.org> - 5.12.4-2
+- pull in some upstream crash fixes
+
+* Fri Jun 14 2019 Jan Grulich <jgrulich@redhat.com> - 5.12.4-1
+- 5.12.4
+
+* Wed Jun 12 2019 Rex Dieter <rdieter@fedoraproject.org> - 5.12.3-2
+- pull in candidate upstream nvidia/optima fix (kde#406180)
+
+* Tue Jun 04 2019 Jan Grulich <jgrulich@redhat.com> - 5.12.3-1
+- 5.12.3
+
+* Fri May 10 2019 Rex Dieter <rdieter@fedoraproject.org> - 5.12.1-7
+- Fix install targets for generated private headers (#1702858)
+
+* Wed May 08 2019 Rex Dieter <rdieter@fedoraproject.org> - 5.12.1-6
+- Blacklist nouveau and llvmpipe for multithreading (#1706420)
+- drop BR: pkgconfig(glesv2) on f31+, no longer provided in mesa-19.1+
+
+* Thu May 02 2019 Rex Dieter <rdieter@fedoraproject.org> - 5.12.1-5
+- keep mkspecs/modules/*_private.pri in -devel #1705280)
+
+* Tue Apr 30 2019 Rex Dieter <rdieter@fedoraproject.org> - 5.12.1-4
+- CMake generates wrong -isystem /usr/include compilations flags with Qt5::Gui (#1704474)
+
+* Tue Apr 30 2019 Rex Dieter <rdieter@fedoraproject.org> - 5.12.1-3
+- -private-devel subpkg, move Requires: cups-devel here
+
+* Mon Mar 04 2019 Rex Dieter <rdieter@fedoraproject.org> - 5.12.1-2
+- -devel: Requires: cups-devel
+
+* Thu Feb 14 2019 Rex Dieter <rdieter@fedoraproject.org> - 5.12.1-1
+- 5.12.1
+
+* Wed Feb 13 2019 Than Ngo <than@redhat.com> - 5.11.3-4
+- fixed build issue with gcc9
+
+* Sun Feb 03 2019 Rex Dieter <rdieter@fedoraproject.org> - 5.11.3-3
+- disable renameat2/statx feature on < f30 (#1668865)
+
+* Sat Feb 02 2019 Fedora Release Engineering <releng@fedoraproject.org> - 5.11.3-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
+
+* Fri Dec 07 2018 Rex Dieter <rdieter@fedoraproject.org> - 5.11.3-1
+- 5.11.3
+
+* Thu Oct 25 2018 Than Ngo <than@redhat.com> - 5.11.2-3
+- backported patch to fix selection rendering issues if rounding leads to left-out pixels
+- backported patch to optimize insertionPointsForLine
+
+* Thu Oct 11 2018 Rex Dieter <rdieter@fedoraproject.org> - 5.11.2-2
+- -no-use-gold-linker (#1635973)
+
+
+* Fri Sep 21 2018 Jan Grulich <jgrulich@redhat.com> - 5.11.2-1
+- 5.11.2
+
+* Thu Jul 26 2018 Than Ngo <than@redhat.com> - 5.11.1-7
+- fixed FTBFS
+
+* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 5.11.1-6
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
+
+* Tue Jul 10 2018 Pete Walter <pwalter@fedoraproject.org> - 5.11.1-5
+- Rebuild for ICU 62
+
+* Mon Jul 02 2018 Than Ngo <than@redhat.com> - 5.11.1-4
+- fixed bz#1597110 - BRP mangle shebangs and calculation of provides should ignore backups files
+
+* Fri Jun 29 2018 Rex Dieter <rdieter@fedoraproject.org> - 5.11.1-3
+- apply sse2-related multilib hack on < f29 only
+- safer %%_qt5_prefix, %%qt5_archdatadir ownership
+- rebuild for %%_qt5_prefix = %%_prefix
+
+* Sat Jun 23 2018 Than Ngo <than@redhat.com> - 5.11.1-2
+- fixed #1592146, python3
+
+* Tue Jun 19 2018 Rex Dieter <rdieter@fedoraproject.org> - 5.11.1-1
+- 5.11.1
+- relax qt5-rpm-macros dep
+- drop workaround for QTBUG-37417
+- drop CMake-Restore-qt5_use_modules-function.patch (upstreamed)
+
+* Mon Jun 18 2018 Rex Dieter <rdieter@fedoraproject.org> - 5.11.0-3
+- backport CMake-Restore-qt5_use_modules-function.patch
+- %%build: %%ix86 --no-sse2 on < f29 only
+
+* Wed May 30 2018 Rex Dieter <rdieter@fedoraproject.org> - 5.11.0-2
+- move libQt5EglFSDeviceIntegration to -gui (#1557223)
+
+* Tue May 22 2018 Rex Dieter <rdieter@fedoraproject.org> - 5.11.0-1
+- 5.11.0
+- drop support for inject_optflags (not used since f23)
+
+* Mon Apr 30 2018 Pete Walter <pwalter@fedoraproject.org> - 5.10.1-8
+- Rebuild for ICU 61.1
+
+* Thu Mar 08 2018 Rex Dieter <rdieter@fedoraproject.org> - 5.10.1-7
+- enforce qt5-rpm-macros versioning
+- BR: gcc-c++
+- Qt5.pc: fix version, add %%check

 * Fri Feb 23 2018 Rex Dieter <rdieter@fedoraproject.org> - 5.10.1-6
 - qt5-qtbase: RPM build flags only partially injected (#1543888)