CVS commit: pkgsrc/x11/qt5-qtsvg

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/x11/qt5-qtsvg
From: "David H. Gutteridge" <gutteridge%netbsd.org@localhost>
Date: Sat, 20 Mar 2021 00:44:02 +0000

Module Name:    pkgsrc
Committed By:   gutteridge
Date:           Sat Mar 20 00:44:02 UTC 2021

Modified Files:
        pkgsrc/x11/qt5-qtsvg: Makefile distinfo
Added Files:
        pkgsrc/x11/qt5-qtsvg/patches: patch-src_svg_qsvghandler.cpp

Log Message:
qt5-qtsvg: add a security fix from upstream

This doesn't have a CVE assigned (yet); it's listed as a security fix
in Red Hat errata, etc. (https://bugzilla.redhat.com/show_bug.cgi?id=1931444)


To generate a diff of this commit:
cvs rdiff -u -r1.49 -r1.50 pkgsrc/x11/qt5-qtsvg/Makefile
cvs rdiff -u -r1.20 -r1.21 pkgsrc/x11/qt5-qtsvg/distinfo
cvs rdiff -u -r0 -r1.1 \
    pkgsrc/x11/qt5-qtsvg/patches/patch-src_svg_qsvghandler.cpp

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/x11/qt5-qtsvg/Makefile
diff -u pkgsrc/x11/qt5-qtsvg/Makefile:1.49 pkgsrc/x11/qt5-qtsvg/Makefile:1.50
--- pkgsrc/x11/qt5-qtsvg/Makefile:1.49  Sun Nov 29 22:33:23 2020
+++ pkgsrc/x11/qt5-qtsvg/Makefile       Sat Mar 20 00:44:01 2021
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.49 2020/11/29 22:33:23 dbj Exp $
+# $NetBSD: Makefile,v 1.50 2021/03/20 00:44:01 gutteridge Exp $
 
 DISTNAME=      qtsvg-everywhere-src-${QTVERSION}
 PKGNAME=       qt5-qtsvg-${QTVERSION}
-PKGREVISION=   1
+PKGREVISION=   2
 COMMENT=       Qt5 module for SVG
 
 BUILD_TARGET=          sub-src

Index: pkgsrc/x11/qt5-qtsvg/distinfo
diff -u pkgsrc/x11/qt5-qtsvg/distinfo:1.20 pkgsrc/x11/qt5-qtsvg/distinfo:1.21
--- pkgsrc/x11/qt5-qtsvg/distinfo:1.20  Sat Nov 21 11:22:34 2020
+++ pkgsrc/x11/qt5-qtsvg/distinfo       Sat Mar 20 00:44:01 2021
@@ -1,6 +1,7 @@
-$NetBSD: distinfo,v 1.20 2020/11/21 11:22:34 adam Exp $
+$NetBSD: distinfo,v 1.21 2021/03/20 00:44:01 gutteridge Exp $
 
 SHA1 (qtsvg-everywhere-src-5.15.2.tar.xz) = 08531b47924078cbde6dfbf56da83651d58f6a13
 RMD160 (qtsvg-everywhere-src-5.15.2.tar.xz) = 39c8cf9d5a9de89a46b5fd41c0416504cf32478c
 SHA512 (qtsvg-everywhere-src-5.15.2.tar.xz) = 101e9c8fc05b1bb9c4e869564bff8e5723dd35f0ef557185e56e9dc12fdce74c531522c9642cdff639900eccf7ed0e04bfa48142741259697dded990fb481730
 Size (qtsvg-everywhere-src-5.15.2.tar.xz) = 1886268 bytes
+SHA1 (patch-src_svg_qsvghandler.cpp) = a5148ae6caf1b2db9cc4a6f4de9967747c0a3932

Added files:

Index: pkgsrc/x11/qt5-qtsvg/patches/patch-src_svg_qsvghandler.cpp
diff -u /dev/null pkgsrc/x11/qt5-qtsvg/patches/patch-src_svg_qsvghandler.cpp:1.1
--- /dev/null   Sat Mar 20 00:44:02 2021
+++ pkgsrc/x11/qt5-qtsvg/patches/patch-src_svg_qsvghandler.cpp  Sat Mar 20 00:44:01 2021
@@ -0,0 +1,26 @@
+$NetBSD: patch-src_svg_qsvghandler.cpp,v 1.1 2021/03/20 00:44:01 gutteridge Exp $
+
+Fix out of bounds read in function QRadialFetchSimd from crafted svg file.
+https://bugreports.qt.io/browse/QTBUG-91507
+
+--- src/svg/qsvghandler.cpp.orig       2020-10-27 08:02:11.000000000 +0000
++++ src/svg/qsvghandler.cpp
+@@ -672,6 +672,9 @@ static qreal toDouble(const QChar *&str)
+             val = -val;
+     } else {
+         val = QByteArray::fromRawData(temp, pos).toDouble();
++        // Do not tolerate values too wild to be represented normally by floats
++        if (std::fpclassify(float(val)) != FP_NORMAL)
++            val = 0;
+     }
+     return val;
+ 
+@@ -3043,6 +3046,8 @@ static QSvgStyleProperty *createRadialGr
+         ncy = toDouble(cy);
+     if (!r.isEmpty())
+         nr = toDouble(r);
++    if (nr < 0.5)
++        nr = 0.5;
+ 
+     qreal nfx = ncx;
+     if (!fx.isEmpty())

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index