package=native_qt
-$(package)_version=6.5.1
+$(package)_version=6.5.0
$(package)_download_path=https://download.qt.io/official_releases/qt/6.5/$($(package)_version)/submodules
$(package)_suffix=everywhere-src-$($(package)_version).tar.xz
$(package)_file_name=qtbase-$($(package)_suffix)
-$(package)_sha256_hash=db56fa1f4303a1189fe33418d25d1924931c7aef237f89eea9de58e858eebfed
+$(package)_sha256_hash=fde1aa7b4fbe64ec1b4fc576a57f4688ad1453d2fab59cbadd948a10a6eaf5ef
$(package)_dependencies=native_libxcb native_libxkbcommon
$(package)_qt_libs=corelib network widgets gui plugins testlib
$(package)_linguist_tools = lrelease lupdate lconvert
$(package)_patches += root_CMakeLists.txt
$(package)_qttools_file_name=qttools-$($(package)_suffix)
-$(package)_qttools_sha256_hash=5744df9e84b2a86f7f932ffc00341c7d7209e741fd1c0679a32b855fcceb2329
+$(package)_qttools_sha256_hash=49c33d96b0a44988be954269b8ce3d1a495b439726e03a6be7c0d50a686369c4
$(package)_qtsvg_file_name=qtsvg-$($(package)_suffix)
-$(package)_qtsvg_sha256_hash=d58d29491d44f0f59b684686a9898fec0e6c4fb7c09d9393b4e9c211fe9608ef
+$(package)_qtsvg_sha256_hash=64ca7e61f44d51e28bcbb4e0509299b53a9a7e38879e00a7fe91643196067a4f
$(package)_qtmultimedia_file_name=qtmultimedia-$($(package)_suffix)
-$(package)_qtmultimedia_sha256_hash=0b1fc560e1c8cdda1ddb13db832c3b595f7e4079118d4847d8de18d82464e1cc
+$(package)_qtmultimedia_sha256_hash=9480d0c73abdd01aec4899e340938cec046a3f404b9f9ed945288be574dca146
$(package)_qtshadertools_file_name=qtshadertools-$($(package)_suffix)
-$(package)_qtshadertools_sha256_hash=e5806761835944ef91d5aee0679e0c8231bf7a981e064480e65c751ebdf65052
+$(package)_qtshadertools_sha256_hash=86618d037f3071f1f7ac5eb7ab76ae4e6f51cfddded0a402bb9aa7f3f79f5775
$(package)_extra_sources += $($(package)_qttools_file_name)
$(package)_extra_sources += $($(package)_qtsvg_file_name)
package=qt
-$(package)_version=6.5.1
+$(package)_version=6.5.0
$(package)_download_path=https://download.qt.io/official_releases/qt/6.5/$($(package)_version)/submodules
$(package)_suffix=everywhere-src-$($(package)_version).tar.xz
$(package)_file_name=qtbase-$($(package)_suffix)
-$(package)_sha256_hash=db56fa1f4303a1189fe33418d25d1924931c7aef237f89eea9de58e858eebfed
+$(package)_sha256_hash=fde1aa7b4fbe64ec1b4fc576a57f4688ad1453d2fab59cbadd948a10a6eaf5ef
$(package)_darwin_dependencies=native_cctools native_qt openssl
$(package)_mingw32_dependencies=openssl native_qt native_libxkbcommon
$(package)_linux_dependencies=openssl native_qt freetype fontconfig libxcb libxkbcommon libxcb_util libxcb_util_render libxcb_util_keysyms libxcb_util_image libxcb_util_wm libxcb_util_cursor
$(package)_patches += windows_func_fix.patch
$(package)_patches += WindowsToolchain.cmake
+# Remove >= 6.5.1
+$(package)_patches += CVE-2023-32573-qtsvg-6.5.diff
+$(package)_patches += CVE-2023-32762-qtbase-6.5.diff
+$(package)_patches += CVE-2023-32763-qtbase-6.5.diff
+
$(package)_qttools_file_name=qttools-$($(package)_suffix)
-$(package)_qttools_sha256_hash=5744df9e84b2a86f7f932ffc00341c7d7209e741fd1c0679a32b855fcceb2329
+$(package)_qttools_sha256_hash=49c33d96b0a44988be954269b8ce3d1a495b439726e03a6be7c0d50a686369c4
$(package)_qtsvg_file_name=qtsvg-$($(package)_suffix)
-$(package)_qtsvg_sha256_hash=d58d29491d44f0f59b684686a9898fec0e6c4fb7c09d9393b4e9c211fe9608ef
+$(package)_qtsvg_sha256_hash=64ca7e61f44d51e28bcbb4e0509299b53a9a7e38879e00a7fe91643196067a4f
$(package)_qtwebsockets_file_name=qtwebsockets-$($(package)_suffix)
-$(package)_qtwebsockets_sha256_hash=6b8f66b250a675117aae35b48dbfc589619be2810a759ad1712a9cd20561da19
+$(package)_qtwebsockets_sha256_hash=bc087bd656bb34da120ccab6e927036a219f75fd88f1543744c426bfca616308
$(package)_qtmultimedia_file_name=qtmultimedia-$($(package)_suffix)
-$(package)_qtmultimedia_sha256_hash=0b1fc560e1c8cdda1ddb13db832c3b595f7e4079118d4847d8de18d82464e1cc
+$(package)_qtmultimedia_sha256_hash=9480d0c73abdd01aec4899e340938cec046a3f404b9f9ed945288be574dca146
$(package)_qtshadertools_file_name=qtshadertools-$($(package)_suffix)
-$(package)_qtshadertools_sha256_hash=e5806761835944ef91d5aee0679e0c8231bf7a981e064480e65c751ebdf65052
+$(package)_qtshadertools_sha256_hash=86618d037f3071f1f7ac5eb7ab76ae4e6f51cfddded0a402bb9aa7f3f79f5775
$(package)_extra_sources += $($(package)_qttools_file_name)
$(package)_extra_sources += $($(package)_qtsvg_file_name)
mv $($(package)_patch_dir)/arm64-apple-toolchain.cmake . && \
mv $($(package)_patch_dir)/gnueabihfToolchain.cmake . && \
mv $($(package)_patch_dir)/riscvToolchain.cmake . && \
- cd qtmultimedia && \
+ cd qtbase && \
+ patch -p1 -i $($(package)_patch_dir)/CVE-2023-32762-qtbase-6.5.diff && \
+ patch -p1 -i $($(package)_patch_dir)/CVE-2023-32763-qtbase-6.5.diff && \
+ cd ../qtsvg && \
+ patch -p1 -i $($(package)_patch_dir)/CVE-2023-32573-qtsvg-6.5.diff && \
+ cd ../qtmultimedia && \
patch -p1 -i $($(package)_patch_dir)/qtmultimedia-fixes.patch && \
patch -p1 -i $($(package)_patch_dir)/v4l2.patch
endef
--- /dev/null
+--- a/src/svg/qsvgfont_p.h
++++ b/src/svg/qsvgfont_p.h
+@@ -38,6 +38,7 @@ public:
+ class Q_SVG_PRIVATE_EXPORT QSvgFont : public QSvgRefCounted
+ {
+ public:
++ static constexpr qreal DEFAULT_UNITS_PER_EM = 1000;
+ QSvgFont(qreal horizAdvX);
+
+ void setFamilyName(const QString &name);
+@@ -50,9 +51,7 @@ public:
+ void draw(QPainter *p, const QPointF &point, const QString &str, qreal pixelSize, Qt::Alignment alignment) const;
+ public:
+ QString m_familyName;
+- qreal m_unitsPerEm;
+- qreal m_ascent;
+- qreal m_descent;
++ qreal m_unitsPerEm = DEFAULT_UNITS_PER_EM;
+ qreal m_horizAdvX;
+ QHash<QChar, QSvgGlyph> m_glyphs;
+ };
+
+
+--- a/src/svg/qsvghandler.cpp
++++ b/src/svg/qsvghandler.cpp
+@@ -2622,7 +2622,7 @@ static bool parseFontFaceNode(QSvgStyleProperty *parent,
+
+ qreal unitsPerEm = toDouble(unitsPerEmStr);
+ if (!unitsPerEm)
+- unitsPerEm = 1000;
++ unitsPerEm = QSvgFont::DEFAULT_UNITS_PER_EM;
+
+ if (!name.isEmpty())
+ font->setFamilyName(name);
+
+
--- /dev/null
+--- a/src/network/access/qhsts.cpp\r
++++ b/src/network/access/qhsts.cpp\r
+@@ -327,8 +327,8 @@ quoted-pair = "\" CHAR\r
+ bool QHstsHeaderParser::parse(const QList<QPair<QByteArray, QByteArray>> &headers)\r
+ {\r
+ for (const auto &h : headers) {\r
+- // We use '==' since header name was already 'trimmed' for us:\r
+- if (h.first == "Strict-Transport-Security") {\r
++ // We compare directly because header name was already 'trimmed' for us:\r
++ if (h.first.compare("Strict-Transport-Security", Qt::CaseInsensitive) == 0) {\r
+ header = h.second;\r
+ // RFC6797, 8.1:\r
+ //\r
--- /dev/null
+--- a/src/gui/painting/qfixed_p.h\r
++++ b/src/gui/painting/qfixed_p.h\r
+@@ -18,6 +18,7 @@\r
+ #include <QtGui/private/qtguiglobal_p.h>\r
+ #include "QtCore/qdebug.h"\r
+ #include "QtCore/qpoint.h"\r
++#include "QtCore/qnumeric.h"\r
+ #include "QtCore/qsize.h"\r
+\r
+ QT_BEGIN_NAMESPACE\r
+@@ -136,6 +137,22 @@ constexpr inline QFixed operator+(uint i, QFixed d) { return d+i; }\r
+ constexpr inline QFixed operator-(uint i, QFixed d) { return -(d-i); }\r
+ // constexpr inline QFixed operator*(qreal d, QFixed d2) { return d2*d; }\r
+\r
++inline bool qAddOverflow(QFixed v1, QFixed v2, QFixed *r)\r
++{\r
++ int val;\r
++ bool result = qAddOverflow(v1.value(), v2.value(), &val);\r
++ r->setValue(val);\r
++ return result;\r
++}\r
++\r
++inline bool qMulOverflow(QFixed v1, QFixed v2, QFixed *r)\r
++{\r
++ int val;\r
++ bool result = qMulOverflow(v1.value(), v2.value(), &val);\r
++ r->setValue(val);\r
++ return result;\r
++}\r
++\r
+ #ifndef QT_NO_DEBUG_STREAM\r
+ inline QDebug &operator<<(QDebug &dbg, QFixed f)\r
+ { return dbg << f.toReal(); }\r
+\r
+\r
+--- a/src/gui/text/qtextlayout.cpp\r
++++ b/src/gui/text/qtextlayout.cpp\r
+@@ -2164,9 +2164,12 @@ found:\r
+ eng->maxWidth = qMax(eng->maxWidth, line.textWidth);\r
+ } else {\r
+ eng->minWidth = qMax(eng->minWidth, lbh.minw);\r
+- eng->layoutData->currentMaxWidth += line.textWidth;\r
+- if (!manuallyWrapped)\r
+- eng->layoutData->currentMaxWidth += lbh.spaceData.textWidth;\r
++ if (qAddOverflow(eng->layoutData->currentMaxWidth, line.textWidth, &eng->layoutData->currentMaxWidth))\r
++ eng->layoutData->currentMaxWidth = QFIXED_MAX;\r
++ if (!manuallyWrapped) {\r
++ if (qAddOverflow(eng->layoutData->currentMaxWidth, lbh.spaceData.textWidth, &eng->layoutData->currentMaxWidth))\r
++ eng->layoutData->currentMaxWidth = QFIXED_MAX;\r
++ }\r
+ eng->maxWidth = qMax(eng->maxWidth, eng->layoutData->currentMaxWidth);\r
+ if (manuallyWrapped)\r
+ eng->layoutData->currentMaxWidth = 0;
\ No newline at end of file
projects / gamesguru / feather.git / commitdiff