From 503f8c47fc31b80d3330671ff0603c5229b5e0d3 Mon Sep 17 00:00:00 2001 From: kang_xiao_qiang Date: Thu, 17 Sep 2020 16:52:12 +0800 Subject: [PATCH 1/2] modify source --- qt.spec | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/qt.spec b/qt.spec index 5b7cc5f..2b94bf8 100644 --- a/qt.spec +++ b/qt.spec @@ -13,11 +13,11 @@ Name: qt Epoch: 1 Version: 4.8.7 -Release: 47 +Release: 48 Summary: A software toolkit for developing applications License: (LGPLv2 with exceptions or GPLv3 with exceptions) and ASL 2.0 and BSD and FTL and MIT URL: http://qt-project.org/ -Source0: https://download.qt-project.org/official_releases/qt/4.8/%{version}/qt-everywhere-opensource-src-%{version}.tar.gz +Source0: https://download.qt.io/archive/qt/4.8/4.8.7/qt-everywhere-opensource-src-4.8.7.tar.gz Source1: qconfig-multilib.h Source2: assistant.desktop Source3: designer.desktop @@ -443,6 +443,9 @@ fi %{_qt4_prefix}/examples/ %changelog +* Thu Sep 17 2020 shaoqiang kang - 1:4.8.7-48 +- Modify source0 + * Thu Mar 19 2020 yanglijin - 1:4.8.7-47 - add stack protector -- Gitee From f5d508d7373eeb33f105eeea3669a5ddc06b07fa Mon Sep 17 00:00:00 2001 From: kang_xiao_qiang Date: Sun, 20 Sep 2020 17:58:43 +0800 Subject: [PATCH 2/2] fix cve --- CVE-2020-17507.patch | 28 ++++++++++++++++++++++++++++ qt.spec | 6 +++++- 2 files changed, 33 insertions(+), 1 deletion(-) create mode 100644 CVE-2020-17507.patch diff --git a/CVE-2020-17507.patch b/CVE-2020-17507.patch new file mode 100644 index 0000000..756ad15 --- /dev/null +++ b/CVE-2020-17507.patch @@ -0,0 +1,28 @@ +From 1a27a6cefbb457f2fb74159267835aaefb7c992d Mon Sep 17 00:00:00 2001 +From: Dmitry Shachnev +Date: Tue, 18 Aug 2020 16:16:57 +0300 +Subject: [PATCH] Backport upstream patch to fix buffer overflow in XBMparser. + +Closes: #968444, CVE-2020-17507. +--- + src/gui/image/qxbmhandler.cpp | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/src/gui/image/qxbmhandler.cpp b/src/gui/image/qxbmhandler.cpp +index 414e8233..7483b245 100644 +--- a/src/gui/image/qxbmhandler.cpp ++++ b/src/gui/image/qxbmhandler.cpp +@@ -154,7 +154,9 @@ static bool read_xbm_body(QIODevice *device, int w, int h, QImage *outImage) + w = (w+7)/8; // byte width + + while (y < h) { // for all encoded bytes... +- if (p) { // p = "0x.." ++ if (p && p < (buf + readBytes - 3)) { // p = "0x.." ++ if (!isxdigit(p[2]) || !isxdigit(p[3])) ++ return false; + *b++ = hex2byte(p+2); + p += 2; + if (++x == w && ++y < h) { +-- +2.23.0 + diff --git a/qt.spec b/qt.spec index 2b94bf8..eb22b88 100644 --- a/qt.spec +++ b/qt.spec @@ -13,7 +13,7 @@ Name: qt Epoch: 1 Version: 4.8.7 -Release: 48 +Release: 49 Summary: A software toolkit for developing applications License: (LGPLv2 with exceptions or GPLv3 with exceptions) and ASL 2.0 and BSD and FTL and MIT URL: http://qt-project.org/ @@ -77,6 +77,7 @@ Patch6001: CVE-2018-19872.patch Patch6002: CVE-2018-19871.patch Patch6003: CVE-2018-19870.patch Patch6004: CVE-2018-19873.patch +Patch44: CVE-2020-17507.patch BuildRequires: cups-devel desktop-file-utils gcc-c++ libjpeg-devel findutils libmng-devel libtiff-devel pkgconfig pkgconfig(alsa) BuildRequires: pkgconfig(dbus-1) pkgconfig(fontconfig) pkgconfig(glib-2.0) pkgconfig(icu-i18n) openssl-devel pkgconfig(libpng) @@ -443,6 +444,9 @@ fi %{_qt4_prefix}/examples/ %changelog +* Sun Sep 20 2020 shaoqiang kang - 1:4.8.7-49 +- fix CVE-2020-17507.patch + * Thu Sep 17 2020 shaoqiang kang - 1:4.8.7-48 - Modify source0 -- Gitee