import qt5-qtsvg-5.15.15-1.el10

4 days ago · a67133601f
parent c7b2bb3c15
commit a67133601f
4 changed files with 73 additions and 81 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1 +1 @@
-SOURCES/qtsvg-everywhere-opensource-src-5.15.9.tar.xz
+SOURCES/qtsvg-everywhere-opensource-src-5.15.15.tar.xz
--- a/.qt5-qtsvg.metadata
+++ b/.qt5-qtsvg.metadata
@ -1 +1 @@
-0e2402a26d18744ef2479bda008ad620a6f45f37 SOURCES/qtsvg-everywhere-opensource-src-5.15.9.tar.xz
+9a8a2b35919c93fe4e539a6174ef6c4ff2118743  SOURCES/qtsvg-everywhere-opensource-src-5.15.15.tar.xz
--- a/SOURCES/qtsvg-CVE-2023-32573.patch
+++ b/SOURCES/qtsvg-CVE-2023-32573.patch
@ -1,34 +0,0 @@
--- a/src/svg/qsvgfont_p.h
-+++ b/src/svg/qsvgfont_p.h
-@@ -74,6 +74,7 @@ public:
- class Q_SVG_PRIVATE_EXPORT QSvgFont : public QSvgRefCounted
- {
- public:
-+    static constexpr qreal DEFAULT_UNITS_PER_EM = 1000;
-     QSvgFont(qreal horizAdvX);
-
-     void setFamilyName(const QString &name);
-@@ -86,9 +87,7 @@ public:
-     void draw(QPainter *p, const QPointF &point, const QString &str, qreal pixelSize, Qt::Alignment alignment) const;
- public:
-     QString m_familyName;
-    qreal m_unitsPerEm;
-    qreal m_ascent;
-    qreal m_descent;
-+    qreal m_unitsPerEm = DEFAULT_UNITS_PER_EM;
-     qreal m_horizAdvX;
-     QHash<QChar, QSvgGlyph> m_glyphs;
- };
-
-
--- a/src/svg/qsvghandler.cpp
-+++ b/src/svg/qsvghandler.cpp
-@@ -2668,7 +2668,7 @@ static bool parseFontFaceNode(QSvgStyleProperty *parent,
-
-     qreal unitsPerEm = toDouble(unitsPerEmStr);
-     if (!unitsPerEm)
-        unitsPerEm = 1000;
-+        unitsPerEm = QSvgFont::DEFAULT_UNITS_PER_EM;
-
-     if (!name.isEmpty())
-         font->setFamilyName(name);
--- a/SPECS/qt5-qtsvg.spec
+++ b/SPECS/qt5-qtsvg.spec
@ -1,20 +1,16 @@
 %global qt_module qtsvg

-%global build_tests 1
-
 Summary: Qt5 - Support for rendering and displaying SVG
 Name:    qt5-%{qt_module}
-Version: 5.15.9
-Release: 2%{?dist}
+Version: 5.15.15
+Release: 1%{?dist}

 # See LGPL_EXCEPTIONS.txt, LICENSE.GPL3, respectively, for exception details
-License: LGPLv2 with exceptions or GPLv3 with exceptions
+License: LGPL-3.0-only OR GPL-3.0-only WITH Qt-GPL-exception-1.0
 Url:     http://www.qt.io
 %global majmin %(echo %{version} | cut -d. -f1-2)
 Source0: https://download.qt.io/official_releases/qt/%{majmin}/%{version}/submodules/%{qt_module}-everywhere-opensource-src-%{version}.tar.xz

-Patch0:  qtsvg-CVE-2023-32573.patch
-
 BuildRequires: make
 BuildRequires: qt5-qtbase-devel >= %{version}
 BuildRequires: pkgconfig(zlib)
@ -40,14 +36,6 @@ Requires: %{name}%{?_isa} = %{version}-%{release}
 %description examples
 %{summary}.

-%if 0%{?build_tests}
-%package tests
-Summary: Unit tests for %{name}
-Requires: %{name}%{?_isa} = %{version}-%{release}
-
-%description tests
-%{summary}.
-%endif

 %prep
 %autosetup -n %{qt_module}-everywhere-src-%{version} -p1
@ -58,17 +46,10 @@ Requires: %{name}%{?_isa} = %{version}-%{release}

 %make_build

-%if 0%{?build_tests}
-%qt5_build_tests
-%endif

 %install
 make install INSTALL_ROOT=%{buildroot}

-%if 0%{?build_tests}
-%qt5_install_tests
-%endif
-
 ## .prl/.la file love
 # nuke .prl reference(s) to %%buildroot, excessive (.la-like) libs
 pushd %{buildroot}%{_qt5_libdir}
@ -103,38 +84,83 @@ popd
 %files examples
 %{_qt5_examplesdir}/

-%if 0%{?build_tests}
-%files tests
-%{_qt5_libdir}/qt5/tests
-%endif

 %changelog
-* Thu May 18 2023 Jan Grulich <jgrulich@redhat.com> - 5.15.9-2
- Fix uninitialized variable usage in m_unitsPerEm (CVE-2023-32573)
-  Resolves: bz#2208140
+* Wed Dec 25 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 5.15.15-1
+- Rebuilt for MSVSphere 10
+
+* Wed Sep 04 2024 Jan Grulich <jgrulich@redhat.com> - 5.15.15-1
+- 5.15.15
+
+* Fri Jul 19 2024 Fedora Release Engineering <releng@fedoraproject.org> - 5.15.14-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
+
+* Wed May 29 2024 Jan Grulich <jgrulich@redhat.com> - 5.15.14-1
+- 5.15.14
+
+* Thu Mar 14 2024 Jan Grulich <jgrulich@redhat.com> - 5.15.13-1
+- 5.15.13
+
+* Fri Jan 26 2024 Fedora Release Engineering <releng@fedoraproject.org> - 5.15.12-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
+
+* Mon Jan 22 2024 Fedora Release Engineering <releng@fedoraproject.org> - 5.15.12-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
+
+* Tue Jan 02 2024 Jan Grulich <jgrulich@redhat.com> - 5.15.12-1
+- 5.15.12

-* Tue Apr 18 2023 Jan Grulich <jgrulich@redhat.com> - 5.15.9-1
+* Fri Oct 06 2023 Jan Grulich <jgrulich@redhat.com> - 5.15.11-1
+- 5.15.11
+
+* Fri Jul 21 2023 Fedora Release Engineering <releng@fedoraproject.org> - 5.15.10-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
+
+* Mon Jun 12 2023 Jan Grulich <jgrulich@redhat.com> - 5.15.10-1
+- 5.15.10
+
+* Mon May 15 2023 Jan Grulich <jgrulich@redhat.com> - 5.15.9-2
+- QSvgFont: initialize used member, remove unused
+  Fixes: CVE-2023-32573
+
+* Tue Apr 11 2023 Jan Grulich <jgrulich@redhat.com> - 5.15.9-1
 - 5.15.9
-  Resolves: bz#2175742

-* Mon Mar 28 2022 Jan Grulich <jgrulich@redhat.com> - 5.15.3-1
- 5.15.3
-  Resolves: bz#2061369
+* Tue Jan 31 2023 Jan Grulich <jgrulich@redhat.com> - 5.15.8-3
+- migrated to SPDX license
+
+* Fri Jan 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 5.15.8-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
+
+* Thu Jan 05 2023 Jan Grulich <jgrulich@redhat.com> - 5.15.8-1
+- 5.15.8

-* Tue Jan 11 2022 Jan Grulich <jgrulich@redhat.com> - 5.15.2-8
- Fix out-of-bound write that may lead to DoS
-  Resolves: bz#2038488
+* Mon Oct 31 2022 Jan Grulich <jgrulich@redhat.com> - 5.15.7-1
+- 5.15.7
+
+* Tue Sep 20 2022 Jan Grulich <jgrulich@redhat.com> - 5.15.6-1
+- 5.15.6
+
+* Sat Jul 23 2022 Fedora Release Engineering <releng@fedoraproject.org> - 5.15.5-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
+
+* Wed Jul 13 2022 Jan Grulich <jgrulich@redhat.com> - 5.15.5-1
+- 5.15.5
+
+* Mon May 16 2022 Jan Grulich <jgrulich@redhat.com> - 5.15.4-1
+- 5.15.4
+
+* Fri Mar 04 2022 Jan Grulich <jgrulich@redhat.com> - 5.15.3-1
+- 5.15.3

-* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 5.15.2-7
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
-  Related: rhbz#1991688
+* Fri Jan 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 5.15.2-7
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild

-* Wed Jun 09 2021 Jan Grulich <jgrulich@redhat.com> - 5.15.2-6
- Add gating tests
-  Resolves: bz#1968474
+* Tue Jan 18 2022 Than Ngo <than@redhat.com> - 5.15.2-6
+- Resolves bz#2037341, CVE-2021-45930

-* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 5.15.2-5
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
+* Fri Jul 23 2021 Fedora Release Engineering <releng@fedoraproject.org> - 5.15.2-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild

 * Tue Mar 09 2021 Than Ngo <than@redhat.com> - 5.15.2-4
 - Resolves: #1931447, Out of bounds read in function QRadialFetchSimd from crafted svg file