update to new upstream

Signed-off-by: Toshaan Bharvani <toshaan@powerel.org>
6 months ago · c1af4e18d4
2 changed files with 50 additions and 8 deletions
--- a/SOURCES/qtsvg-CVE-2023-32573.patch
+++ b/SOURCES/qtsvg-CVE-2023-32573.patch
@ -0,0 +1,34 @@
				@@ -0,0 +1,34 @@
+--- a/src/svg/qsvgfont_p.h
+++ b/src/svg/qsvgfont_p.h
+@@ -74,6 +74,7 @@ public:
+ class Q_SVG_PRIVATE_EXPORT QSvgFont : public QSvgRefCounted
+ {
+ public:
+    static constexpr qreal DEFAULT_UNITS_PER_EM = 1000;
+     QSvgFont(qreal horizAdvX);
+
+     void setFamilyName(const QString &name);
+@@ -86,9 +87,7 @@ public:
+     void draw(QPainter *p, const QPointF &point, const QString &str, qreal pixelSize, Qt::Alignment alignment) const;
+ public:
+     QString m_familyName;
+-    qreal m_unitsPerEm;
+-    qreal m_ascent;
+-    qreal m_descent;
+    qreal m_unitsPerEm = DEFAULT_UNITS_PER_EM;
+     qreal m_horizAdvX;
+     QHash<QChar, QSvgGlyph> m_glyphs;
+ };
+
+
+--- a/src/svg/qsvghandler.cpp
+++ b/src/svg/qsvghandler.cpp
+@@ -2668,7 +2668,7 @@ static bool parseFontFaceNode(QSvgStyleProperty *parent,
+
+     qreal unitsPerEm = toDouble(unitsPerEmStr);
+     if (!unitsPerEm)
+-        unitsPerEm = 1000;
+        unitsPerEm = QSvgFont::DEFAULT_UNITS_PER_EM;
+
+     if (!name.isEmpty())
+         font->setFamilyName(name);
--- a/SPECS/qt5-qtsvg.spec
+++ b/SPECS/qt5-qtsvg.spec
@ -4,20 +4,16 @@
				@@ -4,20 +4,16 @@

 Summary: Qt5 - Support for rendering and displaying SVG
 Name:    qt5-%{qt_module}
-Version: 5.15.2
-Release: 8%{?dist}
+Version: 5.15.9
+Release: 2%{?dist}

 # See LGPL_EXCEPTIONS.txt, LICENSE.GPL3, respectively, for exception details
 License: LGPLv2 with exceptions or GPLv3 with exceptions
 Url:     http://www.qt.io
 %global majmin %(echo %{version} | cut -d. -f1-2)
-Source0: https://download.qt.io/official_releases/qt/%{majmin}/%{version}/submodules/%{qt_module}-everywhere-src-%{version}.tar.xz
+Source0: https://download.qt.io/official_releases/qt/%{majmin}/%{version}/submodules/%{qt_module}-everywhere-opensource-src-%{version}.tar.xz

-# upstream fix
-Patch0: qtsvg-5.15.2-clamp-parsed-doubles-to-float-representtable-values.patch
-
-# CVE-2021-45930 qt5-qtsvg: qt: out-of-bounds write may lead to DoS
-Patch1: qtsvg-do-stricter-error-checking-when-parsing-path-nodes.patch
+Patch0:  qtsvg-CVE-2023-32573.patch

 BuildRequires: make
 BuildRequires: qt5-qtbase-devel >= %{version}
@ -113,6 +109,18 @@ popd
				@@ -113,6 +109,18 @@ popd
 %endif

 %changelog
+* Thu May 18 2023 Jan Grulich <jgrulich@redhat.com> - 5.15.9-2
+- Fix uninitialized variable usage in m_unitsPerEm (CVE-2023-32573)
+  Resolves: bz#2208140
+
+* Tue Apr 18 2023 Jan Grulich <jgrulich@redhat.com> - 5.15.9-1
+- 5.15.9
+  Resolves: bz#2175742
+
+* Mon Mar 28 2022 Jan Grulich <jgrulich@redhat.com> - 5.15.3-1
+- 5.15.3
+  Resolves: bz#2061369
+
 * Tue Jan 11 2022 Jan Grulich <jgrulich@redhat.com> - 5.15.2-8
 - Fix out-of-bound write that may lead to DoS
  Resolves: bz#2038488