diff --git a/kde-5.15-rollup-20220304.patch.gz b/kde-5.15-rollup-20220304.patch.gz deleted file mode 100644 index c7c69fb5a462ee45fec0a5769b448eb0c377c441..0000000000000000000000000000000000000000 Binary files a/kde-5.15-rollup-20220304.patch.gz and /dev/null differ diff --git a/kde-5.15-rollup-20220713.patch.gz b/kde-5.15-rollup-20220713.patch.gz new file mode 100644 index 0000000000000000000000000000000000000000..26e0c769f08160c997d4d29c7bb4d08bdbe8b802 Binary files /dev/null and b/kde-5.15-rollup-20220713.patch.gz differ diff --git a/qt5-qtbase.spec b/qt5-qtbase.spec index 7a618c3b9bed0c7a996950cf961d804c9442dce4..bf0115efb0a7858cb625aa5edc9514a532920279 100644 --- a/qt5-qtbase.spec +++ b/qt5-qtbase.spec @@ -1,7 +1,9 @@ -%define anolis_release 2 +%define anolis_release 1 %global openssl -openssl-linked %global zstd 1 +%global no_feature_statx -no-feature-statx +%global no_feature_renameat2 -no-feature-renameat2 %global no_feature_getentropy -no-feature-getentropy # support qtchooser (adds qtchooser .conf file) %global qtchooser 1 @@ -28,7 +30,7 @@ BuildRequires: pkgconfig(libsystemd) Name: qt5-qtbase Summary: Qt5 - QtBase components -Version: 5.15.3 +Version: 5.15.5 Release: %{anolis_release}%{?dist} # See LGPL_EXCEPTIONS.txt, for exception details @@ -46,11 +48,6 @@ Source6: 10-qt5-check-opengl2.sh Source10: macros.qt5-qtbase # support multilib optflags Patch2: qtbase-multilib_optflags.patch -# borrowed from opensuse -# track private api via properly versioned symbols -# downside: binaries produced with these differently-versioned symbols are no longer -# compatible with qt-project.org's Qt binary releases. -Patch8: tell-the-truth-about-private-api.patch # upstreamable patches # namespace QT_VERSION_CHECK to workaround major/minor being pre-defined (#1396755) Patch50: qtbase-opensource-src-5.8.0-QT_VERSION_CHECK.patch @@ -87,12 +84,12 @@ Patch90: %{name}-gcc11.patch ## upstream patches # https://invent.kde.org/qt/qt/qtbase, kde/5.15 branch -# git diff v5.15.3-lts-lgpl..HEAD | gzip > kde-5.15-rollup-$(date +%Y%m%d).patch.gz +# git diff v5.15.5-lts-lgpl..HEAD | gzip > kde-5.15-rollup-$(date +%Y%m%d).patch.gz # patch100 in lookaside cache due to large'ish size -- rdieter -Patch100: kde-5.15-rollup-20220304.patch.gz +Patch100: kde-5.15-rollup-20220713.patch.gz # HACK to make 'fedpkg sources' consider it 'used" -#Source100: kde-5.15-rollup-20220304.patch.gz -Patch102: qtbase-everywhere-src-5.15.2-CVE-2022-2525.patch +# Source100: kde-5.15-rollup-20220713.patch.gz +Patch101: qtbase-everywhere-src-5.15.4-cve-2021-38593.patch # Do not check any files in %%{_qt5_plugindir}/platformthemes/ for requires. # Those themes are there for platform integration. If the required libraries are @@ -311,9 +308,6 @@ Qt5 libraries used for drawing widgets and OpenGL items. ## upstream fixes -# omit '-b .tell-the-truth-about-private-api' so it doesn't end up in installed files -- rdieter -%patch8 -p1 - %patch50 -p1 -b .QT_VERSION_CHECK %patch52 -p1 -b .moc_macros %patch53 -p1 -b .qt5gui_cmake_isystem_includes @@ -331,7 +325,7 @@ Qt5 libraries used for drawing widgets and OpenGL items. ## upstream patches %patch100 -p1 -%patch102 -p1 +%patch101 -p1 # move some bundled libs to ensure they're not accidentally used pushd src/3rdparty @@ -484,7 +478,7 @@ translationdir=%{_qt5_translationdir} Name: Qt5 Description: Qt5 Configuration -Version: 5.15.3 +Version: 5.15.5 EOF # rpm macros @@ -979,6 +973,9 @@ fi %changelog +* Wed Jul 27 2022 Chunmei Xu - 5.15.5-1 +- update to 5.15.5 + * Tue Jul 26 2022 Chunmei Xu - 5.15.3-2 - remove dependency of qt_settings diff --git a/qtbase-everywhere-opensource-src-5.15.3.tar.xz b/qtbase-everywhere-opensource-src-5.15.5.tar.xz similarity index 80% rename from qtbase-everywhere-opensource-src-5.15.3.tar.xz rename to qtbase-everywhere-opensource-src-5.15.5.tar.xz index 282b9e1256ece91e21a2283e1ed14d1de4d12b80..95c85ca3ee20e2e6c5bbe27e2347391b5f83aa9b 100644 Binary files a/qtbase-everywhere-opensource-src-5.15.3.tar.xz and b/qtbase-everywhere-opensource-src-5.15.5.tar.xz differ diff --git a/qtbase-everywhere-src-5.15.2-CVE-2022-2525.patch b/qtbase-everywhere-src-5.15.2-CVE-2022-2525.patch deleted file mode 100644 index 998b25a5ac5461a18d24c5794b136a9c20a28e2a..0000000000000000000000000000000000000000 --- a/qtbase-everywhere-src-5.15.2-CVE-2022-2525.patch +++ /dev/null @@ -1,35 +0,0 @@ -diff --git a/src/corelib/io/qprocess_unix.cpp b/src/corelib/io/qprocess_unix.cpp -index 7a2daa2..cfd1ca3 100644 ---- a/src/corelib/io/qprocess_unix.cpp -+++ b/src/corelib/io/qprocess_unix.cpp -@@ -422,11 +422,11 @@ - // Add the program name to the argument list. - argv[0] = nullptr; - if (!program.contains(QLatin1Char('/'))) { -+ // findExecutable() returns its argument if it's an absolute path, -+ // otherwise it searches $PATH; returns empty if not found (we handle -+ // that case much later) - const QString &exeFilePath = QStandardPaths::findExecutable(program); -- if (!exeFilePath.isEmpty()) { -- const QByteArray &tmp = QFile::encodeName(exeFilePath); -- argv[0] = ::strdup(tmp.constData()); -- } -+ argv[0] = ::strdup(QFile::encodeName(exeFilePath).constData()); - } - if (!argv[0]) - argv[0] = ::strdup(encodedProgramName.constData()); -@@ -978,11 +978,10 @@ - QByteArray tmp; - if (!program.contains(QLatin1Char('/'))) { - const QString &exeFilePath = QStandardPaths::findExecutable(program); -- if (!exeFilePath.isEmpty()) -- tmp = QFile::encodeName(exeFilePath); -- } -- if (tmp.isEmpty()) -+ tmp = QFile::encodeName(exeFilePath); -+ } else { - tmp = QFile::encodeName(program); -+ } - argv[0] = tmp.data(); - - if (envp) diff --git a/qtbase-everywhere-src-5.15.4-cve-2021-38593.patch b/qtbase-everywhere-src-5.15.4-cve-2021-38593.patch new file mode 100644 index 0000000000000000000000000000000000000000..2e67854392ea24868dabbf188f8c3e58b6beb2dc --- /dev/null +++ b/qtbase-everywhere-src-5.15.4-cve-2021-38593.patch @@ -0,0 +1,12 @@ +diff -up qtbase-everywhere-src-5.15.4/src/gui/painting/qpaintengineex.cpp.me qtbase-everywhere-src-5.15.4/src/gui/painting/qpaintengineex.cpp +--- qtbase-everywhere-src-5.15.4/src/gui/painting/qpaintengineex.cpp.me 2022-05-30 14:21:52.215469841 +0200 ++++ qtbase-everywhere-src-5.15.4/src/gui/painting/qpaintengineex.cpp 2022-05-30 14:22:39.552558748 +0200 +@@ -426,7 +426,7 @@ void QPaintEngineEx::stroke(const QVecto + patternLength *= pw; + if (qFuzzyIsNull(patternLength)) { + pen.setStyle(Qt::NoPen); +- } else if (extent / patternLength > 10000) { ++ } else if (qFuzzyIsNull(extent) || extent / patternLength > 10000) { + // approximate stream of tiny dashes with semi-transparent solid line + pen.setStyle(Qt::SolidLine); + QColor color(pen.color()); diff --git a/tell-the-truth-about-private-api.patch b/tell-the-truth-about-private-api.patch deleted file mode 100644 index 2dbced4b8e32b37358c1f4fdb30f5d4c655d7bc1..0000000000000000000000000000000000000000 --- a/tell-the-truth-about-private-api.patch +++ /dev/null @@ -1,16 +0,0 @@ -diff --git a/mkspecs/features/qt_module.prf b/mkspecs/features/qt_module.prf -index e6a0d97..cf93041 100644 ---- a/mkspecs/features/qt_module.prf -+++ b/mkspecs/features/qt_module.prf -@@ -216,9 +216,9 @@ android: CONFIG += qt_android_deps no_linker_version_script - QMAKE_LFLAGS += $${QMAKE_LFLAGS_VERSION_SCRIPT}$$verscript - - internal_module { -- verscript_content = "Qt_$${QT_MAJOR_VERSION}_PRIVATE_API { *; };" -+ verscript_content = "Qt_$${QT_MAJOR_VERSION}.$${QT_MINOR_VERSION}.$${QT_PATCH_VERSION}_PRIVATE_API { *; };" - } else { -- verscript_content = "Qt_$${QT_MAJOR_VERSION}_PRIVATE_API {" \ -+ verscript_content = "Qt_$${QT_MAJOR_VERSION}.$${QT_MINOR_VERSION}.$${QT_PATCH_VERSION}_PRIVATE_API {" \ - " qt_private_api_tag*;" - - private_api_headers = $$SYNCQT.PRIVATE_HEADER_FILES $$SYNCQT.QPA_HEADER_FILES