From 479ae2e67a8a9e59e6d59a8810fa56fec05c47be Mon Sep 17 00:00:00 2001 From: weidong Date: Tue, 11 Jan 2022 13:54:55 +0800 Subject: [PATCH] Synv 20.03-lts to sp3 Signed-off-by: weidong --- CVE-2020-0570.patch | 47 +++++++++++++++++++++++++++++++++++++++++++++ qt.spec | 13 ++++++++++--- 2 files changed, 57 insertions(+), 3 deletions(-) create mode 100644 CVE-2020-0570.patch diff --git a/CVE-2020-0570.patch b/CVE-2020-0570.patch new file mode 100644 index 0000000..4fe2f4a --- /dev/null +++ b/CVE-2020-0570.patch @@ -0,0 +1,47 @@ +From 15d5017b8f61a4af9196ba8f802df75efb77a319 Mon Sep 17 00:00:00 2001 +From: Thiago Macieira +Date: Fri, 10 Jan 2020 09:26:27 -0800 +Subject: QLibrary/Unix: do not attempt to load a library relative to $PWD + +I added the code in commit 5219c37f7c98f37f078fee00fe8ca35d83ff4f5d to +find libraries in a haswell/ subdir of the main path, but we only need +to do that transformation if the library is contains at least one +directory seprator. That is, if the user asks to load "lib/foo", then we +should try "lib/haswell/foo" (often, the path prefix will be absolute). + +When the library name the user requested has no directory separators, we +let dlopen() do the transformation for us. Testing on Linux confirms +glibc does so: + +$ LD_DEBUG=libs /lib64/ld-linux-x86-64.so.2 --inhibit-cache ./qml -help +|& grep Xcurs or + 1972475: find library=libXcursor.so.1 [0]; searching + 1972475:trying file=/usr/lib64/haswell/avx512_1/libXcursor.so.1 + 1972475:trying file=/usr/lib64/haswell/libXcursor.so.1 + 1972475:trying file=/usr/lib64/libXcursor.so.1 + 1972475: calling init: /usr/lib64/libXcursor.so.1 + 1972475: calling fini: /usr/lib64/libXcursor.so.1 [0] + +Fixes: QTBUG-81272 +Change-Id: I596aec77785a4e4e84d5fffd15e89689bb91ffbb +Reviewed-by: Thiago Macieira +--- + src/corelib/plugin/qlibrary_unix.cpp | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/src/corelib/plugin/qlibrary_unix.cpp b/src/corelib/plugin/qlibrary_unix.cpp +index 90797a49..99c646e1 100644 +--- a/src/corelib/plugin/qlibrary_unix.cpp ++++ b/src/corelib/plugin/qlibrary_unix.cpp +@@ -209,6 +209,8 @@ bool QLibraryPrivate::load_sys() + for(int suffix = 0; retry && !pHnd && suffix < suffixes.size(); suffix++) { + if (!prefixes.at(prefix).isEmpty() && name.startsWith(prefixes.at(prefix))) + continue; ++ if (path.isEmpty() && prefixes.at(prefix).contains(QLatin1Char('/'))) ++ continue; + if (!suffixes.at(suffix).isEmpty() && name.endsWith(suffixes.at(suffix))) + continue; + if (loadHints & QLibrary::LoadArchiveMemberHint) { +-- +2.23.0 + diff --git a/qt.spec b/qt.spec index 3d84a6d..b5fb5b8 100644 --- a/qt.spec +++ b/qt.spec @@ -13,7 +13,7 @@ Name: qt Epoch: 1 Version: 4.8.7 -Release: 48 +Release: 50 Summary: A software toolkit for developing applications License: (LGPLv2 with exceptions or GPLv3 with exceptions) and ASL 2.0 and BSD and FTL and MIT URL: http://qt-project.org/ @@ -78,6 +78,7 @@ Patch6002: CVE-2018-19871.patch Patch6003: CVE-2018-19870.patch Patch6004: CVE-2018-19873.patch Patch6005: CVE-2020-17507.patch +Patch6006: CVE-2020-0570.patch BuildRequires: cups-devel desktop-file-utils gcc-c++ libjpeg-devel findutils libmng-devel libtiff-devel pkgconfig pkgconfig(alsa) BuildRequires: pkgconfig(dbus-1) pkgconfig(fontconfig) pkgconfig(glib-2.0) pkgconfig(icu-i18n) openssl-devel pkgconfig(libpng) @@ -444,8 +445,14 @@ fi %{_qt4_prefix}/examples/ %changelog -* Mon Sep 21 2020 shaoqiang kang - 1:4.8.7-48 -- fix CVE-2020-17507 and modify source0 +* Wed 14 Oct 2020 wangyue - 1:4.8.7-50 +- fix CVE-2020-0570 + +* Mon Sep 21 2020 shaoqiang kang - 1:4.8.7-49 +- fix CVE-2020-17507 + +* Tue Sep 15 2020 shaoqiang kang - 1:4.8.7-48 +- Modify source * Thu Mar 19 2020 yanglijin - 1:4.8.7-47 - add stack protector -- Gitee