diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000000000000000000000000000000000000..d87f5613ec4234f82f8eaeebc563711f587fdf88 --- /dev/null +++ b/.gitattributes @@ -0,0 +1 @@ +*.xz filter=lfs diff=lfs merge=lfs -text diff --git a/.lfsconfig b/.lfsconfig new file mode 100644 index 0000000000000000000000000000000000000000..575ef1ba080ee1c7316cfcde6250bb6631ff1821 --- /dev/null +++ b/.lfsconfig @@ -0,0 +1,2 @@ +[lfs] + url = https://artlfs.openeuler.openatom.cn/src-openEuler/qt6-qtbase diff --git a/qt6-qtbase.spec b/qt6-qtbase.spec index 2aa2c195208580f5b70bc3b64cf1c26e514ede55..5eea97aa28e926cf21e4898b009e26571915727f 100644 --- a/qt6-qtbase.spec +++ b/qt6-qtbase.spec @@ -27,7 +27,7 @@ BuildRequires: pkgconfig(libsystemd) Name: qt6-qtbase Summary: Qt6 - QtBase components Version: 6.5.2 -Release: 4 +Release: 5 License: LGPL-3.0-only OR GPL-3.0-only WITH Qt-GPL-exception-1.0 Url: http://qt-project.org/ @@ -88,6 +88,8 @@ Patch102: fix-build-error-of-libxkbcommon-1.6.0.patch Patch6001:qtbase6.5.2-CVE-2023-38197.patch Patch6003:qtbase6.5.1-CVE-2023-43114.patch Patch6004:qtbase6.5.2-CVE-2023-51714.patch +Patch6005:qtbase6.5.2-CVE-2024-33861.patch +Patch6006:qtbase6.5.2-CVE-2024-39936.patch # Do not check any files in %%{_qt6_plugindir}/platformthemes/ for requires. # Those themes are there for platform integration. If the required libraries are # not there, the platform to integrate with isn't either. Then Qt will just @@ -156,8 +158,7 @@ BuildRequires: pkgconfig(icu-i18n) BuildRequires: pkgconfig(libpcre2-16) >= 10.20 %global pcre 1 BuildRequires: pkgconfig(xcb-xkb) -BuildRequires: pkgconfig(xcb) pkgconfig(xcb-glx) pkgconfig(xcb-icccm) pkgconfig(xcb-image) pkgconfig(xcb-keysyms) pkgconfig(xcb-renderutil) -#BuildRequires: xcb-util-cursor-devel +BuildRequires: pkgconfig(xcb) pkgconfig(xcb-glx) pkgconfig(xcb-icccm) pkgconfig(xcb-image) pkgconfig(xcb-keysyms) pkgconfig(xcb-renderutil) pkgconfig(xcb-cursor) BuildRequires: pkgconfig(zlib) BuildRequires: perl BuildRequires: perl-generators @@ -635,6 +636,8 @@ make check -k ||: %{_qt6_libdir}/libQt6Test.so %{_qt6_libdir}/libQt6Widgets.prl %{_qt6_libdir}/libQt6Widgets.so +%{_qt6_libdir}/libQt6XcbQpa.prl +%{_qt6_libdir}/libQt6XcbQpa.so %{_qt6_libdir}/libQt6Xml.prl %{_qt6_libdir}/libQt6Xml.so %{_qt6_libdir}/libQt6EglFSDeviceIntegration.prl @@ -691,6 +694,7 @@ make check -k ||: %{_qt6_libdir}/cmake/Qt6Test/*.cmake %{_qt6_libdir}/cmake/Qt6Widgets/*.cmake %{_qt6_libdir}/cmake/Qt6WidgetsTools/*.cmake +%{_qt6_libdir}/cmake/Qt6XcbQpaPrivate/*.cmake %{_qt6_libdir}/cmake/Qt6Xml/*.cmake %{_qt6_libdir}/qt6/metatypes/*.json %{_qt6_libdir}/qt6/objects-RelWithDebInfo/ExampleIconsPrivate_resources_1/.rcc/qrc_example_icons.cpp.o @@ -743,8 +747,6 @@ make check -k ||: %{_qt6_plugindir}/sqldrivers/libqsqlpsql.so %{_qt6_libdir}/cmake/Qt6Sql/Qt6QPSQLDriverPlugin*.cmake -%ldconfig_scriptlets gui - %files gui %dir %{_sysconfdir}/X11/xinit %dir %{_sysconfdir}/X11/xinit/xinitrc.d/ @@ -754,6 +756,7 @@ make check -k ||: %{_qt6_libdir}/libQt6OpenGLWidgets.so.6* %{_qt6_libdir}/libQt6PrintSupport.so.6* %{_qt6_libdir}/libQt6Widgets.so.6* +%{_qt6_libdir}/libQt6XcbQpa.so.6* # Generic %{_qt6_plugindir}/generic/libqevdevkeyboardplugin.so %{_qt6_plugindir}/generic/libqevdevmouseplugin.so @@ -781,13 +784,16 @@ make check -k ||: %{_qt6_plugindir}/egldeviceintegrations/libqeglfs-x11-integration.so %{_qt6_plugindir}/egldeviceintegrations/libqeglfs-kms-egldevice-integration.so %{_qt6_plugindir}/egldeviceintegrations/libqeglfs-emu-integration.so +%{_qt6_plugindir}/xcbglintegrations/libqxcb-egl-integration.so %endif # Platforms %{_qt6_plugindir}/platforms/libqlinuxfb.so %{_qt6_plugindir}/platforms/libqminimal.so %{_qt6_plugindir}/platforms/libqoffscreen.so +%{_qt6_plugindir}/platforms/libqxcb.so %{_qt6_plugindir}/platforms/libqvnc.so %{_qt6_plugindir}/platforms/libqvkkhrdisplay.so +%{_qt6_plugindir}/xcbglintegrations/libqxcb-glx-integration.so # Platformthemes %{_qt6_plugindir}/platformthemes/libqxdgdesktopportal.so %{_qt6_plugindir}/platformthemes/libqgtk3.so @@ -795,6 +801,10 @@ make check -k ||: %changelog +* Wed Dec 11 2024 Funda Wang - 6.5.2-5 +- fix CVE-2024-33861, CVE-2024-39936 +- add missing xcb plugin + * Mon May 20 2024 Wenlong Zhang - 6.5.2-4 - fix build error for loongarch64 diff --git a/qtbase-everywhere-src-6.5.2.tar.xz b/qtbase-everywhere-src-6.5.2.tar.xz index 72ec95a168251a74bca05fe4b364345da501c6ba..02172bef5c24b7ba9b3552ff772b4dd0c0843ca9 100644 Binary files a/qtbase-everywhere-src-6.5.2.tar.xz and b/qtbase-everywhere-src-6.5.2.tar.xz differ diff --git a/qtbase6.5.2-CVE-2024-33861.patch b/qtbase6.5.2-CVE-2024-33861.patch new file mode 100644 index 0000000000000000000000000000000000000000..b70ba76481456793586d97c73118ff19baf652c4 --- /dev/null +++ b/qtbase6.5.2-CVE-2024-33861.patch @@ -0,0 +1,22 @@ +diff --git a/src/corelib/text/qstringconverter.cpp b/src/corelib/text/qstringconverter.cpp +index 6ca65ba6ad8..043b8f54151 100644 +--- a/src/corelib/text/qstringconverter.cpp ++++ b/src/corelib/text/qstringconverter.cpp +@@ -1966,7 +1966,7 @@ struct QStringConverterICU : QStringConverter + const void *context; + ucnv_getToUCallBack(icu_conv, &action, &context); + if (context != state) +- ucnv_setToUCallBack(icu_conv, action, &state, nullptr, nullptr, &err); ++ ucnv_setToUCallBack(icu_conv, action, state, nullptr, nullptr, &err); + + ucnv_toUnicode(icu_conv, &target, targetLimit, &source, sourceLimit, nullptr, flush, &err); + // We did reserve enough space: +@@ -1999,7 +1999,7 @@ struct QStringConverterICU : QStringConverter + const void *context; + ucnv_getFromUCallBack(icu_conv, &action, &context); + if (context != state) +- ucnv_setFromUCallBack(icu_conv, action, &state, nullptr, nullptr, &err); ++ ucnv_setFromUCallBack(icu_conv, action, state, nullptr, nullptr, &err); + + ucnv_fromUnicode(icu_conv, &target, targetLimit, &source, sourceLimit, nullptr, flush, &err); + // We did reserve enough space: diff --git a/qtbase6.5.2-CVE-2024-39936.patch b/qtbase6.5.2-CVE-2024-39936.patch new file mode 100644 index 0000000000000000000000000000000000000000..8dcf842f13ca5b2ea664778aa6aa9cead0a4f0f6 --- /dev/null +++ b/qtbase6.5.2-CVE-2024-39936.patch @@ -0,0 +1,138 @@ +diff --git a/src/network/access/qhttp2protocolhandler.cpp b/src/network/access/qhttp2protocolhandler.cpp +index ec100708600..80819105201 100644 +--- a/src/network/access/qhttp2protocolhandler.cpp ++++ b/src/network/access/qhttp2protocolhandler.cpp +@@ -339,12 +339,12 @@ bool QHttp2ProtocolHandler::sendRequest() + } + } + +- if (!prefaceSent && !sendClientPreface()) +- return false; +- + if (!requests.size()) + return true; + ++ if (!prefaceSent && !sendClientPreface()) ++ return false; ++ + m_channel->state = QHttpNetworkConnectionChannel::WritingState; + // Check what was promised/pushed, maybe we do not have to send a request + // and have a response already? +diff --git a/src/network/access/qhttpnetworkconnectionchannel.cpp b/src/network/access/qhttpnetworkconnectionchannel.cpp +index b9e1ae403cd..3cbe1b16f9e 100644 +--- a/src/network/access/qhttpnetworkconnectionchannel.cpp ++++ b/src/network/access/qhttpnetworkconnectionchannel.cpp +@@ -209,6 +209,10 @@ + bool QHttpNetworkConnectionChannel::sendRequest() + { + Q_ASSERT(protocolHandler); ++ if (waitingForPotentialAbort) { ++ needInvokeSendRequest = true; ++ return false; // this return value is unused ++ } + return protocolHandler->sendRequest(); + } + +@@ -221,21 +225,28 @@ + void QHttpNetworkConnectionChannel::sendRequestDelayed() + { + QMetaObject::invokeMethod(this, [this] { +- Q_ASSERT(protocolHandler); + if (reply) +- protocolHandler->sendRequest(); ++ sendRequest(); + }, Qt::ConnectionType::QueuedConnection); + } + + void QHttpNetworkConnectionChannel::_q_receiveReply() + { + Q_ASSERT(protocolHandler); ++ if (waitingForPotentialAbort) { ++ needInvokeReceiveReply = true; ++ return; ++ } + protocolHandler->_q_receiveReply(); + } + + void QHttpNetworkConnectionChannel::_q_readyRead() + { + Q_ASSERT(protocolHandler); ++ if (waitingForPotentialAbort) { ++ needInvokeReadyRead = true; ++ return; ++ } + protocolHandler->_q_readyRead(); + } + +@@ -1232,7 +1243,18 @@ + // Similar to HTTP/1.1 counterpart below: + const auto &h2Pairs = h2RequestsToSend.values(); // (request, reply) + const auto &pair = h2Pairs.first(); ++ waitingForPotentialAbort = true; + emit pair.second->encrypted(); ++ ++ // We don't send or handle any received data until any effects from ++ // emitting encrypted() have been processed. This is necessary ++ // because the user may have called abort(). We may also abort the ++ // whole connection if the request has been aborted and there is ++ // no more requests to send. ++ QMetaObject::invokeMethod(this, ++ &QHttpNetworkConnectionChannel::checkAndResumeCommunication, ++ Qt::QueuedConnection); ++ + // In case our peer has sent us its settings (window size, max concurrent streams etc.) + // let's give _q_receiveReply a chance to read them first ('invokeMethod', QueuedConnection). + QMetaObject::invokeMethod(connection, "_q_startNextRequest", Qt::QueuedConnection); +@@ -1250,6 +1272,28 @@ + } + } + ++ ++void QHttpNetworkConnectionChannel::checkAndResumeCommunication() ++{ ++ Q_ASSERT(connection->connectionType() == QHttpNetworkConnection::ConnectionTypeHTTP2 ++ || connection->connectionType() == QHttpNetworkConnection::ConnectionTypeHTTP2Direct); ++ ++ // Because HTTP/2 requires that we send a SETTINGS frame as the first thing we do, and respond ++ // to a SETTINGS frame with an ACK, we need to delay any handling until we can ensure that any ++ // effects from emitting encrypted() have been processed. ++ // This function is called after encrypted() was emitted, so check for changes. ++ ++ if (!reply && h2RequestsToSend.isEmpty()) ++ abort(); ++ waitingForPotentialAbort = false; ++ if (needInvokeReadyRead) ++ _q_readyRead(); ++ if (needInvokeReceiveReply) ++ _q_receiveReply(); ++ if (needInvokeSendRequest) ++ sendRequest(); ++} ++ + void QHttpNetworkConnectionChannel::requeueHttp2Requests() + { + QList h2Pairs = h2RequestsToSend.values(); +diff --git a/src/network/access/qhttpnetworkconnectionchannel_p.h b/src/network/access/qhttpnetworkconnectionchannel_p.h +index e38e56df160..76d5baef2e3 100644 +--- a/src/network/access/qhttpnetworkconnectionchannel_p.h ++++ b/src/network/access/qhttpnetworkconnectionchannel_p.h +@@ -73,6 +73,10 @@ public: + QAbstractSocket *socket; + bool ssl; + bool isInitialized; ++ bool waitingForPotentialAbort = false; ++ bool needInvokeReceiveReply = false; ++ bool needInvokeReadyRead = false; ++ bool needInvokeSendRequest = false; + ChannelState state; + QHttpNetworkRequest request; // current request, only used for HTTP + QHttpNetworkReply *reply; // current reply for this request, only used for HTTP +@@ -145,6 +149,8 @@ public: + void closeAndResendCurrentRequest(); + void resendCurrentRequest(); + ++ void checkAndResumeCommunication(); ++ + bool isSocketBusy() const; + bool isSocketWriting() const; + bool isSocketWaiting() const;