diff --git a/CVE-2025-5455-qtbase-6.5.patch b/CVE-2025-5455-qtbase-6.5.patch new file mode 100644 index 0000000000000000000000000000000000000000..9adbb41cd11681ab1ac7164b634e899c5577cca3 --- /dev/null +++ b/CVE-2025-5455-qtbase-6.5.patch @@ -0,0 +1,22 @@ +diff --git a/src/corelib/io/qdataurl.cpp b/src/corelib/io/qdataurl.cpp +index 27fdaf58e69..974aee2539e 100644 +--- a/src/corelib/io/qdataurl.cpp ++++ b/src/corelib/io/qdataurl.cpp +@@ -42,10 +42,11 @@ Q_CORE_EXPORT bool qDecodeDataUrl(const QUrl &uri, QString &mimeType, QByteArray + } + + if (QLatin1StringView{data}.startsWith("charset"_L1, Qt::CaseInsensitive)) { +- qsizetype i = 7; // strlen("charset") +- while (data.at(i) == ' ') +- ++i; +- if (data.at(i) == '=') ++ qsizetype prefixSize = 7; // strlen("charset") ++ QByteArrayView copy(data.constData() + prefixSize, data.size() - prefixSize); ++ while (copy.startsWith(' ')) ++ copy = copy.sliced(1); ++ if (copy.startsWith('=')) + data.prepend("text/plain;"); + } + + + diff --git a/qt6-qtbase.spec b/qt6-qtbase.spec index e4efec504260a4fd69743e091c2922a65add6b97..f41237cfacbcf764f117e8f27e132399c784007b 100644 --- a/qt6-qtbase.spec +++ b/qt6-qtbase.spec @@ -27,7 +27,7 @@ BuildRequires: pkgconfig(libsystemd) Name: qt6-qtbase Summary: Qt6 - QtBase components Version: 6.5.2 -Release: 10 +Release: 11 License: LGPL-3.0-only OR GPL-3.0-only WITH Qt-GPL-exception-1.0 Url: http://qt-project.org/ @@ -92,6 +92,7 @@ Patch6006:qtbase6.5.2-CVE-2024-39936.patch Patch6007:qtbase6.5.2-CVE-2023-45935.patch Patch6008:qtbase6.5.2-CVE-2024-25580.patch Patch6009:qtbase6.5.2-CVE-2025-30348.patch +Patch6010:CVE-2025-5455-qtbase-6.5.patch # Do not check any files in %%{_qt6_plugindir}/platformthemes/ for requires. # Those themes are there for platform integration. If the required libraries are # not there, the platform to integrate with isn't either. Then Qt will just @@ -808,6 +809,9 @@ make check -k ||: %changelog +* Sat Jun 07 2025 Funda Wang - 6.5.2-11 +- fix CVE-2025-5455 + * Wed Apr 02 2025 Funda Wang - 6.5.2-10 - fix CVE-2025-30348