diff options
author | V3n3RiX <venerix@koprulu.sector> | 2023-05-24 03:01:18 +0100 |
---|---|---|
committer | V3n3RiX <venerix@koprulu.sector> | 2023-05-24 03:01:18 +0100 |
commit | a5d03e5440b3955446fba6d02de9f53ea4f6efc4 (patch) | |
tree | c1ef5c34e37665a48d85a29c5feadadb9622d627 /dev-qt/qtnetwork | |
parent | 456fc832c996a122c45240beb68820ab3c2ada40 (diff) |
gentoo auto-resync : 24:05:2023 - 03:01:18
Diffstat (limited to 'dev-qt/qtnetwork')
-rw-r--r-- | dev-qt/qtnetwork/Manifest | 3 | ||||
-rw-r--r-- | dev-qt/qtnetwork/files/qtnetwork-5.15.9-CVE-2023-32762.patch | 39 | ||||
-rw-r--r-- | dev-qt/qtnetwork/qtnetwork-5.15.9-r2.ebuild (renamed from dev-qt/qtnetwork/qtnetwork-5.15.9-r1.ebuild) | 5 |
3 files changed, 45 insertions, 2 deletions
diff --git a/dev-qt/qtnetwork/Manifest b/dev-qt/qtnetwork/Manifest index 36c8bee27089..2997aaa79d4d 100644 --- a/dev-qt/qtnetwork/Manifest +++ b/dev-qt/qtnetwork/Manifest @@ -1,7 +1,8 @@ +AUX qtnetwork-5.15.9-CVE-2023-32762.patch 1598 BLAKE2B 2d7a37066205b9eb75df0783d49bb36b71e7fe5ee65a391b9d5578c283c6058bec951b9587b27ca63b658254f9c540e54460ea2c4f6a8503fb25da31e8c6d969 SHA512 f89d96bb473e38fc069c8d0afa9c7339647af30948f40de6fc432f55e0d23ba01d0a1ef29145213afd6dbae6992a436baa693dcace982fd0a906d7118e73ad14 AUX qtnetwork-5.15.9-QDnsLookup-dont-overflow-the-buffer.patch 4180 BLAKE2B b85be10b7274322b10eb4ab654aa83621655a495be641dd7d66ebdfc10749fe2aeb333f02b8fa4703e48eefec56e8657375c921320a22e601c9117fe605782e2 SHA512 f6ea5c46c252a3781de1364878692e76950b68f48e51cf042565cb7da0632310e7b85abe52054bb4571638645c2affa6ab20374c6b7c5beaa0b441b85a34956c DIST qtbase-5.15-gentoo-patchset-4.tar.xz 4884 BLAKE2B ef1f11ea63084b834e19a9bd4c4a146e0d47f10e6c1f540a23db64ba6b0d42f46d63f54f93587deae9ac528f6824fa0e88177fe109a53aaee7d8328d49e364cd SHA512 1ae6630cef6bead9187aaaf7c420566b2c1f946bfa22cb983c52267c098e9b1c7b82c99204cbd3eed5eb6ebde0359726e260fd449618802735af465ca39f0a1d DIST qtbase-5.15.9-gentoo-kde-1.tar.xz 748840 BLAKE2B 6601efaba2bd9f64edec9ab24a562b2850fe85e088acb2913a06a4a97f82fea015ae9cf20908e5044a0170a2f837cf94a67ac6e870da8ea6e7603057b5683c1a SHA512 60e6c338136affc936c776c129fd2d6620f5e36db8ded32970d59e953bf843786a6deea6cb529488dbd58dfc7c8ea9e71580026fdda8b364596f095e8e9b7791 DIST qtbase-everywhere-opensource-src-5.15.9.tar.xz 50389220 BLAKE2B b1692f5907b7a262a8cad33d45935d76f72f2fb78b970b57fba76ef9f6789d1d7a435278a450ff1f3556c0846fa8dd8295707ead6adf21af6cd17fbe7f0d82f8 SHA512 2da78ea043c03fa4ff7c6a39c41a5d1b30af06248764e6f5eef3fe4aeb3f3d20e302fa7c5827112c89b6bc7c5c0c292454d127f9d7bb0d2031175f0f2c937ed3 -EBUILD qtnetwork-5.15.9-r1.ebuild 1681 BLAKE2B 6281de9484c05dfc94fc3a213cf64933a53da052c967d16cb461ce811026ab3024ea6ee0065dad7f6f58b533ecef5aebdcea983cf42e33ffb13e0aa5b38c8bc5 SHA512 d339def085d5c190144b486134e82184e2551b23717a288399014064c19e2f472554a11b2bf99dfb95f1ccabf3fae095a15d0f8c26303d547dfbc3b0af90902c +EBUILD qtnetwork-5.15.9-r2.ebuild 1723 BLAKE2B 732826c77d8aeac48a308a10ff1da949d91f3f931931ac0799e7a20a6f3b332a3115550897446c746012ca3e8b0deda737dd0059632180d36f1e8786e9595558 SHA512 e9e224f7dc8e2e6343d4e0d4c0cbb5bf79ce3b055d6b3654e50da0928201f350bc19de5b3eb165c17de6583c4cdf80c71fb1d55494035febf6cc7bd0793406e0 EBUILD qtnetwork-5.15.9.ebuild 1601 BLAKE2B 9cf47cc0adb7c85a2538161f2281e6e8dd4160b6aee2bc245e5837c1367a348478e17bca059d7d131b95ff6559c40ffb9641e72edce61134734637bd19471c33 SHA512 47873673446842b0afbbf0837ecd00aa8d7cd4d7cce5c095923a22a28fc8a419ec933b5e189b68b0be38b67b2677293d809ba26fa8a5b447c4f574129cacae7d MISC metadata.xml 877 BLAKE2B eefc4aa477bcc6ffb2a2fb0711861a9bd7c79af5c5febe0205da57a3fae7206f3ae96dffb8b57e15dfe2f1e26891691886e02984654556d3d53a269dde5ce757 SHA512 dad0239dceb378c1ad4f52c287fb5d61cc248ac533a3df3673b30c0f332eb5cd3a34255052afe2a42084bf1c1d6a1ee501723e43eb268ab5e215fb37f90bcf36 diff --git a/dev-qt/qtnetwork/files/qtnetwork-5.15.9-CVE-2023-32762.patch b/dev-qt/qtnetwork/files/qtnetwork-5.15.9-CVE-2023-32762.patch new file mode 100644 index 000000000000..7509414bd317 --- /dev/null +++ b/dev-qt/qtnetwork/files/qtnetwork-5.15.9-CVE-2023-32762.patch @@ -0,0 +1,39 @@ +From a196623892558623e467f20b67edb78794252a09 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?M=C3=A5rten=20Nordheim?= <marten.nordheim@qt.io> +Date: Fri, 5 May 2023 11:07:26 +0200 +Subject: [PATCH] Hsts: match header names case insensitively (CVE-2023-32762) + +Header field names are always considered to be case-insensitive. + +Pick-to: 6.5 6.5.1 6.2 5.15 +Fixes: QTBUG-113392 +Change-Id: Ifb4def4bb7f2ac070416cdc76581a769f1e52b43 +Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org> +Reviewed-by: Edward Welbourne <edward.welbourne@qt.io> +Reviewed-by: Volker Hilsheimer <volker.hilsheimer@qt.io> +(cherry picked from commit 1b736a815be0222f4b24289cf17575fc15707305) + +* asturmlechner 2023-05-23: Upstream backport to 5.15 taken from + https://www.qt.io/blog/security-advisory-qt-network +--- + src/network/access/qhsts.cpp | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/network/access/qhsts.cpp b/src/network/access/qhsts.cpp +index 0cef0ad3dc..be7ef7ff58 100644 +--- a/src/network/access/qhsts.cpp ++++ b/src/network/access/qhsts.cpp +@@ -364,8 +364,8 @@ quoted-pair = "\" CHAR + bool QHstsHeaderParser::parse(const QList<QPair<QByteArray, QByteArray>> &headers) + { + for (const auto &h : headers) { +- // We use '==' since header name was already 'trimmed' for us: +- if (h.first == "Strict-Transport-Security") { ++ // We compare directly because header name was already 'trimmed' for us: ++ if (h.first.compare("Strict-Transport-Security", Qt::CaseInsensitive) == 0) { + header = h.second; + // RFC6797, 8.1: + // +-- +2.40.1 + diff --git a/dev-qt/qtnetwork/qtnetwork-5.15.9-r1.ebuild b/dev-qt/qtnetwork/qtnetwork-5.15.9-r2.ebuild index 0566a4dd3c02..e3f87517c129 100644 --- a/dev-qt/qtnetwork/qtnetwork-5.15.9-r1.ebuild +++ b/dev-qt/qtnetwork/qtnetwork-5.15.9-r2.ebuild @@ -30,7 +30,10 @@ RDEPEND="${DEPEND} networkmanager? ( net-misc/networkmanager ) " -PATCHES=( "${FILESDIR}/${P}-QDnsLookup-dont-overflow-the-buffer.patch" ) +PATCHES=( + "${FILESDIR}/${P}-QDnsLookup-dont-overflow-the-buffer.patch" + "${FILESDIR}/${P}-CVE-2023-32762.patch" +) QT5_TARGET_SUBDIRS=( src/network |