From 42e82780761e75f17a5cc96626558a297782f385 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Sat, 10 Jun 2023 15:51:39 +0100 Subject: gentoo auto-resync : 10:06:2023 - 15:51:39 --- dev-qt/qtbase/Manifest | 8 +- .../qtbase/files/qtbase-6.5.0-CVE-2023-32762.patch | 54 ------ .../qtbase/files/qtbase-6.5.0-CVE-2023-33285.patch | 101 ----------- ...-6.5.0-setActiveWindow-deprecated-version.patch | 35 ---- .../qtbase/files/qtbase-6.5.1-CVE-2023-34410.patch | 54 ++++++ dev-qt/qtbase/qtbase-6.5.0-r3.ebuild | 193 --------------------- dev-qt/qtbase/qtbase-6.5.1.ebuild | 189 ++++++++++++++++++++ 7 files changed, 246 insertions(+), 388 deletions(-) delete mode 100644 dev-qt/qtbase/files/qtbase-6.5.0-CVE-2023-32762.patch delete mode 100644 dev-qt/qtbase/files/qtbase-6.5.0-CVE-2023-33285.patch delete mode 100644 dev-qt/qtbase/files/qtbase-6.5.0-setActiveWindow-deprecated-version.patch create mode 100644 dev-qt/qtbase/files/qtbase-6.5.1-CVE-2023-34410.patch delete mode 100644 dev-qt/qtbase/qtbase-6.5.0-r3.ebuild create mode 100644 dev-qt/qtbase/qtbase-6.5.1.ebuild (limited to 'dev-qt/qtbase') diff --git a/dev-qt/qtbase/Manifest b/dev-qt/qtbase/Manifest index 29e80d7ee5e6..def4801572f2 100644 --- a/dev-qt/qtbase/Manifest +++ b/dev-qt/qtbase/Manifest @@ -1,6 +1,4 @@ -AUX qtbase-6.5.0-CVE-2023-32762.patch 2425 BLAKE2B 3a69063ebf4e94debe19eb97747e7fcbae626177ae265d44a4cca5576584192b6d878d65241dbc2c6e791ae8e7163835d274bc3387fe4035901a8d7c9e14470a SHA512 6631f772416fdd1d870fc98377617003d892e100357995b540d9e6abb5fedc9620a69042d8ba64fa72f3c03728a084e04cf8bf6256ba02dde8236060de9bfa79 -AUX qtbase-6.5.0-CVE-2023-33285.patch 4119 BLAKE2B cb1cb7e9a5feebc56e9e6c0707bef0eba45574d2e4a41f46a7735ffcf94c5c3db6c6a9531cb50074466888582e02eb353f48f79e82ed3e60b167f14d63cf059a SHA512 a2e4e75a1cefc83ac3deeac9e55d20bc9dfe79b7fc738863b88320f49d0de4362a8f3e05269e61b3e675b77d7a728254903fdda2ebd19a2b7b93a43e4674cfe4 -AUX qtbase-6.5.0-setActiveWindow-deprecated-version.patch 1237 BLAKE2B 5a0dee47bded6460d4643964b54bcccde2a286b6d8ffe6201781814fe6a19f2ec5d07c91bdda68004cc5a516e74a7437fba4959326d150d93ece9e834756d2ba SHA512 019d88b27295a62087f27c655afced7f59576bcb2faa8c791a303f8254d359fa006f6a2aafd665812c646c535665783cc2b1a0dfa26043407122ef462b260d06 -DIST qtbase-everywhere-src-6.5.0.tar.xz 48020636 BLAKE2B 234000eeb6e1b57a1c7561613bf437453fc2db0d23d5ddd61c38961311a7de5263c086864554aff7a0bc1e5a406af78ef8342eed3c8a5f48b9237912614f380b SHA512 29f70b9a9650afdd8e34703a7a8191feab4c3a25d0bc3a41010ea842389335b24e2685721fdb4a03653475ebd9bf8a8e4f4a77bf5d64b1289590b5ca0e4623f3 -EBUILD qtbase-6.5.0-r3.ebuild 5141 BLAKE2B f854b8898d8badde636833732fb1e4a5497d7be6f539b17296d62e3a5de6f76d935f8cce1cbdf530eaae217a974857f8ca22969975368627955975f69530a4ab SHA512 6e59666648f738ded48583135a299773c13a5fe8106f613b3ceac526e43cdcca641b7118edd25348d1341e8ec582ec565e1fba96522269ac22e3c80f05a7c38b +AUX qtbase-6.5.1-CVE-2023-34410.patch 2731 BLAKE2B a0b894782aad05e904e76112391df4895606fa95cdd6365bdfcf5096be769750c4e3c5a331a43498d5a4c84b712a4df595eb4c629fa47e458fda6475c7ff8451 SHA512 eb19ff548835ca208d1209fc8c712dfb2cca91170b23535e87879e843d599bf5d4939b2f3d9c47ef73c238ff8c939f6fd85f0b5300ee97457a4bae76d0d29f67 +DIST qtbase-everywhere-src-6.5.1.tar.xz 48287392 BLAKE2B 47872492f21a936d980891c28df61591380bc236adc66b57a90fbb87dd292cdeb3c632fb1159231ba40142d25e02944e4c5e8568153f1286e0a1abc8c5b26699 SHA512 7f7b20bbc25cda65266d6067cdd68e3e077636988d67dbf5783f79a61186135fb3a36d57ac72cfe4501012035b630ab1f5849148e4817726d4f459fa1937e91a +EBUILD qtbase-6.5.1.ebuild 5024 BLAKE2B 7f1a1ee51b3a887c8f8331102a2b4c96276164af8e03ceadc3fd1392fc6c603e8aed11ecb6c1d068bd5668fe59cc49420837ad0cc9a9427c90ce532e7720e370 SHA512 032e019184ab6c78aae283dbdc7595b6f62844f75b62a8b299b40d692c8100ddb9277b8a204b1f38767929bdb1ae2f14e023f0e31fe35789b56c3b8839e0160e MISC metadata.xml 1762 BLAKE2B fd53799e4a3668fb8d32798f1d128df86aaa7181563655ffb71d6c15a7bab33e5fb08f3c5b41695e8fee4a46f5a5216030d0aeb0927eaeec387136ec66964a8f SHA512 6e05599e981d07f7a6d79eda9e1ef9e41383e05aec5442fed8a46be87245b6e9a77fb9b469fe656f9fdd29ffb69767136c0922baed3c5448ca8c58ee70ad713d diff --git a/dev-qt/qtbase/files/qtbase-6.5.0-CVE-2023-32762.patch b/dev-qt/qtbase/files/qtbase-6.5.0-CVE-2023-32762.patch deleted file mode 100644 index 3574706fcd85..000000000000 --- a/dev-qt/qtbase/files/qtbase-6.5.0-CVE-2023-32762.patch +++ /dev/null @@ -1,54 +0,0 @@ -From eae7c36d681acfb82572b56e24bbb2cd42242e57 Mon Sep 17 00:00:00 2001 -From: =?utf8?q?M=C3=A5rten=20Nordheim?= -Date: Fri, 5 May 2023 11:07:26 +0200 -Subject: [PATCH] Hsts: match header names case insensitively - -Header field names are always considered to be case-insensitive. - -Fixes: QTBUG-113392 -Change-Id: Ifb4def4bb7f2ac070416cdc76581a769f1e52b43 -Reviewed-by: Qt CI Bot -Reviewed-by: Edward Welbourne -Reviewed-by: Volker Hilsheimer -(cherry picked from commit 1b736a815be0222f4b24289cf17575fc15707305) -Reviewed-by: Qt Cherry-pick Bot ---- - src/network/access/qhsts.cpp | 4 ++-- - tests/auto/network/access/hsts/tst_qhsts.cpp | 6 ++++++ - 2 files changed, 8 insertions(+), 2 deletions(-) - -diff --git a/src/network/access/qhsts.cpp b/src/network/access/qhsts.cpp -index 39905f354807..82deede17298 100644 ---- a/src/network/access/qhsts.cpp -+++ b/src/network/access/qhsts.cpp -@@ -327,8 +327,8 @@ quoted-pair = "\" CHAR - bool QHstsHeaderParser::parse(const QList> &headers) - { - for (const auto &h : headers) { -- // We use '==' since header name was already 'trimmed' for us: -- if (h.first == "Strict-Transport-Security") { -+ // We compare directly because header name was already 'trimmed' for us: -+ if (h.first.compare("Strict-Transport-Security", Qt::CaseInsensitive) == 0) { - header = h.second; - // RFC6797, 8.1: - // -diff --git a/tests/auto/network/access/hsts/tst_qhsts.cpp b/tests/auto/network/access/hsts/tst_qhsts.cpp -index 252f5e8f5792..97a2d2889e57 100644 ---- a/tests/auto/network/access/hsts/tst_qhsts.cpp -+++ b/tests/auto/network/access/hsts/tst_qhsts.cpp -@@ -216,6 +216,12 @@ void tst_QHsts::testSTSHeaderParser() - QVERIFY(parser.expirationDate() > QDateTime::currentDateTimeUtc()); - QVERIFY(parser.includeSubDomains()); - -+ list.pop_back(); -+ list << Header("strict-transport-security", "includeSubDomains;max-age=1000"); -+ QVERIFY(parser.parse(list)); -+ QVERIFY(parser.expirationDate() > QDateTime::currentDateTimeUtc()); -+ QVERIFY(parser.includeSubDomains()); -+ - list.pop_back(); - // Invalid (includeSubDomains twice): - list << Header("Strict-Transport-Security", "max-age = 1000 ; includeSubDomains;includeSubDomains"); --- -2.16.3 - diff --git a/dev-qt/qtbase/files/qtbase-6.5.0-CVE-2023-33285.patch b/dev-qt/qtbase/files/qtbase-6.5.0-CVE-2023-33285.patch deleted file mode 100644 index c982cce36e9e..000000000000 --- a/dev-qt/qtbase/files/qtbase-6.5.0-CVE-2023-33285.patch +++ /dev/null @@ -1,101 +0,0 @@ -From a2dc11b37fd71f785c342c40549f54edfdd1a6f8 Mon Sep 17 00:00:00 2001 -From: Thiago Macieira -Date: Thu, 11 May 2023 21:40:15 -0700 -Subject: [PATCH] QDnsLookup/Unix: make sure we don't overflow the buffer -MIME-Version: 1.0 -Content-Type: text/plain; charset=utf8 -Content-Transfer-Encoding: 8bit - -The DNS Records are variable length and encode their size in 16 bits -before the Record Data (RDATA). Ensure that both the RDATA and the -Record header fields before it fall inside the buffer we have. - -Additionally reject any replies containing more than one query records. - -[ChangeLog][QtNetwork][QDnsLookup] Fixed a bug that could cause a buffer -overflow in Unix systems while parsing corrupt, malicious, or truncated -replies. - -Pick-to: 5.15 6.2 6.5.1 -Change-Id: I3e3bfef633af4130a03afffd175e4b9547654b95 -Reviewed-by: MÃ¥rten Nordheim -Reviewed-by: Jani Heikkinen -(cherry picked from commit 7dba2c87619d558a61a30eb30cc1d9c3fe6df94c) -Reviewed-by: Daniel Smith ---- - src/network/kernel/qdnslookup_unix.cpp | 31 +++++++++++++++++++++++++------ - 1 file changed, 25 insertions(+), 6 deletions(-) - -diff --git a/src/network/kernel/qdnslookup_unix.cpp b/src/network/kernel/qdnslookup_unix.cpp -index 8db79028f775..ad7bb51f67a5 100644 ---- a/src/network/kernel/qdnslookup_unix.cpp -+++ b/src/network/kernel/qdnslookup_unix.cpp -@@ -193,7 +193,6 @@ void QDnsLookupRunnable::query(const int requestType, const QByteArray &requestN - // responseLength in case of error, we still can extract the - // exact error code from the response. - HEADER *header = (HEADER*)response; -- const int answerCount = ntohs(header->ancount); - switch (header->rcode) { - case NOERROR: - break; -@@ -227,18 +226,31 @@ void QDnsLookupRunnable::query(const int requestType, const QByteArray &requestN - return; - } - -- // Skip the query host, type (2 bytes) and class (2 bytes). - char host[PACKETSZ], answer[PACKETSZ]; - unsigned char *p = response + sizeof(HEADER); -- int status = local_dn_expand(response, response + responseLength, p, host, sizeof(host)); -- if (status < 0) { -+ int status; -+ -+ if (ntohs(header->qdcount) == 1) { -+ // Skip the query host, type (2 bytes) and class (2 bytes). -+ status = local_dn_expand(response, response + responseLength, p, host, sizeof(host)); -+ if (status < 0) { -+ reply->error = QDnsLookup::InvalidReplyError; -+ reply->errorString = tr("Could not expand domain name"); -+ return; -+ } -+ if ((p - response) + status + 4 >= responseLength) -+ header->qdcount = 0xffff; // invalid reply below -+ else -+ p += status + 4; -+ } -+ if (ntohs(header->qdcount) > 1) { - reply->error = QDnsLookup::InvalidReplyError; -- reply->errorString = tr("Could not expand domain name"); -+ reply->errorString = tr("Invalid reply received"); - return; - } -- p += status + 4; - - // Extract results. -+ const int answerCount = ntohs(header->ancount); - int answerIndex = 0; - while ((p < response + responseLength) && (answerIndex < answerCount)) { - status = local_dn_expand(response, response + responseLength, p, host, sizeof(host)); -@@ -250,6 +262,11 @@ void QDnsLookupRunnable::query(const int requestType, const QByteArray &requestN - const QString name = QUrl::fromAce(host); - - p += status; -+ -+ if ((p - response) + 10 > responseLength) { -+ // probably just a truncated reply, return what we have -+ return; -+ } - const quint16 type = (p[0] << 8) | p[1]; - p += 2; // RR type - p += 2; // RR class -@@ -257,6 +274,8 @@ void QDnsLookupRunnable::query(const int requestType, const QByteArray &requestN - p += 4; - const quint16 size = (p[0] << 8) | p[1]; - p += 2; -+ if ((p - response) + size > responseLength) -+ return; // truncated - - if (type == QDnsLookup::A) { - if (size != 4) { --- -2.16.3 - diff --git a/dev-qt/qtbase/files/qtbase-6.5.0-setActiveWindow-deprecated-version.patch b/dev-qt/qtbase/files/qtbase-6.5.0-setActiveWindow-deprecated-version.patch deleted file mode 100644 index 0ba60e01e02a..000000000000 --- a/dev-qt/qtbase/files/qtbase-6.5.0-setActiveWindow-deprecated-version.patch +++ /dev/null @@ -1,35 +0,0 @@ -Upstream commit: https://code.qt.io/cgit/qt/qtbase.git/commit/?h=6.5&id=bbb330c95fd - -From bbb330c95fdf6161b23227cb08cec58cca31e465 Mon Sep 17 00:00:00 2001 -From: Nicolas Fella -Date: Tue, 14 Mar 2023 19:14:41 +0100 -Subject: QApplication: Fix DEPRECATED_VERSION for setActiveWindow - -It's not deprecated in 6.4, only 6.5 - -Change-Id: I86a09b9ce5a7f4d8b1d80a6e67218dfe00f93844 -Reviewed-by: Volker Hilsheimer -(cherry picked from commit 99975ec07feb6b1a9f6be9e0d392a35e40f9550a) -Reviewed-by: Qt Cherry-pick Bot ---- - src/widgets/kernel/qapplication.h | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/widgets/kernel/qapplication.h b/src/widgets/kernel/qapplication.h -index c4c73d4cf8..fd698fb69f 100644 ---- a/src/widgets/kernel/qapplication.h -+++ b/src/widgets/kernel/qapplication.h -@@ -79,8 +79,8 @@ public: - - static QWidget *activeWindow(); - --#if QT_DEPRECATED_SINCE(6,4) -- QT_DEPRECATED_VERSION_X_6_4("Use QWidget::activateWindow() instead.") -+#if QT_DEPRECATED_SINCE(6, 5) -+ QT_DEPRECATED_VERSION_X_6_5("Use QWidget::activateWindow() instead.") - static void setActiveWindow(QWidget* act); - #endif - --- -cgit v1.2.3 - diff --git a/dev-qt/qtbase/files/qtbase-6.5.1-CVE-2023-34410.patch b/dev-qt/qtbase/files/qtbase-6.5.1-CVE-2023-34410.patch new file mode 100644 index 000000000000..6f1264709e01 --- /dev/null +++ b/dev-qt/qtbase/files/qtbase-6.5.1-CVE-2023-34410.patch @@ -0,0 +1,54 @@ +From: https://lists.qt-project.org/pipermail/development/2023-June/044031.html + +--- a/src/plugins/tls/schannel/qtls_schannel.cpp ++++ b/src/plugins/tls/schannel/qtls_schannel.cpp +@@ -2106,6 +2106,27 @@ bool TlsCryptographSchannel::verifyCertContext(CERT_CONTEXT *certContext) + verifyDepth = DWORD(q->peerVerifyDepth()); + + const auto &caCertificates = q->sslConfiguration().caCertificates(); ++ ++ if (!rootCertOnDemandLoadingAllowed() ++ && !(chain->TrustStatus.dwErrorStatus & CERT_TRUST_IS_PARTIAL_CHAIN) ++ && (q->peerVerifyMode() == QSslSocket::VerifyPeer ++ || (isClient && q->peerVerifyMode() == QSslSocket::AutoVerifyPeer))) { ++ // When verifying a peer Windows "helpfully" builds a chain that ++ // may include roots from the system store. But we don't want that if ++ // the user has set their own CA certificates. ++ // Since Windows claims this is not a partial chain the root is included ++ // and we have to check that it is one of our configured CAs. ++ CERT_CHAIN_ELEMENT *element = chain->rgpElement[chain->cElement - 1]; ++ QSslCertificate certificate = getCertificateFromChainElement(element); ++ if (!caCertificates.contains(certificate)) { ++ auto error = QSslError(QSslError::CertificateUntrusted, certificate); ++ sslErrors += error; ++ emit q->peerVerifyError(error); ++ if (q->state() != QAbstractSocket::ConnectedState) ++ return false; ++ } ++ } ++ + QList peerCertificateChain; + for (DWORD i = 0; i < verifyDepth; i++) { + CERT_CHAIN_ELEMENT *element = chain->rgpElement[i]; + +--- a/src/network/ssl/qsslsocket.cpp ++++ b/src/network/ssl/qsslsocket.cpp +@@ -1973,6 +1973,10 @@ QSslSocketPrivate::QSslSocketPrivate() + , flushTriggered(false) + { + QSslConfigurationPrivate::deepCopyDefaultConfiguration(&configuration); ++ // If the global configuration doesn't allow root certificates to be loaded ++ // on demand then we have to disable it for this socket as well. ++ if (!configuration.allowRootCertOnDemandLoading) ++ allowRootCertOnDemandLoading = false; + + const auto *tlsBackend = tlsBackendInUse(); + if (!tlsBackend) { +@@ -2281,6 +2285,7 @@ void QSslConfigurationPrivate::deepCopyDefaultConfiguration(QSslConfigurationPri + ptr->sessionProtocol = global->sessionProtocol; + ptr->ciphers = global->ciphers; + ptr->caCertificates = global->caCertificates; ++ ptr->allowRootCertOnDemandLoading = global->allowRootCertOnDemandLoading; + ptr->protocol = global->protocol; + ptr->peerVerifyMode = global->peerVerifyMode; + ptr->peerVerifyDepth = global->peerVerifyDepth; diff --git a/dev-qt/qtbase/qtbase-6.5.0-r3.ebuild b/dev-qt/qtbase/qtbase-6.5.0-r3.ebuild deleted file mode 100644 index c0afe61d6725..000000000000 --- a/dev-qt/qtbase/qtbase-6.5.0-r3.ebuild +++ /dev/null @@ -1,193 +0,0 @@ -# Copyright 2021-2023 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -inherit qt6-build - -DESCRIPTION="Cross-platform application development framework" - -if [[ ${QT6_BUILD_TYPE} == release ]]; then - KEYWORDS="~amd64" -fi - -# Qt Modules -IUSE="+concurrent +dbus +gui +network +sql opengl +widgets +xml zstd" -REQUIRED_USE=" - opengl? ( gui ) - widgets? ( gui ) - X? ( || ( evdev libinput ) ) -" - -QTGUI_IUSE="accessibility egl eglfs evdev gles2-only +jpeg +libinput tslib tuio vulkan +X" -QTNETWORK_IUSE="brotli gssapi libproxy sctp +ssl vnc" -QTSQL_IUSE="freetds mysql oci8 odbc postgres +sqlite" -IUSE+=" ${QTGUI_IUSE} ${QTNETWORK_IUSE} ${QTSQL_IUSE} cups gtk icu systemd +udev" -# QtPrintSupport = QtGui + QtWidgets enabled. -# ibus = xkbcommon + dbus, and xkbcommon needs either libinput or X -REQUIRED_USE+=" - $(printf '%s? ( gui ) ' ${QTGUI_IUSE//+/}) - $(printf '%s? ( network ) ' ${QTNETWORK_IUSE//+/}) - $(printf '%s? ( sql ) ' ${QTSQL_IUSE//+/}) - accessibility? ( dbus X ) - cups? ( gui widgets ) - eglfs? ( egl ) - gtk? ( widgets ) - gui? ( || ( eglfs X ) || ( libinput X ) ) - libinput? ( udev ) - sql? ( || ( freetds mysql oci8 odbc postgres sqlite ) ) - vnc? ( gui ) - X? ( gles2-only? ( egl ) ) -" - -# TODO: -# qtimageformats: mng not done yet, qtimageformats.git upstream commit 9443239c -# qtnetwork: connman, networkmanager -DEPEND=" - app-crypt/libb2 - dev-libs/double-conversion:= - dev-libs/glib:2 - dev-libs/libpcre2:=[pcre16,unicode] - dev-util/gtk-update-icon-cache - media-libs/fontconfig - >=media-libs/freetype-2.6.1:2 - >=media-libs/harfbuzz-1.6.0:= - media-libs/tiff:= - >=sys-apps/dbus-1.4.20 - sys-libs/zlib:= - brotli? ( app-arch/brotli:= ) - evdev? ( sys-libs/mtdev ) - freetds? ( dev-db/freetds ) - gles2-only? ( media-libs/libglvnd ) - !gles2-only? ( media-libs/libglvnd[X] ) - gssapi? ( virtual/krb5 ) - gtk? ( - x11-libs/gtk+:3 - x11-libs/libX11 - x11-libs/pango - ) - gui? ( media-libs/libpng:= ) - icu? ( dev-libs/icu:= ) - !icu? ( virtual/libiconv ) - jpeg? ( media-libs/libjpeg-turbo:= ) - libinput? ( - dev-libs/libinput:= - >=x11-libs/libxkbcommon-0.5.0 - ) - libproxy? ( net-libs/libproxy ) - mysql? ( dev-db/mysql-connector-c:= ) - oci8? ( dev-db/oracle-instantclient:=[sdk] ) - odbc? ( dev-db/unixODBC ) - postgres? ( dev-db/postgresql:* ) - sctp? ( kernel_linux? ( net-misc/lksctp-tools ) ) - sqlite? ( dev-db/sqlite:3 ) - ssl? ( dev-libs/openssl:= ) - systemd? ( sys-apps/systemd:= ) - tslib? ( >=x11-libs/tslib-1.21 ) - udev? ( virtual/libudev:= ) - vulkan? ( dev-util/vulkan-headers ) - X? ( - x11-libs/libdrm - x11-libs/libICE - x11-libs/libSM - x11-libs/libX11 - >=x11-libs/libxcb-1.12:= - >=x11-libs/libxkbcommon-0.5.0[X] - x11-libs/xcb-util-cursor - x11-libs/xcb-util-image - x11-libs/xcb-util-keysyms - x11-libs/xcb-util-renderutil - x11-libs/xcb-util-wm - ) - zstd? ( app-arch/zstd:= ) -" -RDEPEND="${DEPEND}" - -PATCHES=( - "${FILESDIR}/${PN}-6.5.0-setActiveWindow-deprecated-version.patch" - "${FILESDIR}/${PN}-6.5.0-CVE-2023-32762.patch" - "${FILESDIR}/${PN}-6.5.0-CVE-2023-33285.patch" -) - -src_configure() { - local mycmakeargs=( - -DINSTALL_ARCHDATADIR=${QT6_ARCHDATADIR} - -DINSTALL_BINDIR=${QT6_BINDIR} - -DINSTALL_DATADIR=${QT6_DATADIR} - -DINSTALL_DOCDIR=${QT6_DOCDIR} - -DINSTALL_EXAMPLESDIR=${QT6_EXAMPLESDIR} - -DINSTALL_INCLUDEDIR=${QT6_HEADERDIR} - -DINSTALL_LIBDIR=${QT6_LIBDIR} - -DINSTALL_LIBEXECDIR=${QT6_LIBEXECDIR} - -DINSTALL_MKSPECSDIR=${QT6_ARCHDATADIR}/mkspecs - -DINSTALL_PLUGINSDIR=${QT6_PLUGINDIR} - -DINSTALL_QMLDIR=${QT6_QMLDIR} - -DINSTALL_SYSCONFDIR=${QT6_SYSCONFDIR} - -DINSTALL_TRANSLATIONSDIR=${QT6_TRANSLATIONDIR} - -DQT_FEATURE_androiddeployqt=OFF - $(qt_feature concurrent) - $(qt_feature dbus) - $(qt_feature gui) - $(qt_feature gui testlib) - $(qt_feature icu) - $(qt_feature network) - $(qt_feature sql) - $(qt_feature systemd journald) - $(qt_feature udev libudev) - $(qt_feature xml) - $(qt_feature zstd) - ) - use gui && mycmakeargs+=( - $(qt_feature accessibility accessibility_atspi_bridge) - $(qt_feature egl) - $(qt_feature egl xcb_egl_plugin) - $(qt_feature eglfs eglfs_egldevice) - $(qt_feature eglfs eglfs_gbm) - $(qt_feature evdev) - $(qt_feature evdev mtdev) - -DQT_FEATURE_gif=ON - $(qt_feature jpeg) - $(qt_feature opengl) - $(qt_feature gles2-only opengles2) - $(qt_feature libinput) - $(qt_feature tslib) - $(qt_feature tuio tuiotouch) - $(qt_feature vulkan) - $(qt_feature widgets) - $(qt_feature X xcb) - $(qt_feature X xcb_xlib) - ) - use widgets && mycmakeargs+=( - $(qt_feature cups) - $(qt_feature gtk gtk3) - ) - if use libinput || use X; then - mycmakeargs+=( -DQT_FEATURE_xkbcommon=ON ) - fi - use network && mycmakeargs+=( - $(qt_feature brotli) - $(qt_feature gssapi) - $(qt_feature libproxy) - $(qt_feature sctp) - $(qt_feature ssl openssl) - $(qt_feature vnc) - ) - use sql && mycmakeargs+=( - $(qt_feature freetds sql_tds) - $(qt_feature mysql sql_mysql) - $(qt_feature oci8 sql_oci) - $(qt_feature odbc sql_odbc) - $(qt_feature postgres sql_psql) - $(qt_feature sqlite sql_sqlite) - $(qt_feature sqlite system_sqlite) - ) - - qt6-build_src_configure -} - -src_install() { - qt6-build_src_install - - # https://bugs.gentoo.org/863395 - qt6_symlink_binary_to_path qmake 6 -} diff --git a/dev-qt/qtbase/qtbase-6.5.1.ebuild b/dev-qt/qtbase/qtbase-6.5.1.ebuild new file mode 100644 index 000000000000..770570eb3710 --- /dev/null +++ b/dev-qt/qtbase/qtbase-6.5.1.ebuild @@ -0,0 +1,189 @@ +# Copyright 2021-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit qt6-build + +DESCRIPTION="Cross-platform application development framework" + +if [[ ${QT6_BUILD_TYPE} == release ]]; then + KEYWORDS="~amd64" +fi + +# Qt Modules +IUSE="+concurrent +dbus +gui +network +sql opengl +widgets +xml zstd" +REQUIRED_USE=" + opengl? ( gui ) + widgets? ( gui ) + X? ( || ( evdev libinput ) ) +" + +QTGUI_IUSE="accessibility egl eglfs evdev gles2-only +jpeg +libinput tslib tuio vulkan +X" +QTNETWORK_IUSE="brotli gssapi libproxy sctp +ssl vnc" +QTSQL_IUSE="freetds mysql oci8 odbc postgres +sqlite" +IUSE+=" ${QTGUI_IUSE} ${QTNETWORK_IUSE} ${QTSQL_IUSE} cups gtk icu systemd +udev" +# QtPrintSupport = QtGui + QtWidgets enabled. +# ibus = xkbcommon + dbus, and xkbcommon needs either libinput or X +REQUIRED_USE+=" + $(printf '%s? ( gui ) ' ${QTGUI_IUSE//+/}) + $(printf '%s? ( network ) ' ${QTNETWORK_IUSE//+/}) + $(printf '%s? ( sql ) ' ${QTSQL_IUSE//+/}) + accessibility? ( dbus X ) + cups? ( gui widgets ) + eglfs? ( egl ) + gtk? ( widgets ) + gui? ( || ( eglfs X ) || ( libinput X ) ) + libinput? ( udev ) + sql? ( || ( freetds mysql oci8 odbc postgres sqlite ) ) + vnc? ( gui ) + X? ( gles2-only? ( egl ) ) +" + +# TODO: +# qtimageformats: mng not done yet, qtimageformats.git upstream commit 9443239c +# qtnetwork: connman, networkmanager +DEPEND=" + app-crypt/libb2 + dev-libs/double-conversion:= + dev-libs/glib:2 + dev-libs/libpcre2:=[pcre16,unicode] + dev-util/gtk-update-icon-cache + media-libs/fontconfig + >=media-libs/freetype-2.6.1:2 + >=media-libs/harfbuzz-1.6.0:= + media-libs/tiff:= + >=sys-apps/dbus-1.4.20 + sys-libs/zlib:= + brotli? ( app-arch/brotli:= ) + evdev? ( sys-libs/mtdev ) + freetds? ( dev-db/freetds ) + gles2-only? ( media-libs/libglvnd ) + !gles2-only? ( media-libs/libglvnd[X] ) + gssapi? ( virtual/krb5 ) + gtk? ( + x11-libs/gtk+:3 + x11-libs/libX11 + x11-libs/pango + ) + gui? ( media-libs/libpng:= ) + icu? ( dev-libs/icu:= ) + !icu? ( virtual/libiconv ) + jpeg? ( media-libs/libjpeg-turbo:= ) + libinput? ( + dev-libs/libinput:= + >=x11-libs/libxkbcommon-0.5.0 + ) + libproxy? ( net-libs/libproxy ) + mysql? ( dev-db/mysql-connector-c:= ) + oci8? ( dev-db/oracle-instantclient:=[sdk] ) + odbc? ( dev-db/unixODBC ) + postgres? ( dev-db/postgresql:* ) + sctp? ( kernel_linux? ( net-misc/lksctp-tools ) ) + sqlite? ( dev-db/sqlite:3 ) + ssl? ( dev-libs/openssl:= ) + systemd? ( sys-apps/systemd:= ) + tslib? ( >=x11-libs/tslib-1.21 ) + udev? ( virtual/libudev:= ) + vulkan? ( dev-util/vulkan-headers ) + X? ( + x11-libs/libdrm + x11-libs/libICE + x11-libs/libSM + x11-libs/libX11 + >=x11-libs/libxcb-1.12:= + >=x11-libs/libxkbcommon-0.5.0[X] + x11-libs/xcb-util-cursor + x11-libs/xcb-util-image + x11-libs/xcb-util-keysyms + x11-libs/xcb-util-renderutil + x11-libs/xcb-util-wm + ) + zstd? ( app-arch/zstd:= ) +" +RDEPEND="${DEPEND}" + +PATCHES=( "${FILESDIR}/${PN}-6.5.1-CVE-2023-34410.patch" ) + +src_configure() { + local mycmakeargs=( + -DINSTALL_ARCHDATADIR=${QT6_ARCHDATADIR} + -DINSTALL_BINDIR=${QT6_BINDIR} + -DINSTALL_DATADIR=${QT6_DATADIR} + -DINSTALL_DOCDIR=${QT6_DOCDIR} + -DINSTALL_EXAMPLESDIR=${QT6_EXAMPLESDIR} + -DINSTALL_INCLUDEDIR=${QT6_HEADERDIR} + -DINSTALL_LIBDIR=${QT6_LIBDIR} + -DINSTALL_LIBEXECDIR=${QT6_LIBEXECDIR} + -DINSTALL_MKSPECSDIR=${QT6_ARCHDATADIR}/mkspecs + -DINSTALL_PLUGINSDIR=${QT6_PLUGINDIR} + -DINSTALL_QMLDIR=${QT6_QMLDIR} + -DINSTALL_SYSCONFDIR=${QT6_SYSCONFDIR} + -DINSTALL_TRANSLATIONSDIR=${QT6_TRANSLATIONDIR} + -DQT_FEATURE_androiddeployqt=OFF + $(qt_feature concurrent) + $(qt_feature dbus) + $(qt_feature gui) + $(qt_feature gui testlib) + $(qt_feature icu) + $(qt_feature network) + $(qt_feature sql) + $(qt_feature systemd journald) + $(qt_feature udev libudev) + $(qt_feature xml) + $(qt_feature zstd) + ) + use gui && mycmakeargs+=( + $(qt_feature accessibility accessibility_atspi_bridge) + $(qt_feature egl) + $(qt_feature egl xcb_egl_plugin) + $(qt_feature eglfs eglfs_egldevice) + $(qt_feature eglfs eglfs_gbm) + $(qt_feature evdev) + $(qt_feature evdev mtdev) + -DQT_FEATURE_gif=ON + $(qt_feature jpeg) + $(qt_feature opengl) + $(qt_feature gles2-only opengles2) + $(qt_feature libinput) + $(qt_feature tslib) + $(qt_feature tuio tuiotouch) + $(qt_feature vulkan) + $(qt_feature widgets) + $(qt_feature X xcb) + $(qt_feature X xcb_xlib) + ) + use widgets && mycmakeargs+=( + $(qt_feature cups) + $(qt_feature gtk gtk3) + ) + if use libinput || use X; then + mycmakeargs+=( -DQT_FEATURE_xkbcommon=ON ) + fi + use network && mycmakeargs+=( + $(qt_feature brotli) + $(qt_feature gssapi) + $(qt_feature libproxy) + $(qt_feature sctp) + $(qt_feature ssl openssl) + $(qt_feature vnc) + ) + use sql && mycmakeargs+=( + $(qt_feature freetds sql_tds) + $(qt_feature mysql sql_mysql) + $(qt_feature oci8 sql_oci) + $(qt_feature odbc sql_odbc) + $(qt_feature postgres sql_psql) + $(qt_feature sqlite sql_sqlite) + $(qt_feature sqlite system_sqlite) + ) + + qt6-build_src_configure +} + +src_install() { + qt6-build_src_install + + # https://bugs.gentoo.org/863395 + qt6_symlink_binary_to_path qmake 6 +} -- cgit v1.2.3