-
qt4-x11 (4:4.8.5+git192-g085f851+dfsg-2ubuntu4.1) trusty-security; urgency=medium
* SECURITY UPDATE: denial of service via crafted GIF image
- debian/patches/CVE-2014-0190.patch: check for broken image in
src/gui/image/qgifhandler.cpp.
- CVE-2014-0190
* SECURITY UPDATE: denial of service via crafted BMP
- debian/patches/CVE-2015-0295.patch: fix division by zero in
src/gui/image/qbmphandler.cpp.
- CVE-2015-0295
* SECURITY UPDATE: denial of service and possible code execution via
crafted BMP or ICO images
- debian/patches/CVE-2015-1858-1859.patch: move check to better
location in src/gui/image/qbmphandler.cpp, check depth in
src/plugins/imageformats/ico/qicohandler.cpp.
- CVE-2015-1858
- CVE-2015-1859
* SECURITY UPDATE: denial of service and possible code exection via
crafted GIF image
- debian/patches/CVE-2015-1860.patch: check bounds in
src/gui/image/qgifhandler.cpp.
- CVE-2015-1860
-- Marc Deslauriers <email address hidden> Mon, 25 May 2015 13:49:04 -0400
-
qt4-x11 (4:4.8.5+git192-g085f851+dfsg-2ubuntu4) trusty; urgency=medium
[ Jonathan Riddell ]
* Add kubuntu_glib-honor-ExcludeSocketNotifiers-flag.diff from LiMux
fix crash in LibreOffice with KDE theme LP: #1290514
[ Rohan Garg ]
* Add kubuntu_98_a11y_fix_crash.diff to fix plasma crashing due to
ubuntu-specific accessibility patch LP: #1289600
-- Jonathan Riddell <email address hidden> Tue, 11 Mar 2014 13:29:27 +0000
-
qt4-x11 (4:4.8.5+git192-g085f851+dfsg-2ubuntu3) trusty; urgency=medium
* Make libqtdbus4 break/replace libqt4-dbus (<< 4:4.8.5) (LP: #1268690).
-- Dmitry Shachnev <email address hidden> Tue, 14 Jan 2014 11:58:48 +0000
-
qt4-x11 (4:4.8.5+git192-g085f851+dfsg-2ubuntu2) trusty; urgency=medium
* debian/libqt4-dev.install: Readd qatomic_aarch64.h (dropped in last upload)
to presumably fix build failures on arm64 against qt4-x11.
-- Logan Rosen <email address hidden> Mon, 13 Jan 2014 22:55:55 -0500
-
qt4-x11 (4:4.8.5+git192-g085f851+dfsg-2ubuntu1) trusty; urgency=low
[ Rohan Garg, Dmitry Shachnev ]
* Merge from Debian unstable. Remaining changes:
- Pass list-missing to dh_install instead of fail-missing, since we don't
install the QtWebkit headers
- Make sure libqt4-opengl-dev depends on gles libs for armel and armhf
- Do not package ibase/firebird and sqlite2 package
+ remove from debian/control
+ libqt4-sql doesn't recommend libqt4-sql-ibase and libqt4-sql-sqlite2
- Build QtWebkit and use it only for QtAssistant
+ Rule to put qt_webkit_version.pri in mkspecs/modules
+ Rule to remove libQtWebKit* after build
+ Exclude usr/bin/assistant-qt4 from dh_shlibdeps
- Also exclude webkit examples from dh_shlibdeps
- Do not build libqt4-phonon, disable in debian/control
- Add debian/Trolltech.conf and install it in libqtcore4.install
- On armel and armhf, build with -gstabs instead of -g in an effort to get
the link step for QtWebkit to complete before timed out by the builders
- Build with -no-neon on armel and armhf
- Build with -no-pch on powerpc
- Add patches:
+ aarch64_fix_atomic_set.patch
+ aarch64_fix_jsc.patch
+ aarch64.patch
+ kubuntu_10_ibus_input_method.diff
+ kubuntu_12_fix_stack_protector.diff
+ kubuntu_14_systemtrayicon.diff
+ kubuntu_17_enable_qtwebkit_for_qtassistant.diff
+ kubuntu_28_xi2.1.patch
+ kubuntu_30_translucent_drag_pixmap.diff
+ kubuntu_31_unity_workarea_atom.diff
+ kubuntu_34_no_gold_check.diff
+ kubuntu_37_cups_settings.diff
+ kubuntu_39_fix_medium_font.diff
+ kubuntu_40_disable_neon.patch
+ kubuntu_93_disable_overlay_scrollbars.diff
+ kubuntu_94_xinput_valuators_fix.diff
+ kubuntu_95_qt_disable_bounce.diff
+ kubuntu_97_a11y_qt_and_qml_backport.diff
- Drop powerpc_designer_gstabs.diff, it breaks powerpc
- Use Kubuntu Vcs fields
* Drop the following patches, applied upstream:
- QTBUG-29082_Fix_call_to_QMetaObject_metaCall_from_updateProperty.patch
- CVE-2013-4549.patch
- gcc-4.8.diff
- CVE-2011-3922.patch
- CVE-2012-6093.patch
- CVE-2013-0254.patch
- kubuntu_41_remove_gtk_theme_check.diff
- kubuntu_42_fix_icon_themes.diff
- kubuntu_default_numbers.diff
- moc-boost148-53.patch
* Rebase patches:
- kubuntu_28_xi2.1.patch
- ppc64el.patch
- aarch64.patch
-- Rohan Garg <email address hidden> Fri, 03 Jan 2014 19:33:31 +0100
-
qt4-x11 (4:4.8.4+dfsg-0ubuntu22) trusty; urgency=medium
* No-change rebuild for libmng soname bump.
-- Matthias Klose <email address hidden> Mon, 16 Dec 2013 16:07:30 +0100
-
qt4-x11 (4:4.8.4+dfsg-0ubuntu21) trusty; urgency=low
* debian/patches/ppc64el.patch: Add configure support for ppc64el.
* debian/patches/powerpc_designer_gstabs.diff: Drop. powerpc works now, and
it breaks ppc64el.
-- William Grant <email address hidden> Mon, 16 Dec 2013 09:57:49 +1100
-
qt4-x11 (4:4.8.4+dfsg-0ubuntu20) trusty; urgency=low
* SECURITY UPDATE: [XML Entity Expansion Denial of Service] (LP: #1259577).
- Add CVE-2013-4549.patch
- add limit in src/xml/sax/qxml.cpp
- http://lists.qt-project.org/pipermail/announce/2013-December/000036.html
- CVE-2013-4549
-- Jonathan Riddell <email address hidden> Tue, 10 Dec 2013 16:30:00 +0000
-
qt4-x11 (4:4.8.4+dfsg-0ubuntu19) trusty; urgency=low
[ William Grant ]
* debian/patches/aarch64_fix_jsc.patch:
Fix JavaScriptCore aarch64 platform configuration to actually be
evaluated; it was previously hidden inside an #ifdef __arm__ so
was never executed.
[ Adam Conrad ]
* Revert the translation-disabling hack from 4:4.8.4+dfsg-0ubuntu17.
-- William Grant <email address hidden> Tue, 22 Oct 2013 22:06:13 +1100
-
qt4-x11 (4:4.8.4+dfsg-0ubuntu18) saucy; urgency=low
* debian/patches/aarch64_fix_atomic_set.patch:
Fix QBasicAtomicInt::testAndSetRelaxed and
QBasicAtomicPointer<T>::testAndSetRelaxed to actually set the given value,
rather than a pointer to that value on the local stack frame.
-- William Grant <email address hidden> Sun, 13 Oct 2013 22:29:08 +1100
