* Wed Jun 28 2023 alarrosa@suse.com
- Add patch from upstream to fix an overflow in QTextLayout
(CVE-2023-32763, QTBUG-113337, bsc#1211798) and two other patches
from upstream so it applies correctly. These patches fix
QTextLayout's maximumWidth() for a text containing spaces
(QTBUG-106947) and a text containing a line separator
(QTBUG-89557, QTBUG-104986):
* 0001-QTextLayout-fix-maximumWidth-for-a-text-containing-spaces.patch
* 0002-QTextLayout-fix-maximumWidth-for-a-text-containing-line.patch
* 0003-CVE-2023-32763-Fix-specific-overflow-in-qtextlayout.patch
* Fri Jan 06 2023 christophe@krop.fr
- Update to 6.4.2:
* https://www.qt.io/blog/qt-6.4.2-released
* Tue Nov 15 2022 christophe@krop.fr
- Update to 6.4.1:
* https://www.qt.io/blog/qt-6.4.1-released
* Sun Oct 16 2022 christophe@krop.fr
- Make sure the QPA and wayland-related plugins are installed if
needed
* Thu Sep 29 2022 christophe@krop.fr
- Update to 6.4.0:
* https://www.qt.io/blog/qt-6.4-released
* Fri Sep 16 2022 christophe@krop.fr
- Update to 6.4.0 RC
* Fri Sep 09 2022 christophe@krop.fr
- Update to 6.3.2:
* https://www.qt.io/blog/qt-6.3.2-released
* Fri Jun 17 2022 christophe@krop.fr
- Update to 6.3.1:
* https://www.qt.io/blog/qt-6.3.1-released
- Drop patches, now upstream:
* 0001-CMake-Don-t-hardcode-the-library-directory-name.patch
* 0001-XCB-fix-GCC-12-warning-about-uninitialized-variable-.patch
* 0001-Fix-build-with-GCC12-avoid-QCborStreamReader-prepars.patch
* 0001-QtOpenGL-Fix-build-with-GCC-12-qt_imageForBrush-is-i.patch
* Tue May 10 2022 christophe@krop.fr
- Add GCC 12 compatibility changes:
* 0001-XCB-fix-GCC-12-warning-about-uninitialized-variable-.patch
* 0001-Fix-build-with-GCC12-avoid-QCborStreamReader-prepars.patch
* 0001-QtOpenGL-Fix-build-with-GCC-12-qt_imageForBrush-is-i.patch
* Tue May 03 2022 fabian@ritter-vogt.de
- Require the SSL devel package it was built with, not just any
pkgconfig(openssl). Otherwise it is satisfied with libressl-devel
even if it was built with openssl-devel.
* Fri Apr 08 2022 christophe@krop.fr
- Update to 6.3.0:
* https://www.qt.io/blog/qt-6.3-released
* Tue Mar 29 2022 christophe@krop.fr
- Update to 6.3.0-rc
- Add patch:
* 0001-CMake-Don-t-hardcode-the-library-directory-name.patch
- Update build constraints
* Mon Mar 21 2022 christophe@krop.fr
- Update to 6.2.4
* https://www.qt.io/blog/qt-6.2.4-released
- Drop 0001-QProcess-Unix-ensure-we-don-t-accidentally-execute-s.patch
Merged upstream.
* Wed Mar 02 2022 christophe@krop.fr
- Add upstream change (boo#1196501, CVE-2022-25255):
* 0001-QProcess-Unix-ensure-we-don-t-accidentally-execute-s.patch
- Install qt6-core-private-devel when installing qt6-core-devel
(boo#1195368)
* Mon Jan 31 2022 christophe@krop.fr
- Update to 6.2.3:
* https://www.qt.io/blog/qt-6.2.3-released
Version: 6.4.2-150500.3.14.1
* Wed Jan 03 2024 alarrosa@suse.com
- Add upstream patches to fix an incorrect integer overflow check
(boo#1218413, CVE-2023-51714):
* 0001-HPack-fix-a-Yoda-Condition.patch
* 0002-HPack-fix-incorrect-integer-overflow-check.patch
- Add upstream patch to fix a potential overflow in
assemble_hpack_block():
* 0001-Http2-fix-potential-overflow-in-assemble_hpack_block.patch
* Sat Dec 02 2023 meissner@suse.com
- updated to use pkgconfig(icu-i18n) to get current libicu (jsc#PED-6193)
Version: 6.2.2-150400.4.6.1
* Fri Jul 21 2023 alarrosa@suse.com
- Add patch from upstream to fix a bug that allows to trigger a
DoS in the SQL ODBC driver with a specifically crafted string
(CVE-2023-24607, bsc#1209616):
* 0001-SQL_ODBC-fix-some-users-of-toSQLTCHAR-to-not-assume.patch
- Add patch from upstream (backport taken from Qt5PatchCollection)
to fix certificate validation for TLS which does not always
consider whether the root of a chain is a configured CA
certificate (CVE-2023-34410, bsc#1211994):
* 0001-Ssl-Copy-the-on-demand-cert-loading-bool-from-default-config.patch
- Add patch from upstream to fix a buffer overflow in QDnsLookup
(CVE-2023-33285, bsc#1211642):
* 0001-QDnsLookup-Unix-make-sure-we-dont-overflow-the-buffer.patch
- Add patch from upstream to fix QtNetwork to parse the
strict-transport-security (HSTS) header case-insensitively
(CVE-2023-32762, QTBUG-113392, bsc#1211797):
* 0001-Hsts-match-header-names-case-insensitively.patch
- Add rebased patch from upstream to fix infinite loops in
QXmlStreamReader and raise error on unexpected tokens
which is a new behaviour (CVE-2023-38197, QTBUG-92113,
QTBUG-95188, bsc#1213326):
* 0001-QXmlStreamReader-Raise-error-on-unexpected-tokens.patch
Version: 6.2.2-150400.4.3.1
* Wed Feb 08 2023 christophe@krop.fr
- Fix a possible DOS in the Qt ODBC driver plugin (CVE-2023-24607):
* CVE-2023-24607-qtbase-6.2.diff
* Mon Feb 28 2022 christophe@krop.fr
- Add upstream change (boo#1196501, CVE-2022-25255):
* qprocess6-2.diff
- Install qt6-core-private-devel when installing qt6-core-devel
(boo#1195368)
* Wed Dec 22 2021 alarrosa@suse.com
- Increase the memory constraint to fix a oom failure
* Wed Dec 01 2021 christophe@krop.fr
- Update to 6.2.2
* https://www.qt.io/blog/qt-6.2.2-released
- Make sure all dependencies are present when installing devel
packages. Qt >= 6.2.2 is much less permissive.
- Drop 0001-qscrollarea-performance-fix.patch. Merged upstream.
* Thu Nov 04 2021 jonaski@opensuse.org
- Add patch for critical performance regression in qscrollarea
* 0001-qscrollarea-performance-fix.patch
* Tue Oct 26 2021 christophe@krop.fr
- Update to 6.2.1
* https://www.qt.io/blog/qt-6.2.1-released
* Thu Sep 30 2021 christophe@krop.fr
- Update to 6.2.0:
* https://www.qt.io/blog/qt-6.2-lts-released
* Sat Sep 25 2021 christophe@krop.fr
- Update to 6.2.0-rc2
* Thu Sep 16 2021 christophe@krop.fr
- Update to 6.2.0-rc
* Thu Sep 09 2021 christophe@krop.fr
- Update to 6.2.0-beta4
* Wed Sep 01 2021 christophe@krop.fr
- Update to 6.1.3:
* https://www.qt.io/blog/qt-6.1.3-released
* Fri Jul 02 2021 christophe@krop.fr
- Update to 6.1.2. New bugfix release:
* https://www.qt.io/blog/qt-6.1.2-released
* Tue Jun 08 2021 christophe@krop.fr
- Update to 6.1.1:
* https://www.qt.io/blog/qt-6.1.1-released
* Sat Jun 05 2021 christophe@krop.fr
- Update the minimum disk size. Leap 15.3 needs more than 13G.
- Also require at least 4 cores.
* Thu May 06 2021 christophe@krop.fr
- Update to 6.1.0:
* https://www.qt.io/blog/qt-6.1-released
* Fri Apr 23 2021 christophe@krop.fr
- Update to 6.1.0-rc.
* Sat Apr 17 2021 christophe@krop.fr
- Stop owning directories provided by the filesystem package (boo#1184786)
* Tue Apr 13 2021 christophe@krop.fr
- Update to 6.1.0-beta3.
* Wed Mar 31 2021 christophe@krop.fr
- Update to 6.0.3
* https://www.qt.io/blog/qt-6.0.3-released
* Sat Mar 20 2021 christophe@krop.fr
- Update to 6.1.0-beta2
- Drop fix-fixqt4headers.patch. No longer needed.