diff options
author | Kai Köhne <kai.koehne@qt.io> | 2023-03-06 12:32:24 +0100 |
---|---|---|
committer | Kai Köhne <kai.koehne@qt.io> | 2023-03-31 02:10:53 +0100 |
commit | 1ba89e35bd2f10524441c1449d476ba1952c3ace (patch) | |
tree | a02a986bb23a285b0e670cadbb2998dba6aba664 /src/3rdparty/harfbuzz-ng/qt_attribution.json | |
parent | 7350088ab7ef55f51325fc6a48320a1cdc87bd28 (diff) |
Highlight third-party modules that are security critical
Mark any modules listed as 'processing untrusted content' in
https://wiki.qt.io/Third_Party_Code_in_Qt also in the
qt_attribution.json files.
For reasoning, see also
https://lists.qt-project.org/pipermail/development/2023-February/043667.html
Pick-to: 6.5
Change-Id: Id547d4f7e77dac8c7e8e382e65169e7bd0330fcf
Reviewed-by: Volker Hilsheimer <volker.hilsheimer@qt.io>
Diffstat (limited to 'src/3rdparty/harfbuzz-ng/qt_attribution.json')
-rw-r--r-- | src/3rdparty/harfbuzz-ng/qt_attribution.json | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/src/3rdparty/harfbuzz-ng/qt_attribution.json b/src/3rdparty/harfbuzz-ng/qt_attribution.json index 1779409e3b..f7aa46c34f 100644 --- a/src/3rdparty/harfbuzz-ng/qt_attribution.json +++ b/src/3rdparty/harfbuzz-ng/qt_attribution.json @@ -3,10 +3,12 @@ "Name": "HarfBuzz-NG", "QDocModule": "qtgui", "QtUsage": "Optionally used in Qt GUI. Configure with -system-harfbuzz to force the use of the system library, or -qt-harfbuzz to link statically to the library that is bundled with your Qt version.", + "SecurityCritical": true, "Description": "HarfBuzz is an OpenType text shaping engine.", "Homepage": "http://harfbuzz.org", "Version": "7.0.1", + "DownloadLocation": "https://github.com/harfbuzz/harfbuzz/releases/tag/7.1.0", "License": "MIT License", "LicenseId": "MIT", |