qtbase: Pick CVE-2023-32763 fix

An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered. Advisory: https://nvd.nist.gov/vuln/detail/CVE-2023-32763 Patch: https://download.qt.io/official_releases/qt/5.15/CVE-2023-32763-qtbase-5.15.diff Signed-off-by: Marek Vasut <marex@denx.de>
author: Marek Vasut <marex@denx.de> 2023-10-10 16:06:27 +0200
committer: Martin Jansa <martin.jansa@gmail.com> 2023-10-11 14:18:48 +0200
commit: 002d27e9bf8727e2680c76624198516f5a774741 (patch)
tree: 5a0801e63278f2c14b9f9907e7f3a8f2b53f59f6 /recipes-qt/qt5/qtbase_git.bb
parent: 107e5138935d064039faec16054726ca3c2d0c7d (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/recipes-qt/qt5/qtbase_git.bb b/recipes-qt/qt5/qtbase_git.bb
index 05e0a4dd..e80335de 100644
--- a/recipes-qt/qt5/qtbase_git.bb
+++ b/recipes-qt/qt5/qtbase_git.bb
@@ -40,6 +40,7 @@ SRC_URI += "\
     file://0023-Remove-unsetting-_FILE_OFFSET_BITS.patch \
     file://0026-qsql_odbc-Patch-for-CVE-2023-24607.patch \
     file://CVE-2023-32762.patch \
+    file://CVE-2023-32763-qtbase-5.15.diff \
 "
 
 # Disable LTO for now, QT5 patches are being worked upstream, perhaps revisit with
author	Marek Vasut <marex@denx.de>	2023-10-10 16:06:27 +0200
committer	Martin Jansa <martin.jansa@gmail.com>	2023-10-11 14:18:48 +0200
commit	002d27e9bf8727e2680c76624198516f5a774741 (patch)
tree	5a0801e63278f2c14b9f9907e7f3a8f2b53f59f6 /recipes-qt/qt5/qtbase_git.bb
parent	107e5138935d064039faec16054726ca3c2d0c7d (diff)