aboutsummaryrefslogtreecommitdiffstats
path: root/recipes-qt/qt5/qtbase_git.bb
diff options
context:
space:
mode:
authorMarek Vasut <marex@denx.de>2023-10-10 16:11:57 +0200
committerMartin Jansa <martin.jansa@gmail.com>2023-10-11 14:18:48 +0200
commita77ea02371242d391dcccad4d97af3a685dc8a9d (patch)
tree56572fe47863b4a58542876e07b3c7edceee74c5 /recipes-qt/qt5/qtbase_git.bb
parent7c405994e572ccdf1e03253c5065a3d484277f68 (diff)
qtbase: Pick CVE-2023-38197 fix
An issue was discovered in Qt before 5.15.15, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3. There are infinite loops in recursive entity expansion. Advisory: https://nvd.nist.gov/vuln/detail/CVE-2023-38197 Patch: https://download.qt.io/official_releases/qt/5.15/CVE-2023-38197-qtbase-5.15.diff Signed-off-by: Marek Vasut <marex@denx.de>
Diffstat (limited to 'recipes-qt/qt5/qtbase_git.bb')
-rw-r--r--recipes-qt/qt5/qtbase_git.bb1
1 files changed, 1 insertions, 0 deletions
diff --git a/recipes-qt/qt5/qtbase_git.bb b/recipes-qt/qt5/qtbase_git.bb
index e076e66d..a2785617 100644
--- a/recipes-qt/qt5/qtbase_git.bb
+++ b/recipes-qt/qt5/qtbase_git.bb
@@ -44,6 +44,7 @@ SRC_URI += "\
file://CVE-2023-33285-qtbase-5.15.diff \
file://CVE-2023-34410-qtbase-5.15.diff \
file://CVE-2023-37369-qtbase-5.15.diff \
+ file://CVE-2023-38197-qtbase-5.15.diff \
"
# Disable LTO for now, QT5 patches are being worked upstream, perhaps revisit with
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-28 02:59:24 +0000