[packages/qt5-qtsvg] upstream fix for CVE-2023-32573; rel 2

atler atler at pld-linux.org
Mon May 22 13:42:09 CEST 2023 

commit 95fe1f82140bf2810ed89b109661e0d83b6bb52f
Author: Jan Palus <atler at pld-linux.org>
Date:   Mon May 22 12:44:34 2023 +0200

    upstream fix for CVE-2023-32573; rel 2
    
    as advised in:
    https://lists.qt-project.org/pipermail/announce/2023-May/000411.html

 CVE-2023-32573-qtsvg-5.15.diff | 34 ++++++++++++++++++++++++++++++++++
 qt5-qtsvg.spec                 |  4 +++-
 2 files changed, 37 insertions(+), 1 deletion(-)
---
diff --git a/qt5-qtsvg.spec b/qt5-qtsvg.spec
index 5a16810..146abbe 100644
--- a/qt5-qtsvg.spec
+++ b/qt5-qtsvg.spec
@@ -9,11 +9,12 @@ Summary:	The Qt5 Svg library
 Summary(pl.UTF-8):	Biblioteka Qt5 Svg
 Name:		qt5-%{orgname}
 Version:	5.15.9
-Release:	1
+Release:	2
 License:	LGPL v3 or GPL v2 or GPL v3 or comercial
 Group:		X11/Libraries
 Source0:	https://download.qt.io/official_releases/qt/5.15/%{version}/submodules/%{orgname}-everywhere-opensource-src-%{version}.tar.xz
 # Source0-md5:	5fc7f98d8ba2078446c538a461566d4b
+Patch0:		CVE-2023-32573-qtsvg-5.15.diff
 URL:		https://www.qt.io/
 BuildRequires:	Qt5Core-devel >= %{qtbase_ver}
 BuildRequires:	Qt5Gui-devel >= %{qtbase_ver}
@@ -124,6 +125,7 @@ Przykłady do biblioteki Qt5 Svg.
 
 %prep
 %setup -q -n %{orgname}-everywhere-src-%{version}
+%patch0 -p1
 
 %build
 %{qmake_qt5}
diff --git a/CVE-2023-32573-qtsvg-5.15.diff b/CVE-2023-32573-qtsvg-5.15.diff
new file mode 100644
index 0000000..0554756
--- /dev/null
+++ b/CVE-2023-32573-qtsvg-5.15.diff
@@ -0,0 +1,34 @@
+--- a/src/svg/qsvgfont_p.h
++++ b/src/svg/qsvgfont_p.h
+@@ -74,6 +74,7 @@ public:
+ class Q_SVG_PRIVATE_EXPORT QSvgFont : public QSvgRefCounted
+ {
+ public:
++    static constexpr qreal DEFAULT_UNITS_PER_EM = 1000;
+     QSvgFont(qreal horizAdvX);
+
+     void setFamilyName(const QString &name);
+@@ -86,9 +87,7 @@ public:
+     void draw(QPainter *p, const QPointF &point, const QString &str, qreal pixelSize, Qt::Alignment alignment) const;
+ public:
+     QString m_familyName;
+-    qreal m_unitsPerEm;
+-    qreal m_ascent;
+-    qreal m_descent;
++    qreal m_unitsPerEm = DEFAULT_UNITS_PER_EM;
+     qreal m_horizAdvX;
+     QHash<QChar, QSvgGlyph> m_glyphs;
+ };
+
+
+--- a/src/svg/qsvghandler.cpp
++++ b/src/svg/qsvghandler.cpp
+@@ -2668,7 +2668,7 @@ static bool parseFontFaceNode(QSvgStyleProperty *parent,
+
+     qreal unitsPerEm = toDouble(unitsPerEmStr);
+     if (!unitsPerEm)
+-        unitsPerEm = 1000;
++        unitsPerEm = QSvgFont::DEFAULT_UNITS_PER_EM;
+
+     if (!name.isEmpty())
+         font->setFamilyName(name);
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/qt5-qtsvg.git/commitdiff/95fe1f82140bf2810ed89b109661e0d83b6bb52f

More information about the pld-cvs-commit mailing list