- Detalji os-a: FED
- Važnost: IMP
- Operativni sustavi: L
- Kategorije: LFE
——————————————————————————–
Fedora Update Notification
FEDORA-2014-5999
2014-05-06 02:38:10
——————————————————————————–
Name : mingw-qt5-qtbase
Product : Fedora 19
Version : 5.2.1
Release : 3.fc19
URL : http://www.qtsoftware.com/
Summary : Qt5 for Windows – QtBase component
Description :
This package contains the Qt software toolkit for developing
cross-platform applications.
This is the Windows version of Qt, for use in conjunction with the
Fedora Windows cross-compiler.
——————————————————————————–
Update Information:
* Fix invalid reference to qtmain when using CMake (RHBZ #1092465)
* Fix DoS vulnerability in the GIF image handler (QTBUG-38367, RHBZ #1092837)
——————————————————————————–
ChangeLog:
* Sat May 3 2014 Erik van Pienbroek <epienbro@fedoraproject.org> – 5.2.1-3
– Fix invalid reference to qtmain when using CMake (RHBZ #1092465)
– Fix DoS vulnerability in the GIF image handler (QTBUG-38367, RHBZ #1092837)
* Sun Apr 13 2014 Erik van Pienbroek <epienbro@fedoraproject.org> – 5.2.1-2
– Rebuild against gcc 4.9 (to fix paths mentioned in mkspecs/qconfig.pri)
* Sat Feb 8 2014 Erik van Pienbroek <epienbro@fedoraproject.org> – 5.2.1-1
– Update to 5.2.1
* Sat Jan 11 2014 Erik van Pienbroek <epienbro@fedoraproject.org> – 5.2.0-4
– Remove hard dependency on qtchooser and co-own the /etc/xdg/qtchooser folder
* Mon Jan 6 2014 Erik van Pienbroek <epienbro@fedoraproject.org> – 5.2.0-3
– Split the cmake patch and moved half of its contents to the ‘implib dll’
patch and the other to the ‘use external angle’ patch as those are more
proper locations
* Sun Jan 5 2014 Yaakov Selkowitz <yselkowitz@users.sourceforge.net> – 5.2.0-2
– Fix qmake to use .dll.a extension for implibs (avoids renaming hacks in
all mingw-qt5-* packages)
– Force usage of system zlib in Qt5Bootstrap
– Install shared libQt5BootstrapDBus for qdbuscpp2xml and qdbusxml2cpp
– Fix QMAKE_LIBS_NETWORK for static linkage
– Closes RHBZ #1048677
* Sun Jan 5 2014 Erik van Pienbroek <epienbro@fedoraproject.org> – 5.2.0-1
– Update to 5.2.0
– Use the generic win32-g++ mkspecs profile instead of win32-g++-cross
and win32-g++-cross-x64 (as is preferred by upstream)
– Add support for qtchooser
– Moved the native tools to /usr/$target/bin/qt5 (qtchooser requires the
tools to be in an unique folder with their original file names)
All symlinks in %{_bindir} are updated to reflect this as well
– Prevent invalid Libs.private references in generated pkg-config files
– Prevent patch backups from ending up in the mkspecs folders
– Reorganized and cleaned up the patches
* Fri Nov 29 2013 Erik van Pienbroek <epienbro@fedoraproject.org> – 5.2.0-0.4.rc1
– Update to 5.2.0 RC 1
* Wed Nov 27 2013 Erik van Pienbroek <epienbro@fedoraproject.org> – 5.2.0-0.3.beta1
– Try harder to fix detection of the uic tool when using CMake
* Tue Nov 26 2013 Erik van Pienbroek <epienbro@fedoraproject.org> – 5.2.0-0.2.beta1
– Fix detection of the uic tool when using CMake (RHBZ #1019952)
* Tue Oct 22 2013 Erik van Pienbroek <epienbro@fedoraproject.org> – 5.2.0-0.1.beta1
– Update to 5.2.0 beta 1
– Fix CMake support (RHBZ #1019952, RHBZ #1019947)
* Thu Sep 12 2013 Erik van Pienbroek <epienbro@fedoraproject.org> – 5.1.1-2
– Removed DBus ‘interface’ workaround patch as the issue is resolved in DBus upstream
* Thu Aug 29 2013 Erik van Pienbroek <epienbro@fedoraproject.org> – 5.1.1-1
– Update to 5.1.1
– Fix FTBFS against latest mingw-w64
* Fri Aug 2 2013 Erik van Pienbroek <epienbro@fedoraproject.org> – 5.1.0-5
– Re-enable R: mingw{32,64}-qt5-qttools-lrelease now that
bootstrapping Qt5 on ARM has completed
* Wed Jul 31 2013 Erik van Pienbroek <epienbro@fedoraproject.org> – 5.1.0-4
– Make sure the native Qt5Bootstrap library is a shared library
– Enabled PostgreSQL support
– Removed the reference to the ‘demos’ folder as demos are
bundled as separate tarballs
* Tue Jul 30 2013 Erik van Pienbroek <epienbro@fedoraproject.org> – 5.1.0-3
– Temporary build without R: mingw{32,64}-qt5-qttools-lrelease
to allow mingw-qt5-qttools to be built on arm
* Sat Jul 13 2013 Erik van Pienbroek <epienbro@fedoraproject.org> – 5.1.0-2
– Rebuild against libpng 1.6
* Wed Jul 10 2013 Erik van Pienbroek <epienbro@fedoraproject.org> – 5.1.0-1
– Update to 5.1.0
– Fix detection of external pcre library
– Added BR: mingw32-pcre mingw64-pcre
* Wed Jul 10 2013 Erik van Pienbroek <epienbro@fedoraproject.org> – 5.0.2-3
– Display message box if platform plugin cannot be found (QTBUG-31765, QTBUG-31760)
——————————————————————————–
References:
[ 1 ] Bug #1092465 – Linking fails on a cmake based project using Qt 5 since libqtmain.a is not found
https://bugzilla.redhat.com/show_bug.cgi?id=1092465
[ 2 ] Bug #1092837 – CVE-2014-0190 mingw-qt5-qtbase: qt: NULL pointer dereference flaw in QGIFFormat::fillRect [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1092837
——————————————————————————–
This update can be installed with the “yum” update program. Use
su -c ‘yum update mingw-qt5-qtbase’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
——————————————————————————–
Fedora Update Notification
FEDORA-2014-5988
2014-05-06 02:37:42
——————————————————————————–
Name : mingw-qt5-qtbase
Product : Fedora 20
Version : 5.2.1
Release : 3.fc20
URL : http://www.qtsoftware.com/
Summary : Qt5 for Windows – QtBase component
Description :
This package contains the Qt software toolkit for developing
cross-platform applications.
This is the Windows version of Qt, for use in conjunction with the
Fedora Windows cross-compiler.
——————————————————————————–
Update Information:
Fix invalid reference to qtmain when using CMake (RHBZ #1092465)
Fix DoS vulnerability in the GIF image handler (QTBUG-38367, RHBZ #1092837)
——————————————————————————–
ChangeLog:
* Sat May 3 2014 Erik van Pienbroek <epienbro@fedoraproject.org> – 5.2.1-3
– Fix invalid reference to qtmain when using CMake (RHBZ #1092465)
– Fix DoS vulnerability in the GIF image handler (QTBUG-38367, RHBZ #1092837)
* Sun Apr 13 2014 Erik van Pienbroek <epienbro@fedoraproject.org> – 5.2.1-2
– Rebuild against gcc 4.9 (to fix paths mentioned in mkspecs/qconfig.pri)
* Sat Feb 8 2014 Erik van Pienbroek <epienbro@fedoraproject.org> – 5.2.1-1
– Update to 5.2.1
* Sat Jan 11 2014 Erik van Pienbroek <epienbro@fedoraproject.org> – 5.2.0-4
– Remove hard dependency on qtchooser and co-own the /etc/xdg/qtchooser folder
* Mon Jan 6 2014 Erik van Pienbroek <epienbro@fedoraproject.org> – 5.2.0-3
– Split the cmake patch and moved half of its contents to the ‘implib dll’
patch and the other to the ‘use external angle’ patch as those are more
proper locations
* Sun Jan 5 2014 Yaakov Selkowitz <yselkowitz@users.sourceforge.net> – 5.2.0-2
– Fix qmake to use .dll.a extension for implibs (avoids renaming hacks in
all mingw-qt5-* packages)
– Force usage of system zlib in Qt5Bootstrap
– Install shared libQt5BootstrapDBus for qdbuscpp2xml and qdbusxml2cpp
– Fix QMAKE_LIBS_NETWORK for static linkage
– Closes RHBZ #1048677
* Sun Jan 5 2014 Erik van Pienbroek <epienbro@fedoraproject.org> – 5.2.0-1
– Update to 5.2.0
– Use the generic win32-g++ mkspecs profile instead of win32-g++-cross
and win32-g++-cross-x64 (as is preferred by upstream)
– Add support for qtchooser
– Moved the native tools to /usr/$target/bin/qt5 (qtchooser requires the
tools to be in an unique folder with their original file names)
All symlinks in %{_bindir} are updated to reflect this as well
– Prevent invalid Libs.private references in generated pkg-config files
– Prevent patch backups from ending up in the mkspecs folders
– Reorganized and cleaned up the patches
* Fri Nov 29 2013 Erik van Pienbroek <epienbro@fedoraproject.org> – 5.2.0-0.4.rc1
– Update to 5.2.0 RC 1
* Wed Nov 27 2013 Erik van Pienbroek <epienbro@fedoraproject.org> – 5.2.0-0.3.beta1
– Try harder to fix detection of the uic tool when using CMake
* Tue Nov 26 2013 Erik van Pienbroek <epienbro@fedoraproject.org> – 5.2.0-0.2.beta1
– Fix detection of the uic tool when using CMake (RHBZ #1019952)
* Tue Oct 22 2013 Erik van Pienbroek <epienbro@fedoraproject.org> – 5.2.0-0.1.beta1
– Update to 5.2.0 beta 1
– Fix CMake support (RHBZ #1019952, RHBZ #1019947)
* Thu Sep 12 2013 Erik van Pienbroek <epienbro@fedoraproject.org> – 5.1.1-2
– Removed DBus ‘interface’ workaround patch as the issue is resolved in DBus upstream
* Thu Aug 29 2013 Erik van Pienbroek <epienbro@fedoraproject.org> – 5.1.1-1
– Update to 5.1.1
– Fix FTBFS against latest mingw-w64
——————————————————————————–
References:
[ 1 ] Bug #1092465 – Linking fails on a cmake based project using Qt 5 since libqtmain.a is not found
https://bugzilla.redhat.com/show_bug.cgi?id=1092465
[ 2 ] Bug #1092837 – CVE-2014-0190 mingw-qt5-qtbase: qt: NULL pointer dereference flaw in QGIFFormat::fillRect [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1092837
——————————————————————————–
This update can be installed with the “yum” update program. Use
su -c ‘yum update mingw-qt5-qtbase’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
——————————————————————————–
Fedora Update Notification
FEDORA-2014-6003
2014-05-06 02:38:20
——————————————————————————–
Name : mingw-qt
Product : Fedora 20
Version : 4.8.6
Release : 1.fc20
URL : http://www.qtsoftware.com/
Summary : Qt for Windows
Description :
This package contains the Qt software toolkit for developing
cross-platform applications.
This is the Windows version of Qt, for use in conjunction with the
Fedora Windows cross-compiler.
——————————————————————————–
Update Information:
* Update to 4.8.6
* Fix DoS vulnerability in the GIF image handler (QTBUG-38367)
——————————————————————————–
ChangeLog:
* Tue Apr 29 2014 Erik van Pienbroek <epienbro@fedoraproject.org> – 4.8.6-1
– Update to 4.8.6
– Fix DoS vulnerability in the GIF image handler (QTBUG-38367)
——————————————————————————–
References:
[ 1 ] Bug #1092836 – CVE-2014-0190 mingw-qt: qt: NULL pointer dereference flaw in QGIFFormat::fillRect [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1092836
——————————————————————————–
This update can be installed with the “yum” update program. Use
su -c ‘yum update mingw-qt’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
——————————————————————————–
Fedora Update Notification
FEDORA-2014-6028
2014-05-06 02:39:22
——————————————————————————–
Name : mingw-qt
Product : Fedora 19
Version : 4.8.6
Release : 1.fc19
URL : http://www.qtsoftware.com/
Summary : Qt for Windows
Description :
This package contains the Qt software toolkit for developing
cross-platform applications.
This is the Windows version of Qt, for use in conjunction with the
Fedora Windows cross-compiler.
——————————————————————————–
Update Information:
* Update to 4.8.6
* Fix DoS vulnerability in the GIF image handler (QTBUG-38367)
——————————————————————————–
ChangeLog:
* Tue Apr 29 2014 Erik van Pienbroek <epienbro@fedoraproject.org> – 4.8.6-1
– Update to 4.8.6
– Fix DoS vulnerability in the GIF image handler (QTBUG-38367)
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> – 4.8.5-4
– Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Sat Jul 13 2013 Erik van Pienbroek <epienbro@fedoraproject.org> – 4.8.5-3
– Rebuild against libpng 1.6
* Thu Jul 4 2013 Erik van Pienbroek <epienbro@fedoraproject.org> – 4.8.5-2
– When building static binaries, make sure the gcc argument -DQT_DLL isn’t used
* Wed Jul 3 2013 Erik van Pienbroek <epienbro@fedoraproject.org> – 4.8.5-1
– Update to 4.8.5
——————————————————————————–
References:
[ 1 ] Bug #1092836 – CVE-2014-0190 mingw-qt: qt: NULL pointer dereference flaw in QGIFFormat::fillRect [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1092836
——————————————————————————–
This update can be installed with the “yum” update program. Use
su -c ‘yum update mingw-qt’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
7e
| Autor | Tomislav Protega |
| Cert id | NCERT-REF-2014-05-0009-ADV |
| Cve | CVE-2014-0190 |
| ID izvornika | FEDORA-2014-5999 FEDORA-2014-5988 FEDORA-2014-6003 FEDORA-2014-6028 |
| Proizvod | mingw-qt |
| Izvor | http://www.redhat.com |
