——————————————————————————–
Fedora Update Notification
FEDORA-2014-6083
2014-05-08 09:09:53
——————————————————————————–

Name : qt
Product : Fedora 19
Version : 4.8.6
Release : 5.fc19
URL : http://qt-project.org/
Summary : Qt toolkit
Description :
Qt is a software toolkit for developing applications.

This package contains base tools, like string, xml, and network
handling.

——————————————————————————–
Update Information:

New upstream stable bugfix release, as well as a fix for:

DoS vulnerability in the GIF image handler (QTBUG-38367).
See also http://blog.qt.digia.com/blog/2014/04/24/qt-4-8-6-released/
——————————————————————————–
ChangeLog:

* Mon May 5 2014 Rex Dieter <rdieter@fedoraproject.org> – 4.8.6-5
– drop f21 gcc-4.9 workarounds (they didn’t work)
– omit qt-cupsEnumDests.patch, again, pending more testing (#980952)
* Fri Apr 25 2014 Rex Dieter <rdieter@fedoraproject.org> 4.8.6-4
– -fno-tree-vrp (#1091482)
* Fri Apr 25 2014 Rex Dieter <rdieter@fedoraproject.org> 4.8.6-3
– try -fno-delete-null-pointer-checks to workaround bug #1091482
* Thu Apr 24 2014 Rex Dieter <rdieter@fedoraproject.org> 4.8.6-2
– DoS vulnerability in the GIF image handler (QTBUG-38367)
* Thu Apr 24 2014 Rex Dieter <rdieter@fedoraproject.org> 4.8.6-1
– 4.8.6 (final)
* Tue Apr 15 2014 Rex Dieter <rdieter@fedoraproject.org> 4.8.6-0.2.rc2
– 4.8.6-rc2
* Tue Apr 1 2014 Rex Dieter <rdieter@fedoraproject.org> – 4.8.6-0.1.rc1
– 4.8.6-rc1
* Wed Mar 26 2014 Rex Dieter <rdieter@fedoraproject.org> 4.8.5-24
– support ppc64le arch (#1081216)
* Sat Mar 8 2014 Kevin Kofler <Kevin@tigcc.ticalc.org> 4.8.5-23
– fix QMAKE_STRIP handling (#1074041)
* Fri Mar 7 2014 Rex Dieter <rdieter@fedoraproject.org> 4.8.5-22
– respin mysql_config patch
* Fri Mar 7 2014 Rex Dieter <rdieter@fedoraproject.org> 4.8.5-21
– restore qt-cupsEnumDests.patch (#980952)
* Thu Mar 6 2014 Rex Dieter <rdieter@fedoraproject.org> 4.8.5-20
– systemtrayicon plugin support (from kubuntu)
* Tue Feb 18 2014 Rex Dieter <rdieter@fedoraproject.org> 4.8.5-19
– cleanup QMAKE_STRIP handling
* Wed Feb 12 2014 Rex Dieter <rdieter@fedoraproject.org> 4.8.5-18
– rebuild (libicu)
* Sat Feb 1 2014 Rex Dieter <rdieter@fedoraproject.org> 4.8.5-17
– better %rpm_macros_dir handling
* Sun Jan 26 2014 Rex Dieter <rdieter@fedoraproject.org> 4.8.5-16
– macros.qt4: ++%_qt4_examplesdir (keep %_qt4_examples around for compatibility)
* Fri Jan 17 2014 Kevin Kofler <Kevin@tigcc.ticalc.org> – 4.8.5-15
– drop “Discover printers shared by CUPS 1.6 (#980952)” (#1054312, #980952#c18)
* Mon Jan 13 2014 Kevin Kofler <Kevin@tigcc.ticalc.org> – 4.8.5-14
– fix QTBUG-35459 (too low entityCharacterLimit=1024 for CVE-2013-4549)
– fix QTBUG-35460 (error message for CVE-2013-4549 is misspelled)
* Mon Dec 23 2013 Peter Robinson <pbrobinson@fedoraproject.org> 4.8.5-13
– Add support for aarch64 (#1046360)
* Thu Dec 5 2013 Rex Dieter <rdieter@fedoraproject.org> 4.8.5-12
– XML Entity Expansion Denial of Service (CVE-2013-4549)
* Wed Oct 9 2013 Rex Dieter <rdieter@fedoraproject.org> 4.8.5-11
– Discover printers shared by CUPS 1.6 (#980952)
* Mon Oct 7 2013 Daniel Vrátil <dvratil@redhat.com> 4.8.5-10
– drop revert of the PostgreSQL driver patch (fixed in Akonadi 1.10.3)
* Thu Oct 3 2013 Rex Dieter <rdieter@fedoraproject.org> 4.8.5-9
– rework %_bindir %_qt4_bindir links to be more qtchooser friendly
* Thu Sep 12 2013 Rex Dieter <rdieter@fedoraproject.org> 4.8.5-8
– Keyboard shortcuts doesn’t work for russian keyboard layout (#968367, QTBUG-32908)
* Mon Aug 26 2013 Jon Ciesla <limburgher@gmail.com> – 4.8.5-7
– libmng rebuild.
* Thu Aug 8 2013 Rex Dieter <rdieter@fedoraproject.org> 4.8.5-6.1
– qt4 rpm macros not found by rpm in F18 (#994739)
* Tue Jul 30 2013 Rex Dieter <rdieter@fedoraproject.org> 4.8.5-6
– enable qtchooser support
* Tue Jul 30 2013 Rex Dieter <rdieter@fedoraproject.org> 4.8.5-5
– revert upstream postgresql driver changes wrt escaping (QTBUG-30076)
* Thu Jul 11 2013 Rex Dieter <rdieter@fedoraproject.org> 4.8.5-4
– drop qtscript(javascriptcore) debuginfo patch, savings not significant
* Thu Jul 11 2013 Rex Dieter <rdieter@fedoraproject.org> 4.8.5-3
– reduce debuginfo in qtwebkit(webcore) and qtscript(javascriptcore)
* Tue Jul 2 2013 Rex Dieter <rdieter@fedoraproject.org> 4.8.5-2
– qdbusviewer subpkg (#968336)
* Tue Jul 2 2013 Rex Dieter <rdieter@fedoraproject.org> 4.8.5-1
– 4.8.5 (final)
* Wed Jun 26 2013 Rex Dieter <rdieter@fedoraproject.org> 4.8.5-0.6.rc2
– trim changelog
– cleaner rpm_macros_dir handling
* Fri Jun 21 2013 Rex Dieter <rdieter@fedoraproject.org> 4.8.5-0.5.rc2
– drop multilib portion from qt_plugin_path.patch
* Tue Jun 18 2013 Rex Dieter <rdieter@fedoraproject.org> 4.8.5-0.4.rc2
– (re)add kde4/multilib QT_PLUGIN_PATH
* Mon Jun 10 2013 Rex Dieter <rdieter@fedoraproject.org> 4.8.5-0.3.rc2
– 4.8.5-rc2
* Mon Jun 10 2013 Rex Dieter <rdieter@fedoraproject.org> 4.8.5-0.2.rc
– RFE: Add %qmake_qt4 macro (#870199)
* Sun Jun 9 2013 Rex Dieter <rdieter@fedoraproject.org> 4.8.5-0.1.rc
– 4.8.5-RC
——————————————————————————–
References:

[ 1 ] Bug #1088142 – CVE-2014-0190 qt: NULL pointer dereference flaw in QGIFFormat::fillRect
https://bugzilla.redhat.com/show_bug.cgi?id=1088142
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update qt’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce