head	1.2;
access;
symbols
	pkgsrc-2015Q2:1.1.0.8
	pkgsrc-2015Q2-base:1.1
	pkgsrc-2015Q1:1.1.0.6
	pkgsrc-2015Q1-base:1.1
	pkgsrc-2014Q4:1.1.0.4
	pkgsrc-2014Q4-base:1.1
	pkgsrc-2014Q3:1.1.0.2;
locks; strict;
comment	@# @;


1.2
date	2015.07.08.17.49.49;	author wiz;	state dead;
branches;
next	1.1;
commitid	ZgHjIskQk2xFyvsy;

1.1
date	2014.11.28.21.07.51;	author spz;	state Exp;
branches
	1.1.2.1;
next	;
commitid	mSUQNvyRnpRSMZZx;

1.1.2.1
date	2014.11.28.21.07.51;	author tron;	state dead;
branches;
next	1.1.2.2;
commitid	u0NzLyVt3nzHrv0y;

1.1.2.2
date	2014.12.02.20.27.50;	author tron;	state Exp;
branches;
next	;
commitid	u0NzLyVt3nzHrv0y;


desc
@@


1.2
log
@Update qt4 to 4.8.7.

I am happy to announce release of Qt 4.8.7 today bringing over 150
improvements and bug fixes. Qt 4.8.7 provides important security
updates, better support for Mac OS X 10.10 and many requested error
corrections. As a patch release, it does not add new functionality
and maintains full compatibility with previous Qt 4.8.x releases.

Highlights of Qt 4.8.7 are:

    Security fix for DoS vulnerability in the BMP image handler
    (CVE-2015-0295) as well as security fixes for vulnerabilities
    in image handling of BMP (CVE-2015-1858), ICO (CVE-2015-1859)
    and GIF (CVE-2015-1860)
    Update 3rd party libpng to version 1.6.17 to address known
    vulnerabilities in previous version
    Update 3rd party libtiff to version 4.0.3 to address known
    vulnerabilities in previous version
    Better support for running Qt 4.8 applications on Mac OS X
    10.10 Yosemite
    Many customer requested bug fixes
@
text
@$NetBSD: patch-CVE-2014-0190,v 1.1 2014/11/28 21:07:51 spz Exp $

patch for CVE-2014-0190 from https://codereview.qt-project.org/#/c/84035/1/src/gui/image/qgifhandler.cpp,unified

Upstream commit message:
   Author: Lars Knoll <lars.knoll@@digia.com>
   AuthorDate: 2014-04-24 15:33:27 +0200
   Commit: Lars Knoll <lars.knoll@@digia.com>
   CommitDate: 2014-04-24 15:43:28 +0200
   
   Don't crash on broken GIF images
   
   Broken GIF images could set invalid width and height
   values inside the image, leading to Qt creating a null
   QImage for it. In that case we need to abort decoding
   the image and return an error.
   
   Initial patch by Rich Moore.
   
   Backport of Id82a4036f478bd6e49c402d6598f57e7e5bb5e1e from Qt 5
   
   Task-number: QTBUG-38367
   Change-Id: I0680740018aaa8356d267b7af3f01fac3697312a
   Security-advisory: CVE-2014-0190

--- src/gui/image/qgifhandler.cpp.orig	2014-04-10 18:37:12.000000000 +0000
+++ src/gui/image/qgifhandler.cpp
@@@@ -359,6 +359,13 @@@@ int QGIFFormat::decode(QImage *image, co
                     memset(bits, 0, image->byteCount());
                 }
 
+                // Check if the previous attempt to create the image failed. If it
+                // did then the image is broken and we should give up.
+                if (image->isNull()) {
+                    state = Error;
+                    return -1;
+                }
+
                 disposePrevious(image);
                 disposed = false;
 
@


1.1
log
@add the fix for CVE-2014-0190 from upstream
can be dropped again with the next qt4 release
@
text
@d1 1
a1 1
$NetBSD$
@


1.1.2.1
log
@file patch-CVE-2014-0190 was added on branch pkgsrc-2014Q3 on 2014-12-02 20:27:50 +0000
@
text
@d1 41
@


1.1.2.2
log
@Pullup ticket #4562 - requested by spz
x11/qt4-libs: security patch

Revisions pulled up:
- x11/qt4-libs/Makefile                                         1.102
- x11/qt4-libs/distinfo                                         1.95
- x11/qt4-libs/patches/patch-CVE-2014-0190                      1.1

---
   Module Name:	pkgsrc
   Committed By:	spz
   Date:		Fri Nov 28 21:07:52 UTC 2014

   Modified Files:
   	pkgsrc/x11/qt4-libs: Makefile distinfo
   Added Files:
   	pkgsrc/x11/qt4-libs/patches: patch-CVE-2014-0190

   Log Message:
   add the fix for CVE-2014-0190 from upstream
   can be dropped again with the next qt4 release
@
text
@a0 41
$NetBSD$

patch for CVE-2014-0190 from https://codereview.qt-project.org/#/c/84035/1/src/gui/image/qgifhandler.cpp,unified

Upstream commit message:
   Author: Lars Knoll <lars.knoll@@digia.com>
   AuthorDate: 2014-04-24 15:33:27 +0200
   Commit: Lars Knoll <lars.knoll@@digia.com>
   CommitDate: 2014-04-24 15:43:28 +0200
   
   Don't crash on broken GIF images
   
   Broken GIF images could set invalid width and height
   values inside the image, leading to Qt creating a null
   QImage for it. In that case we need to abort decoding
   the image and return an error.
   
   Initial patch by Rich Moore.
   
   Backport of Id82a4036f478bd6e49c402d6598f57e7e5bb5e1e from Qt 5
   
   Task-number: QTBUG-38367
   Change-Id: I0680740018aaa8356d267b7af3f01fac3697312a
   Security-advisory: CVE-2014-0190

--- src/gui/image/qgifhandler.cpp.orig	2014-04-10 18:37:12.000000000 +0000
+++ src/gui/image/qgifhandler.cpp
@@@@ -359,6 +359,13 @@@@ int QGIFFormat::decode(QImage *image, co
                     memset(bits, 0, image->byteCount());
                 }
 
+                // Check if the previous attempt to create the image failed. If it
+                // did then the image is broken and we should give up.
+                if (image->isNull()) {
+                    state = Error;
+                    return -1;
+                }
+
                 disposePrevious(image);
                 disposed = false;
 
@