Hello community, here is the log from the commit of package libqt4 for openSUSE:Factory checked in at 2012-01-11 15:37:15 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libqt4 (Old) and /work/SRC/openSUSE:Factory/.libqt4.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libqt4", Maintainer is "dmuel...@suse.com" Changes: -------- --- /work/SRC/openSUSE:Factory/libqt4/libqt4-devel-doc.changes 2012-01-06 11:45:38.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.libqt4.new/libqt4-devel-doc.changes 2012-01-11 15:38:13.000000000 +0100 @@ -1,0 +2,14 @@ +Fri Jan 6 17:06:22 CET 2012 - dmuel...@suse.de + +- add patch for rare stack based overflow in harbuzz parser + (bnc#739904, CVE-2011-3922). + +------------------------------------------------------------------- +Fri Dec 16 11:04:43 CET 2011 - dmuel...@suse.de + +- update to 4.8.0 (final): + * only minimal change over rc1 + * too many changes to list here, see http://qt.nokia.com/doc/4.8 + and included changes-4.8.0 + +------------------------------------------------------------------- @@ -4 +18 @@ -- fix license to LGPL-2.1-with-nokia-exception-1.1 or GPL-3.0 (bnc#736425) +- fix license to SUSE-LGPL-2.1-with-nokia-exception-1.1 or GPL-3.0 (bnc#736425) libqt4-sql-plugins.changes: same change libqt4.changes: same change Old: ---- qt-everywhere-opensource-src-4.8.0-rc1.tar.gz New: ---- CVE-2011-3922.diff qt-everywhere-opensource-src-4.8.0.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libqt4-devel-doc.spec ++++++ --- /var/tmp/diff_new_pack.Fiyopo/_old 2012-01-11 15:38:35.000000000 +0100 +++ /var/tmp/diff_new_pack.Fiyopo/_new 2012-01-11 15:38:35.000000000 +0100 @@ -1,7 +1,7 @@ # # spec file for package libqt4-devel-doc # -# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -34,17 +34,17 @@ %endif # COMMON-VERSION-BEGIN # COMMON-VERSION-BEGIN -Version: 4.7.90 +Version: 4.8.0 Release: 0 %define base_name libqt4 -%define tar_version everywhere-opensource-src-4.8.0 +%define tar_version everywhere-opensource-src-%{version} # COMMON-VERSION-END # COMMON-VERSION-END BuildRequires: libQtWebKit-devel >= %version BuildRequires: libqt4-devel >= %version Url: http://www.trolltech.com Summary: Qt documentation -License: GPL-3.0 or LGPL-2.1-with-nokia-exception-1.1 +License: SUSE-LGPL-2.1-with-nokia-exception-1.1 or GPL-3.0 Group: Documentation/HTML Requires: libqt4 = %version Requires: libqt4-devel-doc-data = %version @@ -55,7 +55,7 @@ Obsoletes: qt-devel-doc < 4.4.0 # COMMON-BEGIN # COMMON-BEGIN -Source: qt-everywhere-opensource-src-4.8.0-rc1.tar.gz +Source: qt-%{tar_version}.tar.gz # to get mtime of file: Source1: libqt4.changes Source2: baselibs.conf @@ -91,6 +91,7 @@ Patch123: use-cups-default-print-settings-bnc552218.diff Patch128: build-qvfb-tool.diff Patch131: disable-im-for-password.diff +Patch132: CVE-2011-3922.diff BuildRoot: %{_tmppath}/%{name}-%{version}-build %define common_options --opensource -fast -no-separate-debug-info -shared -xkb -xrender -xcursor -dbus-linked -xfixes -xrandr -xinerama -sm -no-nas-sound -no-rpath -system-libjpeg -system-libpng -accessibility -cups -stl -nis -system-zlib -prefix /usr -L %_libdir -libdir %_libdir -docdir %_docdir/%{base_name} -examplesdir %_libdir/qt4/examples -demosdir %_libdir/qt4/demos -plugindir %plugindir -translationdir /usr/share/qt4/translations -iconv -sysconfdir /etc/settings -datadir /usr/share/qt4/ -no-pch -reduce-relocations -exceptions -system-libtiff -glib -optimized-qmake -no-webkit -no-xmlpatterns -system-sqlite -qt3support -no-sql-mysql -importdir %plugindir/imports -xsync -xinput -gtkstyle @@ -144,6 +145,7 @@ cp %{SOURCE17} translations/ %patch128 %patch131 -p1 +%patch132 # ### 47 rediff #%patch121 -p1 # be sure not to use them ++++++ libqt4-sql-plugins.spec ++++++ --- /var/tmp/diff_new_pack.Fiyopo/_old 2012-01-11 15:38:35.000000000 +0100 +++ /var/tmp/diff_new_pack.Fiyopo/_new 2012-01-11 15:38:35.000000000 +0100 @@ -1,7 +1,7 @@ # # spec file for package libqt4-sql-plugins # -# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -31,20 +31,20 @@ %endif # COMMON-VERSION-BEGIN # COMMON-VERSION-BEGIN -Version: 4.7.90 +Version: 4.8.0 Release: 0 %define base_name libqt4 -%define tar_version everywhere-opensource-src-4.8.0 +%define tar_version everywhere-opensource-src-%{version} # COMMON-VERSION-END # COMMON-VERSION-END BuildRequires: libqt4-devel >= %version Url: http://www.trolltech.com Summary: Qt 4 SQL related libraries -License: GPL-3.0 or LGPL-2.1-with-nokia-exception-1.1 +License: SUSE-LGPL-2.1-with-nokia-exception-1.1 or GPL-3.0 Group: System/Libraries # COMMON-BEGIN # COMMON-BEGIN -Source: qt-everywhere-opensource-src-4.8.0-rc1.tar.gz +Source: qt-%{tar_version}.tar.gz # to get mtime of file: Source1: libqt4.changes Source2: baselibs.conf @@ -80,6 +80,7 @@ Patch123: use-cups-default-print-settings-bnc552218.diff Patch128: build-qvfb-tool.diff Patch131: disable-im-for-password.diff +Patch132: CVE-2011-3922.diff BuildRoot: %{_tmppath}/%{name}-%{version}-build %define common_options --opensource -fast -no-separate-debug-info -shared -xkb -xrender -xcursor -dbus-linked -xfixes -xrandr -xinerama -sm -no-nas-sound -no-rpath -system-libjpeg -system-libpng -accessibility -cups -stl -nis -system-zlib -prefix /usr -L %_libdir -libdir %_libdir -docdir %_docdir/%{base_name} -examplesdir %_libdir/qt4/examples -demosdir %_libdir/qt4/demos -plugindir %plugindir -translationdir /usr/share/qt4/translations -iconv -sysconfdir /etc/settings -datadir /usr/share/qt4/ -no-pch -reduce-relocations -exceptions -system-libtiff -glib -optimized-qmake -no-webkit -no-xmlpatterns -system-sqlite -qt3support -no-sql-mysql -importdir %plugindir/imports -xsync -xinput -gtkstyle @@ -133,6 +134,7 @@ cp %{SOURCE17} translations/ %patch128 %patch131 -p1 +%patch132 # ### 47 rediff #%patch121 -p1 # be sure not to use them ++++++ libqt4.spec ++++++ --- /var/tmp/diff_new_pack.Fiyopo/_old 2012-01-11 15:38:35.000000000 +0100 +++ /var/tmp/diff_new_pack.Fiyopo/_new 2012-01-11 15:38:35.000000000 +0100 @@ -1,7 +1,7 @@ # # spec file for package libqt4 # -# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -15,7 +15,6 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # - Name: libqt4 BuildRequires: Mesa-devel BuildRequires: alsa-devel @@ -50,7 +49,7 @@ %endif Url: http://www.qtsoftware.com Summary: C++ Program Library, Core Components -License: GPL-3.0 or LGPL-2.1-with-nokia-exception-1.1 +License: GPL-3.0 or SUSE-LGPL-2.1-with-nokia-exception-1.1 Group: System/Libraries # bug437293 %ifarch ppc64 @@ -65,13 +64,13 @@ Provides: libqt4-dbus-1 = 4.4.0 Obsoletes: libqt4-dbus-1 < 4.4.0 # COMMON-VERSION-BEGIN -Version: 4.7.90 +Version: 4.8.0 Release: 0 %define base_name libqt4 -%define tar_version everywhere-opensource-src-4.8.0 +%define tar_version everywhere-opensource-src-%{version} # COMMON-VERSION-END # COMMON-BEGIN -Source: qt-everywhere-opensource-src-4.8.0-rc1.tar.gz +Source: qt-%{tar_version}.tar.gz # to get mtime of file: Source1: libqt4.changes Source2: baselibs.conf @@ -107,6 +106,7 @@ Patch123: use-cups-default-print-settings-bnc552218.diff Patch128: build-qvfb-tool.diff Patch131: disable-im-for-password.diff +Patch132: CVE-2011-3922.diff BuildRoot: %{_tmppath}/%{name}-%{version}-build %define common_options --opensource -fast -no-separate-debug-info -shared -xkb -xrender -xcursor -dbus-linked -xfixes -xrandr -xinerama -sm -no-nas-sound -no-rpath -system-libjpeg -system-libpng -accessibility -cups -stl -nis -system-zlib -prefix /usr -L %_libdir -libdir %_libdir -docdir %_docdir/%{base_name} -examplesdir %_libdir/qt4/examples -demosdir %_libdir/qt4/demos -plugindir %plugindir -translationdir /usr/share/qt4/translations -iconv -sysconfdir /etc/settings -datadir /usr/share/qt4/ -no-pch -reduce-relocations -exceptions -system-libtiff -glib -optimized-qmake -no-webkit -no-xmlpatterns -system-sqlite -qt3support -no-sql-mysql -importdir %plugindir/imports -xsync -xinput -gtkstyle @@ -160,6 +160,7 @@ cp %{SOURCE17} translations/ %patch128 %patch131 -p1 +%patch132 # ### 47 rediff #%patch121 -p1 # be sure not to use them @@ -168,7 +169,7 @@ %package devel Summary: Qt Development Kit -License: GPL-3.0 or LGPL-2.1-with-nokia-exception-1.1 +License: GPL-3.0 or SUSE-LGPL-2.1-with-nokia-exception-1.1 Group: Development/Libraries/X11 Requires: zlib-devel c++_compiler pkgconfig Requires: freetype2-devel libmng-devel libpng-devel libtiff-devel @@ -202,7 +203,7 @@ %package -n libqt4-sql-sqlite Summary: Qt 4 sqlite plugin -License: GPL-3.0 or LGPL-2.1-with-nokia-exception-1.1 +License: GPL-3.0 or SUSE-LGPL-2.1-with-nokia-exception-1.1 Group: Development/Libraries/C and C++ Requires: libqt4-sql = %version Provides: libqt4_sql_backend = %version @@ -217,7 +218,7 @@ %package x11 Summary: Qt 4 GUI related libraries -License: GPL-3.0 or LGPL-2.1-with-nokia-exception-1.1 +License: GPL-3.0 or SUSE-LGPL-2.1-with-nokia-exception-1.1 Group: Development/Libraries/C and C++ # bug437293 %ifarch ppc64 @@ -237,7 +238,7 @@ %package qt3support Summary: C++ Program Library, Core Components -License: GPL-3.0 or LGPL-2.1-with-nokia-exception-1.1 +License: GPL-3.0 or SUSE-LGPL-2.1-with-nokia-exception-1.1 Group: System/Libraries # bug437293 %ifarch ppc64 @@ -259,7 +260,7 @@ %package sql Summary: Qt 4 SQL related libraries -License: GPL-3.0 or LGPL-2.1-with-nokia-exception-1.1 +License: GPL-3.0 or SUSE-LGPL-2.1-with-nokia-exception-1.1 Group: Development/Libraries/C and C++ # bug437293 %ifarch ppc64 @@ -312,7 +313,7 @@ %package private-headers-devel Summary: Non-ABI stabile experimental API -License: GPL-3.0 or LGPL-2.1-with-nokia-exception-1.1 +License: GPL-3.0 or SUSE-LGPL-2.1-with-nokia-exception-1.1 Group: Development/Libraries/C and C++ Requires: libqt4-x11 = %version libqt4-devel = %version ++++++ CVE-2011-3922.diff ++++++ --- src/3rdparty/harfbuzz/src/harfbuzz-myanmar.c +++ src/3rdparty/harfbuzz/src/harfbuzz-myanmar.c @@ -359,7 +359,8 @@ if (kinzi >= 0 && i > base && (cc & Mymr_CF_AFTER_KINZI)) { reordered[len] = Mymr_C_NGA; reordered[len+1] = Mymr_C_VIRAMA; - properties[len-1] = AboveForm; + if (len > 0) + properties[len-1] = AboveForm; properties[len] = AboveForm; len += 2; kinzi = -1; ++++++ libqt4-devel-doc.spec.in ++++++ --- /var/tmp/diff_new_pack.Fiyopo/_old 2012-01-11 15:38:35.000000000 +0100 +++ /var/tmp/diff_new_pack.Fiyopo/_new 2012-01-11 15:38:35.000000000 +0100 @@ -38,7 +38,7 @@ BuildRequires: libqt4-devel >= %version Url: http://www.trolltech.com Summary: Qt documentation -License: LGPL-2.1-with-nokia-exception-1.1 or GPL-3.0 +License: SUSE-LGPL-2.1-with-nokia-exception-1.1 or GPL-3.0 Group: Documentation/HTML Requires: libqt4 = %version Requires: libqt4-devel-doc-data = %version ++++++ libqt4-sql-plugins.spec.in ++++++ --- /var/tmp/diff_new_pack.Fiyopo/_old 2012-01-11 15:38:35.000000000 +0100 +++ /var/tmp/diff_new_pack.Fiyopo/_new 2012-01-11 15:38:35.000000000 +0100 @@ -34,7 +34,7 @@ BuildRequires: libqt4-devel >= %version Url: http://www.trolltech.com Summary: Qt 4 SQL related libraries -License: LGPL-2.1-with-nokia-exception-1.1 or GPL-3.0 +License: SUSE-LGPL-2.1-with-nokia-exception-1.1 or GPL-3.0 Group: System/Libraries # COMMON-BEGIN # COMMON-END ++++++ qt-everywhere-opensource-src-4.8.0-rc1.tar.gz -> qt-everywhere-opensource-src-4.8.0.tar.gz ++++++ /work/SRC/openSUSE:Factory/libqt4/qt-everywhere-opensource-src-4.8.0-rc1.tar.gz /work/SRC/openSUSE:Factory/.libqt4.new/qt-everywhere-opensource-src-4.8.0.tar.gz differ: char 5, line 1 -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org