Hi, I have some patchs for this bug:
https://codereview.qt-project.org/c/qt/qtbase/+/423894
https://codereview.qt-project.org/c/qt/qtdeclarative/+/423258
From: Development on behalf of Eirik
Aavitsland
Sent: Wednesday, July 20, 2022 23:25
To:
Hi,
There have been three vulnerabilities found in FreeType recently and they have
been assigned the CVE ids CVE-2022-27404, CVE-2022-27405, CVE-2022-27406. This
has been fixed in the latest version of FreeType – v2.12.1
These effects configurations of Qt that have been built against the
Hi,
The existing pre-built versions of 5.15 and 6.2 will have this problem yes, but
I don’t know what the plan would be for releasing an update one in these cases
though. That would be down to the release team to comment on.
Kind regards,
Andy
-Original Message-
From: Development On
On Wednesday, 27 July 2022 05:20:59 PDT Giuseppe D'Angelo via Development
wrote:
> Does this mean that the currently available opensource binary downloads
> (through the official installer) of Qt 5.15(.2) and 6.2 are affected by
> the CVE and will not get fixed?
>
> Should they just be removed
Re: https://bugreports.qt.io/browse/QTQAINFRA-5085
Please don't use spaces, wildcards or other shell metacharacters in your test
row names. Because of the different shells that we must go through, and in some
cases the number of shells (try to use ssh to run a test remotely), it gets
annoying
Hello,
Il 27/07/22 14:00, List for announcements regarding Qt releases and
development via Development ha scritto:
These effects configurations of Qt that have been built against the bundled
version of FreeType. If you are using a pre-built version of Qt then this will
be using the bundled
El dimecres, 27 de juliol de 2022, a les 14:00:50 (CEST), List for
announcements regarding Qt releases and development va escriure:
> Hi,
>
> There have been three vulnerabilities found in FreeType recently and they
> have been assigned the CVE ids CVE-2022-27404, CVE-2022-27405,
>
On Wednesday, 27 July 2022 09:43:32 PDT Albert Astals Cid wrote:
> > 5.15:
> > https://download.qt.io/official_releases/qt/5.15/CVE-2022-27404-27405-2740
> > 6
> > -qtbase-5.15.diff
>
> This patch doesn't seem to apply over the v5.15.5-lts-lgpl tag for me, can
> someone please double check in
Il 27/07/22 16:53, Thiago Macieira ha scritto:
On Wednesday, 27 July 2022 05:20:59 PDT Giuseppe D'Angelo via Development
wrote:
Does this mean that the currently available opensource binary downloads
(through the official installer) of Qt 5.15(.2) and 6.2 are affected by
the CVE and will not
Fully agreed with all your points, but knowing a release is LTS has value even
for those without support.
I don't see a problem if someone is choosing a the latest LTS version, getting
that version since the current version is not a LTS.
Scott
-Original Message-
From: Development On
Outside opinion. I know many non-commercial who tend to stick with the LTS for
their projects.
Scott
-Original Message-
From: Development On Behalf Of Thiago
Macieira
Sent: Wednesday, July 27, 2022 1:23 PM
To: development@qt-project.org
Subject: Re: [Development] [Announce] Security
On Wednesday, 27 July 2022 11:47:20 PDT Giuseppe D'Angelo via Development
wrote:
> Right now, if one selects "LTS" and "Latest releases" (and *not*
> "Archive"), one gets
>
> * 6.3.1
> * 6.2.4
> * 5.15.2
>
> all of which are bugged AFAICT?
Non-commercial customers shouldn't even see the option
On Wednesday, 27 July 2022 14:28:05 PDT Scott Bloom wrote:
> Outside opinion. I know many non-commercial who tend to stick with the LTS
> for their projects.
The problem is that you're not getting Support, whether Long Term or Short
Term or Any Term. Those are stale, a year or more out of date.
13 matches
Mail list logo
