On Friday, 19 August 2022 14:30:08 -03 Ahmad Samir wrote:
> Going forward, don't ship/bundle 3rd party libs, instead add scripts (shell
> or CMake (the latter has support to fetch remote stuff
> https://cmake.org/cmake/help/latest/module/FetchContent.html)) that
> download that source code from
El divendres, 19 d’agost de 2022, a les 18:13:15 (CEST), Volker Hilsheimer va
escriure:
> > On 19 Aug 2022, at 16:28, Albert Astals Cid wrote:
> > In case you don't understand what i am speaking about, i mean the Qt 5.15
> > patch corresponding to
> >
On 27/7/22 19:15, Thiago Macieira wrote:
On Wednesday, 27 July 2022 09:43:32 PDT Albert Astals Cid wrote:
5.15:
https://download.qt.io/official_releases/qt/5.15/CVE-2022-27404-27405-2740
6
-qtbase-5.15.diff
This patch doesn't seem to apply over the v5.15.5-lts-lgpl tag for me, can
someone
El divendres, 19 d’agost de 2022, a les 11:35:51 (CEST), Volker Hilsheimer va
escriure:
> Back from holidays, following up on the open points from this thread after
> discussing within The Qt Company:
>
> [snip]
>
> The agreement with KDE is that the exact version of Qt that was released as
>
Back from holidays, following up on the open points from this thread after
discussing within The Qt Company:
> On 28 Jul 2022, at 18:13, Volker Hilsheimer wrote:
>> 2) The current *source* downloads for 5.15 (esp. the latest, 5.15.5) don't
>> have a clean patch against them.
>>
>> Yes, one
Albert Astals Cid wrote:
> El dijous, 28 de juliol de 2022, a les 18:13:02 (CEST), Volker Hilsheimer
> va escriure:
>> The agreement is that KDE maintains patches like this for Qt 5 so that
>> they are available on top of the branches that are available to the Open
>> Source community.
>
>>
El dijous, 28 de juliol de 2022, a les 18:13:02 (CEST), Volker Hilsheimer va
escriure:
> The agreement is that KDE maintains patches like this for Qt 5 so that they
> are available on top of the branches that are available to the Open Source
> community.
>
Hey,
> On 28 Jul 2022, at 17:31, Giuseppe D'Angelo via Development
> wrote:
>
> Hi,
>
> On 27/07/2022 22:23, Thiago Macieira wrote:
>> On Wednesday, 27 July 2022 11:47:20 PDT Giuseppe D'Angelo via Development
>> wrote:
>>> Right now, if one selects "LTS" and "Latest releases" (and *not*
>>>
Hi,
On 27/07/2022 22:23, Thiago Macieira wrote:
On Wednesday, 27 July 2022 11:47:20 PDT Giuseppe D'Angelo via Development
wrote:
Right now, if one selects "LTS" and "Latest releases" (and *not*
"Archive"), one gets
* 6.3.1
* 6.2.4
* 5.15.2
all of which are bugged AFAICT?
Non-commercial
Scott Bloom wrote:
> Fully agreed with all your points, but knowing a release is LTS has value
> even for those without support.
>
> I don't see a problem if someone is choosing a the latest LTS version,
> getting that version since the current version is not a LTS.
The Qt Company really needs
On Behalf Of Thiago
Macieira
Sent: Wednesday, July 27, 2022 2:50 PM
To: development@qt-project.org
Subject: Re: [Development] [Announce] Security advisory: Freetype in Qt
On Wednesday, 27 July 2022 14:28:05 PDT Scott Bloom wrote:
> Outside opinion. I know many non-commercial who tend to st
On Wednesday, 27 July 2022 14:28:05 PDT Scott Bloom wrote:
> Outside opinion. I know many non-commercial who tend to stick with the LTS
> for their projects.
The problem is that you're not getting Support, whether Long Term or Short
Term or Any Term. Those are stale, a year or more out of date.
Outside opinion. I know many non-commercial who tend to stick with the LTS for
their projects.
Scott
-Original Message-
From: Development On Behalf Of Thiago
Macieira
Sent: Wednesday, July 27, 2022 1:23 PM
To: development@qt-project.org
Subject: Re: [Development] [Announce] Security
On Wednesday, 27 July 2022 11:47:20 PDT Giuseppe D'Angelo via Development
wrote:
> Right now, if one selects "LTS" and "Latest releases" (and *not*
> "Archive"), one gets
>
> * 6.3.1
> * 6.2.4
> * 5.15.2
>
> all of which are bugged AFAICT?
Non-commercial customers shouldn't even see the option
Il 27/07/22 16:53, Thiago Macieira ha scritto:
On Wednesday, 27 July 2022 05:20:59 PDT Giuseppe D'Angelo via Development
wrote:
Does this mean that the currently available opensource binary downloads
(through the official installer) of Qt 5.15(.2) and 6.2 are affected by
the CVE and will not
On Wednesday, 27 July 2022 09:43:32 PDT Albert Astals Cid wrote:
> > 5.15:
> > https://download.qt.io/official_releases/qt/5.15/CVE-2022-27404-27405-2740
> > 6
> > -qtbase-5.15.diff
>
> This patch doesn't seem to apply over the v5.15.5-lts-lgpl tag for me, can
> someone please double check in
El dimecres, 27 de juliol de 2022, a les 14:00:50 (CEST), List for
announcements regarding Qt releases and development va escriure:
> Hi,
>
> There have been three vulnerabilities found in FreeType recently and they
> have been assigned the CVE ids CVE-2022-27404, CVE-2022-27405,
>
On Wednesday, 27 July 2022 05:20:59 PDT Giuseppe D'Angelo via Development
wrote:
> Does this mean that the currently available opensource binary downloads
> (through the official installer) of Qt 5.15(.2) and 6.2 are affected by
> the CVE and will not get fixed?
>
> Should they just be removed
On Behalf Of Giuseppe
D'Angelo via Development
Sent: Wednesday, July 27, 2022 2:21 PM
To: development@qt-project.org
Subject: Re: [Development] [Announce] Security advisory: Freetype in Qt
Hello,
Il 27/07/22 14:00, List for announcements regarding Qt releases and development
via Development ha
Hello,
Il 27/07/22 14:00, List for announcements regarding Qt releases and
development via Development ha scritto:
These effects configurations of Qt that have been built against the bundled
version of FreeType. If you are using a pre-built version of Qt then this will
be using the bundled
Hi,
There have been three vulnerabilities found in FreeType recently and they have
been assigned the CVE ids CVE-2022-27404, CVE-2022-27405, CVE-2022-27406. This
has been fixed in the latest version of FreeType – v2.12.1
These effects configurations of Qt that have been built against the
21 matches
Mail list logo