-
qt4-x11 (4:4.8.1-0ubuntu4.9) precise-security; urgency=medium
* SECURITY UPDATE: denial of service via crafted GIF image
- debian/patches/CVE-2014-0190.patch: check for broken image in
src/gui/image/qgifhandler.cpp.
- CVE-2014-0190
* SECURITY UPDATE: denial of service via crafted BMP
- debian/patches/CVE-2015-0295.patch: fix division by zero in
src/gui/image/qbmphandler.cpp.
- CVE-2015-0295
* SECURITY UPDATE: denial of service and possible code execution via
crafted BMP or ICO images
- debian/patches/CVE-2015-1858-1859.patch: move check to better
location in src/gui/image/qbmphandler.cpp, check depth in
src/plugins/imageformats/ico/qicohandler.cpp.
- CVE-2015-1858
- CVE-2015-1859
* SECURITY UPDATE: denial of service and possible code exection via
crafted GIF image
- debian/patches/CVE-2015-1860.patch: check bounds in
src/gui/image/qgifhandler.cpp.
- CVE-2015-1860
-- Marc Deslauriers <email address hidden> Wed, 27 May 2015 08:41:41 -0400
-
qt4-x11 (4:4.8.1-0ubuntu4.8) precise; urgency=medium
[ Rohan Garg ]
* Add kubuntu_98_a11y_fix_crash.diff to fix plasma crashing due to
ubuntu-specific accessibility patch LP: #1289600
-- Rohan Garg <email address hidden> Wed, 12 Mar 2014 18:13:21 +0100
-
qt4-x11 (4:4.8.1-0ubuntu4.7) precise; urgency=medium
[ Jonathan Riddell ]
* Add kubuntu_glib-honor-ExcludeSocketNotifiers-flag.diff from LiMux
fix crash in LibreOffice with KDE theme LP: #1290514
[ Rohan Garg ]
* Add kubuntu_98_a11y_fix_crash.diff to fix plasma crashing due to
ubuntu-specific accessibility patch LP: #1289600
-- Rohan Garg <email address hidden> Wed, 12 Mar 2014 18:13:21 +0100
-
qt4-x11 (4:4.8.1-0ubuntu4.6) precise-proposed; urgency=low
* Query for Xi 2.2 first before falling back to Xi 2.1. (LP: #1242633)
- This fixes unity-2d pointer barriers.
-- Maarten Lankhorst <email address hidden> Wed, 27 Nov 2013 12:14:51 +0000
-
qt4-x11 (4:4.8.1-0ubuntu4.5) precise-security; urgency=low
* SECURITY UPDATE: [XML Entity Expansion Denial of Service] (LP: #1259577).
- Add CVE-2013-4549.diff
- add limit in src/xml/sax/qxml.cpp
- http://lists.qt-project.org/pipermail/announce/2013-December/000036.html
- CVE-2013-4549
-- Jonathan Riddell <email address hidden> Tue, 10 Dec 2013 22:49:13 +0000
-
qt4-x11 (4:4.8.1-0ubuntu4.4) precise-security; urgency=low
* SECURITY UPDATE: information disclosure via MITM redirect
- debian/patches/CVE-2012-5624.patch: don't redirect to file URLs in
src/declarative/qml/qdeclarativexmlhttprequest.cpp.
- CVE-2012-5624
* SECURITY UPDATE: incorrect errors with certificate verification
- debian/patches/CVE-2012-6093.patch: use openssl access functions to
properly handle layout changes in
src/network/ssl/qsslsocket_openssl.cpp,
src/network/ssl/qsslsocket_openssl_symbols.cpp,
src/network/ssl/qsslsocket_openssl_symbols_p.h.
- CVE-2012-6093
* SECURITY UPDATE: shared memory segments incorrect permissions
- debian/patches/CVE-2013-0254.patch: set appropriate permissions in
src/corelib/kernel/qsharedmemory_unix.cpp,
src/corelib/kernel/qsystemsemaphore_unix.cpp,
src/gui/image/qnativeimage.cpp,
src/gui/image/qpixmap_x11.cpp,
src/plugins/platforms/xcb/qxcbwindowsurface.cpp,
src/plugins/platforms/xlib/qxlibwindowsurface.cpp,
tools/qvfb/qvfbshmem.cpp.
- CVE-2013-0254
-- Marc Deslauriers <email address hidden> Wed, 06 Feb 2013 08:21:20 -0500
-
qt4-x11 (4:4.8.1-0ubuntu4.3) precise-security; urgency=low
* SECURITY UPDATE: fix for SSL compression "CRIME" attack
- debian/patches/CVE-2012-4929.patch: Disable SSL compression by default
- CVE-2012-4929
- LP: #1057578
-- Seth Arnold <email address hidden> Mon, 22 Oct 2012 10:54:05 -0700
-
qt4-x11 (4:4.8.1-0ubuntu4.2) precise-proposed; urgency=low
* Add kubuntu_35_text_cursor_position.diff fixes LP: #1024402
"Text cursor in wrong cell in calligrawords"
-- Jonathan Riddell <email address hidden> Sat, 14 Jul 2012 18:26:51 +0100
-
qt4-x11 (4:4.8.1-0ubuntu4.1) precise-proposed; urgency=low
* Add kubuntu_33_shaped_drag.diff fixes LP: #987855
"problem in Qt dragging when all of the window target has been
shaped out for input"
-- Jonathan Riddell <email address hidden> Tue, 24 Apr 2012 16:44:41 +0100
-
qt4-x11 (4:4.8.1-0ubuntu4) precise-proposed; urgency=low
* Rebuild for .pot generation
-- Jonathan Riddell <email address hidden> Thu, 12 Apr 2012 16:32:11 +0100
-
qt4-x11 (4:4.8.1-0ubuntu3) precise; urgency=low
* kubuntu_97_a11y_qt_and_qml_backport.diff from upstream: removed geometry and animation updates
because they are useless and the code is buggy, leading to crashes (LP: #918566).
-- Pawel Stolowski <email address hidden> Mon, 09 Apr 2012 18:55:11 +0200
-
qt4-x11 (4:4.8.1-0ubuntu2) precise; urgency=low
* Update libqt4-designer.symbols.
* Add QTBUG-24718_Fix_a_crash_in_cursorToX_when_new_block_is_added.patch,
cherry-picked from upstream.
-- Felix Geyer <email address hidden> Tue, 03 Apr 2012 16:18:44 +0200
-
qt4-x11 (4:4.8.1-0ubuntu1) precise; urgency=low
* New upstream release.
* Drop kubuntu_32_oriental_character_crash.diff, the changes are already
part of Qt 4.8.0.
* Drop patches that have been applied upstream:
- Pass_events_to_eventFilter_first.patch
- Pass_non-MotionNotify_events_to_event_dispatcher_filters.patch
- Raise_loopLevel_for_deleteLater_in_event_filters.patch
- fix_ftbfs_format-security.patch
- kubuntu_29_window_shaping_fix.diff
* Adapt to new upstream version:
- 16_hide_std_symbols_on_qtwebkit.diff
- kubuntu_01_fix_build_glib_231.diff
- 99_hppa_bug561203_decrease_failure_rate.diff
* Regenerate qt_webkit_version.pri after calling ./config.status because
configure deletes it.
* Update libqtgui4.symbols.
* Use dpkg-buildflags to export CFLAGS, CXXFLAGS and LDFLAGS.
-- Felix Geyer <email address hidden> Mon, 02 Apr 2012 23:11:42 +0200
-
qt4-x11 (4:4.8.0-1ubuntu11) precise; urgency=low
* Add patches cherry-picked upstream (LP: #911733):
- Pass_events_to_eventFilter_first.patch
- Pass_non-MotionNotify_events_to_event_dispatcher_filters.patch
- Raise_loopLevel_for_deleteLater_in_event_filters.patch
-- Fathi Boudra <email address hidden> Mon, 19 Mar 2012 09:06:21 +0200
-
qt4-x11 (4:4.8.0-1ubuntu10) precise; urgency=low
* Add kubuntu_32_oriental_character_crash.diff from upstream, fix
crash in oriental characters
-- Jonathan Riddell <email address hidden> Mon, 12 Mar 2012 11:10:48 +0000
-
qt4-x11 (4:4.8.0-1ubuntu9) precise; urgency=low
* "update kubuntu_31_unity_workarea_atom.diff to notify of
workArea change on change of atom _UNITY_NET_WORKAREA_REGION"
-- Jonathan Riddell <email address hidden> Fri, 09 Mar 2012 17:07:54 +0000
-
qt4-x11 (4:4.8.0-1ubuntu8) precise; urgency=low
* Add kubuntu_31_unity_workarea_atom.diff from Unity team
LP: #939629
-- Jonathan Riddell <email address hidden> Thu, 23 Feb 2012 16:23:22 +0000
-
qt4-x11 (4:4.8.0-1ubuntu7) precise; urgency=low
* Update kubuntu_29_window_shaping_fix.diff
with improved patch now upstream
http://qt.gitorious.org/qt/qt/commit/29ec5ba68a14b8c75876ce129dd7b3204f8ba503/diffs
-- Jonathan Riddell <email address hidden> Wed, 22 Feb 2012 10:39:17 +0000
-
qt4-x11 (4:4.8.0-1ubuntu6) precise; urgency=low
* Add kubuntu_30_translucent_drag_pixmap.diff
- use a translucent drag pixmap if compositing is active
-- Jonathan Riddell <email address hidden> Tue, 21 Feb 2012 09:26:02 +0000
-
qt4-x11 (4:4.8.0-1ubuntu5) precise; urgency=low
[ Martin Pitt ]
* debian/control: Drop qdbus dependency of libqt4-dbus to a Recommends. The
library does not actually need qdbus, and this is a cyclic dependency
which breaks upgrades. (LP: #927637)
[ Jonathan Riddell ]
* Add kubuntu_29_window_shaping_fix.diff from
http://qt.gitorious.org/qt/qt/commit/21713e04160ee285c831fedd1f3c7b8
ce0aba681 take window shape into account in findRealWindow,
LP: #926129
-- Jonathan Riddell <email address hidden> Mon, 06 Feb 2012 19:39:15 +0000
-
qt4-x11 (4:4.8.0-1ubuntu4) precise; urgency=low
* Drop kubuntu_92_qml_memory_leak.diff, it causes crashes and has been
rejected by upstream. (LP: #864475)
* Update symbols files.
-- Felix Geyer <email address hidden> Sat, 28 Jan 2012 20:18:14 +0100
-
qt4-x11 (4:4.8.0-1ubuntu3) precise; urgency=low
* Bump Build-Depends on libxi-dev for current epoch (2:1.5.99.2)
-- Chase Douglas <email address hidden> Tue, 17 Jan 2012 13:10:59 -0800
-
qt4-x11 (4:4.8.0-1ubuntu1) precise; urgency=low
* Fix version number
-- Jonathan Riddell <email address hidden> Mon, 16 Jan 2012 12:15:52 +0000
-
qt4-x11 (4:4.8.0-1ubuntu1~ppa1) precise; urgency=low
[ Felix Geyer ]
* Merge from Debian experimental, remaining changes:
- Do not package ibase/firebird and sqlite2 package
+ remove from debian/control
+ libqt4-sql doesn't recommend libqt4-sql-ibase and libqt4-sql-sqlite2
- build with -no-phonon
- Do not build libqt4-phonon, disable in debian/control
- Build packages with lzma compression using the dh addon from
pkg-kde-tools
- Add MessagesQt.sh
- Rules to create Messages.sh link to MessagesQt.sh and rules to create po
dir and execute extract-messages.sh in common-install-prehook-impl
- Add and install Trolltech.conf in libqtcore4.install
- Build QtWebkit and use it only for QtAssistant
+ Rule to put qt_webkit_version.pri in mkspecs/modules
+ Rule to remove libQtWebKit* after build
+ Exclude usr/bin/assistant-qt4 from dh_shlibdeps
- Fix Lucid upgrades: libqt4-help breaks/replaces libqtcore4 (<< 4:4.7.0)
- In debian/rules: move documentation building to override_dh_auto_install
where dh_listpackages works as expected with dpkg-buildpackage.
(LP: #857377)
* Drop patches that have been merged upstream:
- kubuntu_15_appmenu.diff
- kubuntu_16_qt-designer-toplevel-mode-menubar.diff
- kubuntu_18_fix_qtreeview_regression.diff
- kubuntu_26_dbusconnection_pointer.diff
- kubuntu_29_egl_qglcontext_stubs.diff
- kubuntu_96_fix_qml_crash.diff
- kubuntu_98_fix_accessible_menu.diff
* Refresh kubuntu patches.
* Fix build error with glib 2.31.
- Add kubuntu_01_fix_build_glib_231.diff
[ Fathi Boudra ]
* Refresh patches using debian/quiltrc.
* Revert debian/compat to 8.
* Avoid extra work in merging and use vendor for:
- rules to remove po dir in clean.
- set GL ES 2 architectures to armel/armhf.
* Add CVE-2011-3922.patch: Stack-buffer-overflow in glyph handling.
* Update kubuntu_28_xi2.1.patch for Qt 4.8.0.
* Update kubuntu_97_a11y_qt_and_qml_backport.diff for Qt 4.8.0.
* Drop kubuntu_99_notify_qml_name_description_change.diff, merged into
kubuntu_97_a11y_qt_and_qml_backport.diff.
* Update symbols files.
-- Felix Geyer <email address hidden> Sun, 11 Dec 2011 17:24:53 +0100
-
qt4-x11 (4:4.7.4-1ubuntu6) precise; urgency=low
* No-change rebuild to drop spurious libsfgcc1 dependency on armhf.
-- Adam Conrad <email address hidden> Fri, 02 Dec 2011 17:34:26 -0700
-
qt4-x11 (4:4.7.4-1ubuntu5) precise; urgency=low
* No-change rebuild against pkgbinarymangler with multi-arch doc symlinking
fix. (LP: #893826)
-- Martin Pitt <email address hidden> Tue, 29 Nov 2011 10:24:42 +0100
-
qt4-x11 (4:4.7.4-1ubuntu4) precise; urgency=low
* Rebuild for libmysqlclient transition
-- Clint Byrum <email address hidden> Thu, 24 Nov 2011 00:10:16 -0800
-
qt4-x11 (4:4.7.4-1ubuntu3) precise; urgency=low
* Add kubuntu_100_format_security.diff, fix compile failure in qdeclarativedebugserver.cpp
* Update debhelper's build-dep version to match use of debhelper 9
-- Jonathan Riddell <email address hidden> Mon, 21 Nov 2011 21:35:58 +0000
-
qt4-x11 (4:4.7.4-1ubuntu2) precise; urgency=low
* Remove firebird2.5-dev build-depends
-- Jonathan Riddell <email address hidden> Mon, 21 Nov 2011 19:59:46 +0000
-
qt4-x11 (4:4.7.4-1ubuntu1) precise; urgency=low
[ Jonathan Riddell ]
* Merge from Debian Git packaging. Remaining Ubuntu changes:
- Do not package ibase/firebird package, remove from debian/rules and
debian/control
- libqt4-sql-ibase not recommend for libqt4-sql
- build with -no-phonon
- do not build libqt4-phonon, disable in debian/control
- Build packages with lzma compression using the dh addon from pkg-kde-tools
- Rules to remove po dir in clean
- Add MessagesQt.sh
- Rules to create Messages.sh link to MessagesQt.sh and rules to create po
dir and exectue extract-messages.sh in common-install-prehook-impl
- Make libqt4-dev depend on libx11-dev
- Add and install Trolltech.conf in libqtcore4.install
- Build QtWebkit and use it only for QtAssistant
+ Rule to put qt_webkit_version.pri in mkspecs/modules
+ Rule to remove libQtWebKit* after build
+ Exclude usr/bin/assistant-qt4 from dh_shlibdeps
- Fix Lucid upgrades: libqt4-help breaks/replaces libqtcore4 (<< 4:4.7.0)
- Change OpenGL backend from GL to GLES 2 for armel (Debian does this for
armhf)
+ Build-depend and make libqt4-opengl-dev depend on libgles2-mesa-dev
instead of libgl1-mesa-dev and libglu1-mesa-dev
+ Pass "-opengl es2" to configure
- Pass extra_configure_opts += -arch armv6 on both armel and armhf and not
just armhf
- In debian/rules Move documentation building to override_dh_auto_install where
dh_listpackages works as expected with dpkg-buildpackage. (LP: #857377)
- debian/compat is 9 and build-depend on newer debhelper for multiarch
* debian/patches/blacklist-diginotar-certs.diff is now
debian/patches/blacklist-diginotar-cert.diff to match Debian
* Add prefix to some patches to clarify they come from Ubuntu rather than Debian
- kubuntu_97_a11y_qt_and_qml_backport.diff
- kubuntu_98_fix_accessible_menu.diff
- kubuntu_99_notify_qml_name_description_change.diff
[ Felix Geyer ]
* Use DEB_*_MAINT_APPEND instead of setting CXXFLAGS and LDFLAGS.
-- Jonathan Riddell <email address hidden> Tue, 01 Nov 2011 16:23:55 +0100
-
qt4-x11 (4:4.7.4-0ubuntu8) oneiric; urgency=low
* debian/patches/kubuntu_93_disable_overlay_scrollbars.diff:
- using the new and correct gtk symbols (LP: #805303)
-- Didier Roche <email address hidden> Fri, 30 Sep 2011 11:46:32 +0200