NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

package/qt5/qt5base: update comment pointing to patches fixing CVE-2021-38593

Browse Source 
The patches aren't in Buildroot anymore but in the qt5base sources
directly, so let's give the commit hash of the fixes instead.

Cc: Quentin Schulz <foss+buildroot@0leil.net>
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
This commit is contained in:
Quentin Schulz 2022-03-28 11:17:51 +01:00 committed by Arnout Vandecappelle (Essensium/Mind)
parent 1cae2aa844
commit be3f9cde29
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
package/qt5/qt5base/qt5base.mk
View File

@ -12,7 +12,9 @@ QT5BASE_DEPENDENCIES = host-pkgconf pcre2 zlib
QT5BASE_INSTALL_STAGING = YES
QT5BASE_SYNC_QT_HEADERS = YES
# 0006-Improve-fix-for-avoiding-huge-number-of-tiny-dashes.patch
# From commits:
# 4ce7053a59 "Avoid processing-intensive painting of high number of tiny dashes"
# e7ea2ed27c "Improve fix for avoiding huge number of tiny dashes"
QT5BASE_IGNORE_CVES += CVE-2021-38593
# From commit 2766b2cba6ca4b1c430304df5437e2a6c874b107 "QProcess/Unix: ensure we don't accidentally execute something from CWD"
QT5BASE_IGNORE_CVES += CVE-2022-25255