Re: [Development] Execute a function in the specified existing thread
On 9 Jun 2023, at 02:00, Thiago Macieira wrote: On Wednesday, 7 June 2023 19:18:02 PDT JiDe Zhang wrote: please make sure your contribution uses QMetaCallEvent. Why uses QMetaCallEvent? I don't know how to make the function arguments to void** for QMetaCallEvent constructor. Maybe I can use QAbstractMetaCallEvent. My point is that a contribution to QtCore should use the most efficient method of getting the job done without undue complexity. That means I can accept inefficiencies provided they make the code more readable & maintainable than otherwise would have been, but not if they aren't justified. As of https://codereview.qt-project.org/c/qt/qtbase/+/469799, creating a QMetaCallEvent is pretty straight-forward. And creating the QCallableObject needed for that is also easier by the makeSlotObject helper, see https://codereview.qt-project.org/c/qt/qtbase/+/475547. It’s still requires working with private APIs, but there’s a reason those APIs exist, and that they are private - there are many cases you want to support (functors and lambdas, member-function-pointers, free functions, move-only functors etc). Volker -- Development mailing list Development@qt-project.org https://lists.qt-project.org/listinfo/development
[Development] Bumping the minimum CMake version for Apple platforms to 3.21 for Qt 6.6
Hi all, We currently require CMake 3.16 for shared builds, and 3.21 for static builds. CMake 3.16 unfortunately doesn't have a feature we rely on on Apple platforms — finalizers — requiring us to maintain and take into account additional APIs for users to manually finalize their projects, with caveats and sharp corners. We’d like to avoid the maintenance overhead of this manual finalization API going forward, and are proposing to bump the required CMake version for user projects (and Qt in effect) on Apple platforms to 3.21 for 6.6, the same version we require for static builds for all Qt platforms. This should not present much problems for users on these platforms (macOS), as CMake is not shipped with the system, but instead installed via e.g. Homebrew, which already ships a recent version, and also makes it easy to upgrade. Our own binary installers also ship 3.24, so we’re good there as well. As qt_finalize_target is already a noop for CMake 3.21 the work involved to bump the requirement is primarily updating documentation. Let us know if this causes concern. Cheers, Tor Arne -- Development mailing list Development@qt-project.org https://lists.qt-project.org/listinfo/development
Re: [Development] [Announce] Security advisory: Qt Network
2023-06-09
Thread
List for announcements regarding Qt releases and development via Announce via Development
A mistake was made with the CVE id for this one as it is CVE-2023-34410. Therefore the links are: Patches: dev: https://codereview.qt-project.org/c/qt/qtbase/+/477560 and https://codereview.qt-project.org/c/qt/qtbase/+/480002 Qt 6.5: https://codereview.qt-project.org/c/qt/qtbase/+/479276 and https://codereview.qt-project.org/c/qt/qtbase/+/480474 or https://download.qt.io/official_releases/qt/6.5/CVE-2023-34410-qtbase-6.5.diff Qt 6.2: https://download.qt.io/official_releases/qt/6.2/CVE-2023-34410-qtbase-6.2.diff Qt 5.15: https://download.qt.io/official_releases/qt/5.15/CVE-2023-34410-qtbase-5.15.diff I apologise for any confusion caused. Kind regards, Andy -Original Message- From: Development On Behalf Of List for announcements regarding Qt releases and development via Announce via Development Sent: Friday, June 9, 2023 1:00 PM To: annou...@qt-project.org Cc: List for announcements regarding Qt releases and development via Announce Subject: [Development] [Announce] Security advisory: Qt Network Hi, A recent SSL issue affecting both OpenSSL and Schannel in Qt Network has been reported and has been assigned the CVE id CVE-2023-33410. In some circumstances, system CA certificates list remains unexpectedly active for the authentication of SSL peers. In a case where clients are supposed to be authenticated by server side using a custom restricted CA certificate list, and if the server is vulnerable, this allows malicious clients to successfully pass the SSL authentication against the server, by being able to use a very wide range of unexpectedly valid SSL private keys and certificates to do so. Solution: Apply the following patches or update to Qt 5.15.15, Qt 6.2.9 or Qt 6.5.2 Patches: dev: https://codereview.qt-project.org/c/qt/qtbase/+/477560 and https://codereview.qt-project.org/c/qt/qtbase/+/480002 Qt 6.5: https://codereview.qt-project.org/c/qt/qtbase/+/479276 and https://codereview.qt-project.org/c/qt/qtbase/+/480474 or https://download.qt.io/official_releases/qt/6.5/CVE-2023-33410-qtbase-6.5.diff Qt 6.2: https://download.qt.io/official_releases/qt/6.2/CVE-2023-33410-qtbase-6.2.diff Qt 5.15: https://download.qt.io/official_releases/qt/5.15/CVE-2023-33410-qtbase-5.15.diff Kind regards, Andy -- Andy Shaw Director, Technical Customer Success The Qt Company ___ Announce mailing list annou...@qt-project.org https://lists.qt-project.org/listinfo/announce -- Development mailing list Development@qt-project.org https://lists.qt-project.org/listinfo/development ___ Announce mailing list annou...@qt-project.org https://lists.qt-project.org/listinfo/announce -- Development mailing list Development@qt-project.org https://lists.qt-project.org/listinfo/development
[Development] [Announce] Security advisory: Qt Network
2023-06-09
Thread
List for announcements regarding Qt releases and development via Announce via Development
Hi, A recent SSL issue affecting both OpenSSL and Schannel in Qt Network has been reported and has been assigned the CVE id CVE-2023-33410. In some circumstances, system CA certificates list remains unexpectedly active for the authentication of SSL peers. In a case where clients are supposed to be authenticated by server side using a custom restricted CA certificate list, and if the server is vulnerable, this allows malicious clients to successfully pass the SSL authentication against the server, by being able to use a very wide range of unexpectedly valid SSL private keys and certificates to do so. Solution: Apply the following patches or update to Qt 5.15.15, Qt 6.2.9 or Qt 6.5.2 Patches: dev: https://codereview.qt-project.org/c/qt/qtbase/+/477560 and https://codereview.qt-project.org/c/qt/qtbase/+/480002 Qt 6.5: https://codereview.qt-project.org/c/qt/qtbase/+/479276 and https://codereview.qt-project.org/c/qt/qtbase/+/480474 or https://download.qt.io/official_releases/qt/6.5/CVE-2023-33410-qtbase-6.5.diff Qt 6.2: https://download.qt.io/official_releases/qt/6.2/CVE-2023-33410-qtbase-6.2.diff Qt 5.15: https://download.qt.io/official_releases/qt/5.15/CVE-2023-33410-qtbase-5.15.diff Kind regards, Andy -- Andy Shaw Director, Technical Customer Success The Qt Company ___ Announce mailing list annou...@qt-project.org https://lists.qt-project.org/listinfo/announce -- Development mailing list Development@qt-project.org https://lists.qt-project.org/listinfo/development
[Development] [Announce] Qt Creator 11 Beta released
2023-06-09
Thread
List for announcements regarding Qt releases and development via Announce via Development
We are happy to announce the release of Qt Creator 11 Beta! https://www.qt.io/blog/qt-creator-11-beta-released -- Eike Ziller Principal Software Engineer Qt Group Erich-Thilo-Straße 10 12489 Berlin, Germany eike.zil...@qt.io https://qt.io Geschäftsführer: Mika Pälsi, Juha Varelius, Jouni Lintunen Sitz der Gesellschaft: Berlin, Registergericht: Amtsgericht Charlottenburg, HRB 144331 B ___ Announce mailing list annou...@qt-project.org https://lists.qt-project.org/listinfo/announce -- Development mailing list Development@qt-project.org https://lists.qt-project.org/listinfo/development
[Development] [Announce] Qt Installer Framework and Online Installer 4.6.0 released
2023-06-09
Thread
List for announcements regarding Qt releases and development via Announce via Development
Hi all, we have released Qt Installer Framework and Online Installer 4.6.0! Thank you to the development team & everyone involved . Please see the blog post: https://www.qt.io/blog/qt-installer-framework-and-online-installer-4.6.0-released Best regards, Tarja Sundqvist Release manager ___ Announce mailing list annou...@qt-project.org https://lists.qt-project.org/listinfo/announce -- Development mailing list Development@qt-project.org https://lists.qt-project.org/listinfo/development
