Package: release.debian.org Severity: normal Tags: buster User: release.debian....@packages.debian.org Usertags: pu
Dear stable release team, I'd like to update qt4-x11 in stable in order to fix Debian bug #970308 CVE-2020-17507 The security team decided not to issue a DSA but it would be good to have it fixed non the less. I'll be uploading to buster-p-u soon. Thanks for considering it, Lisandro. -- Lisandro Damián Nicanor Pérez Meyer http://perezmeyer.com.ar/ http://perezmeyer.blogspot.com/
diff -Nru qt4-x11-4.8.7+dfsg/debian/changelog qt4-x11-4.8.7+dfsg/debian/changelog --- qt4-x11-4.8.7+dfsg/debian/changelog 2019-04-12 17:10:28.000000000 -0300 +++ qt4-x11-4.8.7+dfsg/debian/changelog 2020-09-14 10:56:35.000000000 -0300 @@ -1,3 +1,10 @@ +qt4-x11 (4:4.8.7+dfsg-18+deb10u1) buster; urgency=medium + + * Backport upstream patch to fix buffer overflow in XBM parser + (CVE-2020-17507, closes: #968444). + + -- Lisandro Damián Nicanor Pérez Meyer <lisan...@debian.org> Mon, 14 Sep 2020 10:56:35 -0300 + qt4-x11 (4:4.8.7+dfsg-18) unstable; urgency=medium * Team upload. diff -Nru qt4-x11-4.8.7+dfsg/debian/patches/CVE-2020-17507.patch qt4-x11-4.8.7+dfsg/debian/patches/CVE-2020-17507.patch --- qt4-x11-4.8.7+dfsg/debian/patches/CVE-2020-17507.patch 1969-12-31 21:00:00.000000000 -0300 +++ qt4-x11-4.8.7+dfsg/debian/patches/CVE-2020-17507.patch 2020-09-14 09:52:18.000000000 -0300 @@ -0,0 +1,21 @@ +Description: fix buffer overflow in XBM parser +Origin: upstream, https://code.qt.io/cgit/qt/qtbase.git/commit/?id=1616c71921b73b22 +Last-Update: 2020-08-18 + +--- + src/gui/image/qxbmhandler.cpp | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +--- a/src/gui/image/qxbmhandler.cpp ++++ b/src/gui/image/qxbmhandler.cpp +@@ -154,7 +154,9 @@ static bool read_xbm_body(QIODevice *dev + w = (w+7)/8; // byte width + + while (y < h) { // for all encoded bytes... +- if (p) { // p = "0x.." ++ if (p && p < (buf + readBytes - 3)) { // p = "0x.." ++ if (!isxdigit(p[2]) || !isxdigit(p[3])) ++ return false; + *b++ = hex2byte(p+2); + p += 2; + if (++x == w && ++y < h) { diff -Nru qt4-x11-4.8.7+dfsg/debian/patches/series qt4-x11-4.8.7+dfsg/debian/patches/series --- qt4-x11-4.8.7+dfsg/debian/patches/series 2019-04-12 17:10:28.000000000 -0300 +++ qt4-x11-4.8.7+dfsg/debian/patches/series 2020-09-14 10:04:34.000000000 -0300 @@ -19,6 +19,7 @@ CVE-2018-19871.patch CVE-2018-19872.patch CVE-2018-19873.patch +CVE-2020-17507.patch # qt-copy patches 0195-compositing-properties.diff