Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[qtbase] patch CVE 2023-51714 #35917

Merged
merged 6 commits into from
Jan 26, 2024
Merged

[qtbase] patch CVE 2023-51714 #35917

merged 6 commits into from
Jan 26, 2024

Conversation

carsten-grimm
Copy link
Contributor

Fixes #35916.

  • Changes comply with the maintainer guide
  • SHA512s are updated for each updated download
  • The "supports" clause reflects platforms that may be fixed by this new version
  • Any fixed CI baseline entries are removed from that file.
  • Any patches that are no longer applied are deleted from the port's directory.
  • The version database is fixed by rerunning ./vcpkg x-add-version --all and committing the result.
  • Only one version is added to each modified port's versions file.

This pull request applies the official patch for CVE-2023-51714 from upstream.

@FrankXie05 FrankXie05 added the category:port-feature The issue is with a library, which is requesting new capabilities that didn’t exist label Dec 29, 2023
@carsten-grimm carsten-grimm marked this pull request as ready for review December 29, 2023 09:19
@BillyONeal
Copy link
Member

I'm sorry to force retesting here but we just rolled the macOS infrastructure meaning the compiler version changed out from under this :/

@FrankXie05 FrankXie05 added the info:reviewed Pull Request changes follow basic guidelines label Jan 26, 2024
@JavierMatosD JavierMatosD merged commit 03d8d04 into microsoft:master Jan 26, 2024
16 checks passed
TomKatom pushed a commit to TomKatom/vcpkg that referenced this pull request Feb 23, 2024
@carsten-grimm @JavierMatosD
@BillyONeal @TomKatom
[qtbase] patch CVE 2023-51714 (microsoft#35917)
957f736 
* [qtbase] patch CVE-2023-51714

* [qtbase] regenerate version info

* bump version db

* update version db

---------

Co-authored-by: Javier Matos Denizac <javiermat@microsoft.com>
Co-authored-by: Billy Robert O'Neal III <bion@microsoft.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@FrankXie05 FrankXie05 FrankXie05 approved these changes

Assignees

@FrankXie05 FrankXie05

Labels
category:port-feature The issue is with a library, which is requesting new capabilities that didn’t exist info:reviewed Pull Request changes follow basic guidelines
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[qtbase] patch CVE-2023-51714
4 participants
@carsten-grimm @BillyONeal @FrankXie05 @JavierMatosD