Pop-Up Thingie
Sidebar
>>> Magnum BBS <<<
Home
Forum
Files
Dark
Log in
Username
Password
Sidebar
Forum
Usenet
LINUX.DEBIAN.BUGS.DIST
Bug#1064054: qtbase-opensource-src-gles: CVE-2024-25580
From
Moritz =?UTF-8?Q?M=C3=BChlenhoff?=
@21:1/5 to
All
on Fri Feb 16 15:30:01 2024
Source: qtbase-opensource-src-gles
X-Debbugs-CC:
team@security.debian.org
Severity: important
Tags: security
Hi,
The following vulnerability was published for qtbase-opensource-src-gles.
CVE-2024-25580[0]:
https://bugzilla.redhat.com/show_bug.cgi?id=2264423
https://download.qt.io/official_releases/qt/5.15/CVE-2024-25580-qtbase-5.15.diff
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0]
https://security-tracker.debian.org/tracker/CVE-2024-25580
https://www.cve.org/CVERecord?id=CVE-2024-25580
Please adjust the affected versions in the BTS as needed.
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)
From
James Addison
@21:1/5 to
All
on Fri Feb 16 17:10:01 2024
This is a multi-part MIME message sent by reportbug.
Source: qtbase-opensource-src-gles
Followup-For: Bug #1064054
Control: found -1 5.12.2+dfsg-1
Control: tags -1 patch
diff --git a/src/gui/util/qktxhandler.cpp b/src/gui/util/qktxhandler.cpp
index 0d98e97453..6a79e55109 100644
--- a/src/gui/util/qktxhandler.cpp
+++ b/src/gui/util/qktxhandler.cpp
@@ -73,7 +73,7 @@ struct KTXHeader {
quint32 bytesOfKeyValueData;
};
-static const quint32 headerSize = sizeof(KTXHeader);
+static constexpr quint32 qktxh_headerSize = sizeof(KTXHeader);
// Currently unused, declared for future reference
struct KTXKeyValuePairItem {
@@ -103,11 +103,36 @@ struct KTXMipmapLevel {
*/
};
-bool QKtxHandler::canRead(const QByteArray &suffix, const QByteArray &block) +static bool qAddOverflow(quint32 v1, quint32 v2, quint32 *r) {
+ // unsigned additions are well-defined
+ *r = v1 + v2;
+ return v1 > quint32(v1 + v2);
+}
+
+// Returns the nearest multiple of 4 greater than or equal to 'value'
+static bool nearestMultipleOf4(quint32 value, quint32 *result)
+{
+ constexpr quint32 rounding = 4;
+ *result = 0;
+ if (qAddOverflow(value, rounding - 1, result))
+ return true;
+ *result &= ~(rounding - 1);
+ return false;
+}
+
+// Returns a sl
Who's Online
Recent Visitors
Keyop
Sun May 5 19:26:27 2024
from
Huddersfield, West Yorkshire
via
SSH
Keyop
Sun May 5 19:26:11 2024
from
Huddersfield, West Yorkshire
via
SSH
Guest
Sun May 5 16:29:05 2024
from
Shell
via
Raw
Michal Wronka
Sun May 5 15:55:28 2024
from
Wroclaw, Poland
via
SSH
System Info
Sysop:
Keyop
Location:
Huddersfield, West Yorkshire, UK
Users:
300
Nodes:
16 (
2
/
14
)
Uptime:
04:31:22
Calls:
6,706
Calls today:
6
Files:
12,236
Messages:
5,350,361