[qtbase] apply official patch for CVE-2023-38197 #32797

carsten-grimm-at-ipolog · 2023-07-28T06:07:48Z

Changes comply with the maintainer guide
SHA512s are updated for each updated download
The "supports" clause reflects platforms that may be fixed by this new version
Any fixed CI baseline entries are removed from that file.
Any patches that are no longer applied are deleted from the port's directory.
The version database is fixed by rerunning ./vcpkg x-add-version --all and committing the result.
Only one version is added to each modified port's versions file.

The patch is the official patch for the issue from Qt: https://download.qt.io/official_releases/qt/6.5/

jimwang118 · 2023-07-28T08:43:17Z

Note: I will be converting your PR to draft status. When the CI run ends, please revert to "ready for review". That way, I will review this PR.

BillyONeal · 2023-07-28T15:37:38Z

Thanks for the patch!

carsten-grimm-at-ipolog · 2023-07-28T15:41:02Z

Thanks for the patch!

There is no need to thank me, the patch is from Qt! I am just adding it here :-)

carsten-grimm-at-ipolog added 3 commits July 28, 2023 07:55

[qtbase] add official patch for CVE-2023-38197

c2f941c

[qtbase] increase port version

a8ed446

[qtbase] regenerate version information

db29324

jimwang118 self-assigned this Jul 28, 2023

carsten-grimm-at-ipolog marked this pull request as ready for review July 28, 2023 06:59

jimwang118 added the category:port-feature The issue is with a library, which is requesting new capabilities that didn’t exist label Jul 28, 2023

carsten-grimm-at-ipolog marked this pull request as draft July 28, 2023 12:09

carsten-grimm-at-ipolog marked this pull request as ready for review July 28, 2023 15:00

BillyONeal merged commit 8b04a7b into microsoft:master Jul 28, 2023
15 checks passed

jimwang118 added the info:reviewed Pull Request changes follow basic guidelines label Jul 31, 2023

Provide feedback