SUSE-SU-2015:1359-1

Описание

The libqt4 library was updated to fix several security and non security issues.

The following vulnerabilities were fixed:

• bsc#921999: CVE-2015-0295: division by zero when processing malformed BMP files
• bsc#927806: CVE-2015-1858: segmentation fault in BMP Qt Image Format Handling
• bsc#927807: CVE-2015-1859: segmentation fault in ICO Qt Image Format Handling
• bsc#927808: CVE-2015-1860: segmentation fault in GIF Qt Image Format Handling

The following non-secuirty issues were fixed:

• bsc#929688: Critical Problem in Qt Network Stack
• bsc#847880: kde/qt rendering error in qemu cirrus i586
• Update use-freetype-default.diff to use same method as with libqt5-qtbase package: Qt itself already does runtime check whether subpixel rendering is available, but only when FT_CONFIG_OPTION_SUBPIXEL_RENDERING is defined. Thus it is enough to only remove that condition
• The -devel subpackage requires Mesa-devel, not only at build time
• Fixed compilation on SLE_11_SP3 by making it build against Mesa-devel on that system
• Replace patch l-qclipboard_fix_recursive.patch with qtcore-4.8.5-qeventdispatcher-recursive.patch. The later one seems to work better and really resolves the issue in LibreOffice
• Added kde4_qt_plugin_path.patch, so kde4 plugins are magically found/known outside kde4 enviroment/session
• added _constraints. building took up to 7GB of disk space on s390x, and more than 6GB on x86_64
• Add 3 patches for Qt bugs to make LibreOffice KDE4 file picker work properly again:
  • Add glib-honor-ExcludeSocketNotifiers-flag.diff (QTBUG-37380)
  • Add l-qclipboard_fix_recursive.patch (QTBUG-34614)
  • Add l-qclipboard_delay.patch (QTBUG-38585)