Package "qtbase-opensource-src"

Name: qtbase-opensource-src


This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Qt 5 concurrent module
  • Qt 5 core module
  • Qt 5 D-Bus module
  • Qt 5 GUI module

Latest version: *DELETED*
Release: focal (20.04)
Level: proposed
Repository: universe


Other versions of "qtbase-opensource-src" in Focal

Repository Area Version
base universe 5.12.8+dfsg-0ubuntu1
security universe 5.12.8+dfsg-0ubuntu2.1
updates universe 5.12.8+dfsg-0ubuntu2.1

Packages in group

Deleted packages are displayed in grey.


Version: *DELETED* 2022-01-08 14:06:34 UTC
No changelog for deleted or moved packages.

Version: 5.12.8+dfsg-0ubuntu2 2021-12-14 23:06:19 UTC

  qtbase-opensource-src (5.12.8+dfsg-0ubuntu2) focal; urgency=medium

  * Backport four upstream commits to fix massive memory consumption when
    rendering specially crafted SVG files (CVE-2021-38593, LP: #1950193).

 -- Dmitry Shachnev <email address hidden> Sun, 12 Dec 2021 14:25:21 +0300

1950193 libqt5svg5 affected by CVE-2021-38593
CVE-2021-38593 Qt 5.0.0 through 6.1.2 has an out-of-bounds write in QOutlineMapper::convertPath (called from QRasterPaintEngine::fill and QPaintEngineEx::stroke).

Version: *DELETED* 2020-04-14 10:06:29 UTC
No changelog for deleted or moved packages.

Version: 5.12.8+dfsg-0ubuntu1 2020-04-11 20:06:39 UTC

  qtbase-opensource-src (5.12.8+dfsg-0ubuntu1) focal; urgency=medium

  * New upstream bugfix release.
  * Drop patches, included in the new release:
    - uic_global_includes.diff
    - CVE-2020-0569.diff
    - CVE-2020-0570.diff
    - CVE-2015-9541.diff
  * Refresh other patches.
  * Update debian/copyright using debian/scripts/update-copyright.
  * Bump ABI version to qtbase-abi-5-12-8.
  * Bump Build-Depends-Indep to 5.12.8.
  * Update symbols files from the current build logs.

 -- Dmitry Shachnev <email address hidden> Thu, 09 Apr 2020 10:57:56 +0300

CVE-2015-9541 Qt through 5.14 allows an exponential XML entity expansion attack via a crafted SVG document that is mishandled in QXmlStreamReader, a related issue

About   -   Send Feedback to @ubuntu_updates