Hello community, here is the log from the commit of package qt3 checked in at Fri Aug 24 23:56:49 CEST 2007. -------- --- KDE/qt3/qt3.changes 2007-07-05 17:25:26.000000000 +0200 +++ /mounts/work_src_done/STABLE/qt3/qt3.changes 2007-08-24 18:40:43.000000000 +0200 @@ -1,0 +2,6 @@ +Fri Aug 24 18:39:04 CEST 2007 - dmueller@suse.de + +- fix format string issues (#291754, CVE-2007-3388) +- fix xrandr 1.2 detection + +------------------------------------------------------------------- qt3-devel-doc.changes: same change qt3-extensions.changes: same change qt3-static.changes: same change New: ---- format-warnings.diff qcstring-format-warnings.diff ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ qt3-devel-doc.spec ++++++ --- /var/tmp/diff_new_pack.A27875/_old 2007-08-24 23:53:50.000000000 +0200 +++ /var/tmp/diff_new_pack.A27875/_new 2007-08-24 23:53:50.000000000 +0200 @@ -13,12 +13,12 @@ Name: qt3-devel-doc BuildRequires: cups-devel freeglut-devel freetype2-devel gcc-c++ libjpeg-devel libmng-devel libpng-devel pkgconfig qt3-devel update-desktop-files Url: http://www.trolltech.com/ -License: GPL v2 or later, THE Q PUBLIC LICENSE (QPL) +License: GPL v2 only, THE Q PUBLIC LICENSE (QPL) Autoreqprov: on Summary: Documentation for the Qt 3 Development Kit Group: Documentation/HTML Version: 3.3.8 -Release: 46 +Release: 62 PreReq: /bin/grep BuildArch: noarch Provides: qt3-devel-tutorial @@ -90,6 +90,8 @@ Patch122: 0076-fix-qprocess.diff Patch123: use-xrandr-1.2.diff Patch124: CVE-2007-0242.diff +Patch125: qcstring-format-warnings.diff +Patch126: format-warnings.diff BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -162,6 +164,8 @@ else %patch21 fi +%patch125 +%patch126 # copy qt kde integration files cp %SOURCE100 %SOURCE101 src/kernel/ cp %SOURCE101 include/private/ @@ -234,6 +238,9 @@ /usr/share/pixmaps/assistant3.png %changelog +* Fri Aug 24 2007 - dmueller@suse.de +- fix format string issues (#291754, CVE-2007-3388) +- fix xrandr 1.2 detection * Thu Jul 05 2007 - coolo@suse.de - package desktop files and png files * Thu Jun 21 2007 - stbinner@suse.de ++++++ qt3-extensions.spec ++++++ --- /var/tmp/diff_new_pack.A27875/_old 2007-08-24 23:53:50.000000000 +0200 +++ /var/tmp/diff_new_pack.A27875/_new 2007-08-24 23:53:50.000000000 +0200 @@ -15,9 +15,9 @@ %if %suse_version > 1020 BuildRequires: fdupes %endif -License: GPL v2 or later, THE Q PUBLIC LICENSE (QPL) +License: GPL v2 only, THE Q PUBLIC LICENSE (QPL) Version: 3.3.8 -Release: 45 +Release: 62 Autoreqprov: on Requires: qt3 = %version Group: Development/Tools/Other @@ -88,6 +88,8 @@ Patch122: 0076-fix-qprocess.diff Patch123: use-xrandr-1.2.diff Patch124: CVE-2007-0242.diff +Patch125: qcstring-format-warnings.diff +Patch126: format-warnings.diff BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -158,6 +160,8 @@ else %patch21 fi +%patch125 +%patch126 # copy qt kde integration files cp %SOURCE100 %SOURCE101 src/kernel/ cp %SOURCE101 include/private/ @@ -475,6 +479,9 @@ %{_mandir}/man*/* %changelog +* Fri Aug 24 2007 - dmueller@suse.de +- fix format string issues (#291754, CVE-2007-3388) +- fix xrandr 1.2 detection * Thu Jul 05 2007 - coolo@suse.de - package desktop files and png files * Thu Jun 21 2007 - stbinner@suse.de ++++++ qt3.spec ++++++ --- /var/tmp/diff_new_pack.A27875/_old 2007-08-24 23:53:50.000000000 +0200 +++ /var/tmp/diff_new_pack.A27875/_new 2007-08-24 23:53:50.000000000 +0200 @@ -14,12 +14,12 @@ #Remember also to modify Requires in -devel package BuildRequires: Mesa-devel c++_compiler cups-devel freetype2-devel libjpeg-devel libmng-devel libpng-devel pkgconfig update-desktop-files xorg-x11-devel URL: http://www.trolltech.com/ -License: GPL v2 or later, THE Q PUBLIC LICENSE (QPL) +License: GPL v2 only, THE Q PUBLIC LICENSE (QPL) Group: System/Libraries Autoreqprov: on Summary: A library for developing applications with graphical user interfaces Version: 3.3.8 -Release: 46 +Release: 62 Provides: qt_library_%version PreReq: /bin/grep %define x11_free -x11-free- @@ -87,6 +87,8 @@ Patch122: 0076-fix-qprocess.diff Patch123: use-xrandr-1.2.diff Patch124: CVE-2007-0242.diff +Patch125: qcstring-format-warnings.diff +Patch126: format-warnings.diff BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -166,6 +168,8 @@ else %patch21 fi +%patch125 +%patch126 # copy qt kde integration files cp %SOURCE100 %SOURCE101 src/kernel/ cp %SOURCE101 include/private/ @@ -370,6 +374,9 @@ /etc/profile.d/qt3.* %changelog +* Fri Aug 24 2007 - dmueller@suse.de +- fix format string issues (#291754, CVE-2007-3388) +- fix xrandr 1.2 detection * Thu Jul 05 2007 - coolo@suse.de - package desktop files and png files * Thu Jun 21 2007 - stbinner@suse.de ++++++ qt3-static.spec ++++++ --- /var/tmp/diff_new_pack.A27875/_old 2007-08-24 23:53:50.000000000 +0200 +++ /var/tmp/diff_new_pack.A27875/_new 2007-08-24 23:53:50.000000000 +0200 @@ -12,12 +12,12 @@ Name: qt3-static BuildRequires: cups-devel freeglut-devel freetype2-devel gcc-c++ libdrm-devel libjpeg-devel libmng-devel libpng-devel -License: GPL v2 or later, THE Q PUBLIC LICENSE (QPL) +License: GPL v2 only, THE Q PUBLIC LICENSE (QPL) Group: Development/Libraries/X11 Autoreqprov: on Summary: Static library for developing GUI applications Version: 3.3.8 -Release: 46 +Release: 62 %define x11_free -x11-free- %define rversion %version # COMMON-BEGIN @@ -84,6 +84,8 @@ Patch122: 0076-fix-qprocess.diff Patch123: use-xrandr-1.2.diff Patch124: CVE-2007-0242.diff +Patch125: qcstring-format-warnings.diff +Patch126: format-warnings.diff BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -165,6 +167,8 @@ else %patch21 fi +%patch125 +%patch126 # copy qt kde integration files cp %SOURCE100 %SOURCE101 src/kernel/ cp %SOURCE101 include/private/ @@ -224,6 +228,9 @@ /usr/lib/qt3/%{_lib}/libqt-mt.a %changelog +* Fri Aug 24 2007 - dmueller@suse.de +- fix format string issues (#291754, CVE-2007-3388) +- fix xrandr 1.2 detection * Thu Jul 05 2007 - coolo@suse.de - package desktop files and png files * Thu Jun 21 2007 - stbinner@suse.de ++++++ format-warnings.diff ++++++ --- src/sql/qdatatable.cpp (revision 658213) +++ src/sql/qdatatable.cpp (working copy) @@ -1043,8 +1043,8 @@ bool QDataTable::insertCurrent() return FALSE; if ( !sqlCursor()->canInsert() ) { #ifdef QT_CHECK_RANGE - qWarning("QDataTable::insertCurrent: insert not allowed for " + - sqlCursor()->name() ); + qWarning("QDataTable::insertCurrent: insert not allowed for %s", + sqlCursor()->name().latin1() ); #endif endInsert(); return FALSE; @@ -1117,16 +1117,16 @@ bool QDataTable::updateCurrent() return FALSE; if ( sqlCursor()->primaryIndex().count() == 0 ) { #ifdef QT_CHECK_RANGE - qWarning("QDataTable::updateCurrent: no primary index for " + - sqlCursor()->name() ); + qWarning("QDataTable::updateCurrent: no primary index for %s", + sqlCursor()->name().latin1() ); #endif endUpdate(); return FALSE; } if ( !sqlCursor()->canUpdate() ) { #ifdef QT_CHECK_RANGE - qWarning("QDataTable::updateCurrent: updates not allowed for " + - sqlCursor()->name() ); + qWarning("QDataTable::updateCurrent: updates not allowed for %s", + sqlCursor()->name().latin1() ); #endif endUpdate(); return FALSE; @@ -1191,8 +1191,8 @@ bool QDataTable::deleteCurrent() return FALSE; if ( sqlCursor()->primaryIndex().count() == 0 ) { #ifdef QT_CHECK_RANGE - qWarning("QDataTable::deleteCurrent: no primary index " + - sqlCursor()->name() ); + qWarning("QDataTable::deleteCurrent: no primary index %s", + sqlCursor()->name().latin1() ); #endif return FALSE; } --- src/sql/qsqldatabase.cpp (revision 658213) +++ src/sql/qsqldatabase.cpp (working copy) @@ -234,7 +234,8 @@ QSqlDatabase* QSqlDatabaseManager::datab db->open(); #ifdef QT_CHECK_RANGE if ( !db->isOpen() ) - qWarning("QSqlDatabaseManager::database: unable to open database: " + db->lastError().databaseText() + ": " + db->lastError().driverText() ); + qWarning("QSqlDatabaseManager::database: unable to open database: %s: %s", + db->lastError().databaseText().latin1(), db->lastError().driverText().latin1() ); #endif } return db; @@ -686,7 +687,7 @@ void QSqlDatabase::init( const QString& if ( !d->driver ) { #ifdef QT_CHECK_RANGE qWarning( "QSqlDatabase: %s driver not loaded", type.latin1() ); - qWarning( "QSqlDatabase: available drivers: " + drivers().join(" ") ); + qWarning( "QSqlDatabase: available drivers: %s", drivers().join(" ").latin1() ); #endif d->driver = new QNullDriver(); d->driver->setLastError( QSqlError( "Driver not loaded", "Driver not loaded" ) ); --- src/sql/qsqlindex.cpp (revision 658213) +++ src/sql/qsqlindex.cpp (working copy) @@ -273,7 +273,7 @@ QSqlIndex QSqlIndex::fromStringList( con if ( field ) newSort.append( *field, desc ); else - qWarning( "QSqlIndex::fromStringList: unknown field: '" + f + "'" ); + qWarning( "QSqlIndex::fromStringList: unknown field: '%s'", f.latin1()); } return newSort; } --- src/sql/qsqlrecord.cpp (revision 658213) +++ src/sql/qsqlrecord.cpp (working copy) @@ -298,7 +298,7 @@ int QSqlRecord::position( const QString& return i; } #ifdef QT_CHECK_RANGE - qWarning( "QSqlRecord::position: unable to find field " + name ); + qWarning( "QSqlRecord::position: unable to find field %s", name.latin1() ); #endif return -1; } @@ -313,7 +313,7 @@ QSqlField* QSqlRecord::field( int i ) checkDetach(); if ( !sh->d->contains( i ) ) { #ifdef QT_CHECK_RANGE - qWarning( "QSqlRecord::field: index out of range: " + QString::number( i ) ); + qWarning( "QSqlRecord::field: index out of range: %d", i ); #endif return 0; } @@ -344,7 +344,7 @@ const QSqlField* QSqlRecord::field( int { if ( !sh->d->contains( i ) ) { #ifdef QT_CHECK_RANGE - qWarning( "QSqlRecord::field: index out of range: " + QString::number( i ) ); + qWarning( "QSqlRecord::field: index out of range: %d", i ); #endif // QT_CHECK_RANGE return 0; } --- src/tools/qgdict.cpp (revision 658213) +++ src/tools/qgdict.cpp (working copy) @@ -843,11 +843,11 @@ void QGDict::statistics() const QString line; line.fill( '-', 60 ); double real, ideal; - qDebug( line.ascii() ); + qDebug( "%s", line.ascii() ); qDebug( "DICTIONARY STATISTICS:" ); if ( count() == 0 ) { qDebug( "Empty!" ); - qDebug( line.ascii() ); + qDebug( "%s", line.ascii() ); return; } real = 0.0; @@ -868,7 +868,7 @@ void QGDict::statistics() const while ( b-- ) *pbuf++ = '*'; *pbuf = '\0'; - qDebug( buf ); + qDebug( "%s", buf ); i++; } qDebug( "Array size = %d", size() ); @@ -876,7 +876,7 @@ void QGDict::statistics() const qDebug( "Real dist = %g", real ); qDebug( "Rand dist = %g", ideal ); qDebug( "Real/Rand = %g", real/ideal ); - qDebug( line.ascii() ); + qDebug( "%s", line.ascii() ); #endif // QT_DEBUG } --- src/tools/qglobal.cpp (revision 658213) +++ src/tools/qglobal.cpp (working copy) @@ -680,7 +680,7 @@ void qSystemWarning( const char* msg, in if ( code != -1 ) qWarning( "%s\n\tError code %d - %s", msg, code, strerror( code ) ); else - qWarning( msg ); + qWarning( "%s", msg ); #endif #else Q_UNUSED( msg ); --- src/tools/qgcache.cpp (revision 658213) +++ src/tools/qgcache.cpp (working copy) @@ -638,7 +638,7 @@ void QGCache::statistics() const #if defined(QT_DEBUG) QString line; line.fill( '*', 80 ); - qDebug( line.ascii() ); + qDebug( "%s", line.ascii() ); qDebug( "CACHE STATISTICS:" ); qDebug( "cache contains %d item%s, with a total cost of %d", count(), count() != 1 ? "s" : "", tCost ); @@ -659,7 +659,7 @@ void QGCache::statistics() const lruList->dumps != 1 ? "have" : "has", lruList->dumpCosts ); qDebug( "Statistics from internal dictionary class:" ); dict->statistics(); - qDebug( line.ascii() ); + qDebug( "%s", line.ascii() ); #endif } --- src/xml/qsvgdevice.cpp (revision 658213) +++ src/xml/qsvgdevice.cpp (working copy) @@ -978,7 +980,7 @@ bool QSvgDevice::play( const QDomNode &n // ### catch references to embedded .svg files QPixmap pix; if ( !pix.load( href ) ) { - qWarning( "QSvgDevice::play: Couldn't load image "+href ); + qWarning( "QSvgDevice::play: Couldn't load image %s", href.latin1() ); break; } pt->drawPixmap( QRect( x1, y1, w, h ), pix ); @@ -1024,8 +1026,8 @@ bool QSvgDevice::play( const QDomNode &n break; } case InvalidElement: - qWarning( "QSvgDevice::play: unknown element type " + - node.nodeName() ); + qWarning( "QSvgDevice::play: unknown element type %s", + node.nodeName().latin1() ); break; }; @@ -1111,7 +1113,7 @@ double QSvgDevice::parseLen( const QStri { QRegExp reg( QString::fromLatin1("([+-]?\\d*\\.*\\d*[Ee]?[+-]?\\d*)(em|ex|px|%|pt|pc|cm|mm|in|)$") ); if ( reg.search( str ) == -1 ) { - qWarning( "QSvgDevice::parseLen: couldn't parse " + str ); + qWarning( "QSvgDevice::parseLen: couldn't parse %s ", str.latin1() ); if ( ok ) *ok = FALSE; return 0.0; @@ -1140,7 +1142,7 @@ double QSvgDevice::parseLen( const QStri else if ( u == "pc" ) dbl *= m.logicalDpiX() / 6.0; else - qWarning( "QSvgDevice::parseLen: Unknown unit " + u ); + qWarning( "QSvgDevice::parseLen: Unknown unit %s", u.latin1() ); } if ( ok ) *ok = TRUE; --- src/widgets/qtextedit.cpp 2007-07-13 07:38:02 -0000 +++ src/widgets/qtextedit.cpp 2007-07-13 07:38:02 -0000 @@ -6349,7 +6349,7 @@ cur = tag->prev; if ( !cur ) { #ifdef QT_CHECK_RANGE - qWarning( "QTextEdit::optimParseTags: no left-tag for '<" + tag->tag + ">' in line %d.", tag->line + 1 ); + qWarning( "QTextEdit::optimParseTags: no left-tag for '<%s>' in line %d.", tag->tag.ascii(), tag->line + 1 ); #endif return; // something is wrong - give up } @@ -6372,7 +6372,7 @@ break; } else if ( !cur->leftTag ) { #ifdef QT_CHECK_RANGE - qWarning( "QTextEdit::optimParseTags: mismatching %s-tag for '<" + cur->tag + ">' in line %d.", cur->tag[0] == '/' ? "left" : "right", cur->line + 1 ); + qWarning( "QTextEdit::optimParseTags: mismatching %s-tag for '<%s>' in line %d.", cur->tag[0] == '/' ? "left" : "right", cur->tag.ascii(), cur->line + 1 ); #endif return; // something is amiss - give up } ++++++ qcstring-format-warnings.diff ++++++ --- src/tools/qcstring.h (revision 658213) +++ src/tools/qcstring.h (working copy) @@ -161,7 +161,11 @@ public: QCString copy() const; - QCString &sprintf( const char *format, ... ); + QCString &sprintf( const char *format, ... ) +#if defined(Q_CC_GNU) && !defined(__INSURE__) + __attribute__ ((format (printf, 2, 3))) +#endif + ; int find( char c, int index=0, bool cs=TRUE ) const; int find( const char *str, int index=0, bool cs=TRUE ) const; ++++++ use-xrandr-1.2.diff ++++++ --- /var/tmp/diff_new_pack.A27875/_old 2007-08-24 23:53:52.000000000 +0200 +++ /var/tmp/diff_new_pack.A27875/_new 2007-08-24 23:53:52.000000000 +0200 @@ -1,54 +1,32 @@ --- src/kernel/qdesktopwidget_x11.cpp +++ src/kernel/qdesktopwidget_x11.cpp -@@ -111,6 +111,8 @@ QDesktopWidgetPrivate::~QDesktopWidgetPr - if ( workareas ) delete [] workareas; - } +@@ -139,7 +139,8 @@ void QDesktopWidgetPrivate::init() -+extern bool qt_use_xrandr; -+ - void QDesktopWidgetPrivate::init() - { - // get the screen count -@@ -121,11 +123,39 @@ void QDesktopWidgetPrivate::init() - &unused, &unused) && - XineramaIsActive(QPaintDevice::x11AppDisplay())); + // get the geometry of each screen + int i, x, y, w, h; +- for ( i = 0; i < screenCount; i++ ) { ++ int inScreenCount = screenCount; ++ for ( i = 0; i < inScreenCount; i++ ) { -- if (use_xinerama) { -+ // only use xinerama for old Xrandr versions -+#ifndef QT_NO_XRANDR -+ int ncrtc = 0; -+ if (qt_use_xrandr) { -+ int major, minor; -+ -+#if RANDR_MAJOR > 1 || RANDR_MINOR > 1 -+ XRRQueryVersion(QPaintDevice::x11AppDisplay(), &major, &minor); -+ if (major > 1 || (major == 1 && minor >= 2)) { -+ XRRScreenResources* res; -+ res = XRRGetScreenResources(QPaintDevice::x11AppDisplay(), -+ QPaintDevice::x11AppRootWindow( 0 )); -+ if (res) { -+ ncrtc = res->ncrtc; -+ XRRFreeScreenResources(res); -+ } + #ifndef QT_NO_XINERAMA + if (use_xinerama) { +@@ -157,10 +158,19 @@ void QDesktopWidgetPrivate::init() + } + + rects[i].setRect(x, y, w, h); ++ if (i > 0 && rects[i-1].intersects(rects[i]) && ++ (rects[i].width()*rects[i].height()) > ++ (rects[i-1].width()*rects[i-1].height())) { ++ rects[i-1] = rects[i]; ++ screenCount--; + } -+#endif -+ } -+#endif -+ -+ if (use_xinerama) - xinerama_screeninfo = - XineramaQueryScreens(QPaintDevice::x11AppDisplay(), &screenCount); -- defaultScreen = 0; -- } else + workareas[i] = QRect(); + } + + #ifndef QT_NO_XINERAMA ++ if (use_xinerama && screenCount == 1) ++ use_xinerama = false; + -+#ifndef QT_NO_XRANDR -+ if (use_xinerama && screenCount <= ncrtc) { -+ use_xinerama = FALSE; -+ } -+#endif -+ if (use_xinerama) -+ defaultScreen = 0; -+ else + if (xinerama_screeninfo) + XFree(xinerama_screeninfo); #endif // QT_NO_XINERAMA - { - defaultScreen = DefaultScreen(QPaintDevice::x11AppDisplay()); ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org
participants (1)
-
root@Hilbert.suse.de