From 4d0615f14d06bb876284695cab4ea79108fcda92 Mon Sep 17 00:00:00 2001
From: Ken Moffat <ken@linuxfromscratch.org>
Date: Mon, 21 Jun 2021 19:12:00 +0100
Subject: [PATCH] Patch a security vulnerability in QtSVG.

I remeasured Qt to accound for gcc-11.1.0.
---
 introduction/welcome/changelog.xml | 10 ++++++++++
 x/lib/qt5.xml                      | 20 ++++++++++++++++++--
 2 files changed, 28 insertions(+), 2 deletions(-)

diff --git a/introduction/welcome/changelog.xml b/introduction/welcome/changelog.xml
index 7fee943317..e2e3601b98 100644
--- a/introduction/welcome/changelog.xml
+++ b/introduction/welcome/changelog.xml
@@ -42,6 +42,16 @@
     </listitem>
     -->
 
+    <listitem>
+      <para>June 21st, 2021</para>
+      <itemizedlist>
+        <listitem>
+          <para>[ken] - Patch Qt-5.15.2 (security fix re qtsvg). Fixes
+          <ulink url="&blfs-ticket-root;15197">#15197</ulink>.</para>
+        </listitem>
+      </itemizedlist>
+    </listitem>
+
     <listitem>
       <para>June 20th, 2021</para>
       <itemizedlist>
diff --git a/x/lib/qt5.xml b/x/lib/qt5.xml
index 5e0249120a..c339d0b77b 100644
--- a/x/lib/qt5.xml
+++ b/x/lib/qt5.xml
@@ -11,7 +11,7 @@
   <!ENTITY qt5-download-ftp  " ">
   <!ENTITY qt5-md5sum        "e1447db4f06c841d8947f0a6ce83a7b5">
   <!ENTITY qt5-size          "560 MB">
-  <!ENTITY qt5-buildsize     "14 GB (255 MB installed)">
+  <!ENTITY qt5-buildsize     "15 GB (257 MB installed)">
   <!ENTITY qt5-time          "22 SBU (using parallelism=4)">
 ]>
 
@@ -77,6 +77,16 @@
       </listitem>
     </itemizedlist>
 
+    <bridgehead renderas="sect3">Additional Downloads</bridgehead>
+    <itemizedlist spacing="compact">
+      <listitem>
+        <para>
+          Required patch:
+          <ulink url="&patch-root;/qt-everywhere-src-&qt5-version;-CVE-2021-3481-1.patch"/>
+        </para>
+      </listitem>
+    </itemizedlist>
+
     <bridgehead renderas="sect3">Qt5 Dependencies</bridgehead>
 
     <bridgehead renderas="sect4">Required</bridgehead>
@@ -246,7 +256,13 @@ ln -sfnv qt-&qt5-version; /opt/qt5</userinput></screen>
     </note>
 
     <para>
-      First fix some issues using gcc-11:
+      First apply a patch to fix an Out Of Bounds read in QtSVG:
+    </para>
+
+<screen><userinput remap="pre">patch -Np1 -i ../qt-everywhere-src-&qt5-version;-CVE-2021-3481-1.patch</userinput></screen>
+
+    <para>
+      Next fix some issues using gcc-11:
     </para>
 
 <screen><userinput>sed -i '/utility/a #include &lt;limits&gt;'     qtbase/src/corelib/global/qglobal.h         &amp;&amp;