qtdeclarative-opensource-src - Debian Package Tracker

general

source: qtdeclarative-opensource-src (main)
version: 5.15.17+dfsg-3
maintainer: Debian Qt/KDE Maintainers (archive) (DMD)
uploaders: Sune Vuorela [DMD] – Pino Toscano [DMD] – Dmitry Shachnev [DMD] – Simon Quigley [DMD]
arch: all any
std-ver: 4.7.2
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 5.15.2+dfsg-6
oldstable: 5.15.8+dfsg-3
stable: 5.15.15+dfsg-3
testing: 5.15.17+dfsg-3
unstable: 5.15.17+dfsg-3

versioned links

5.15.2+dfsg-6: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.15.8+dfsg-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.15.15+dfsg-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.15.17+dfsg-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libqt5qml5 (2 bugs: 0, 2, 0, 0)
libqt5qmlmodels5
libqt5qmlworkerscript5
libqt5quick5 (1 bugs: 0, 1, 0, 0)
libqt5quickparticles5
libqt5quickshapes5
libqt5quicktest5
libqt5quickwidgets5
qml
qml-module-qt-labs-animation
qml-module-qt-labs-folderlistmodel
qml-module-qt-labs-qmlmodels
qml-module-qt-labs-settings
qml-module-qt-labs-sharedimage
qml-module-qt-labs-wavefrontmesh
qml-module-qtqml
qml-module-qtqml-models2
qml-module-qtqml-statemachine
qml-module-qtqml-workerscript2
qml-module-qtquick-layouts
qml-module-qtquick-localstorage
qml-module-qtquick-particles2
qml-module-qtquick-shapes
qml-module-qtquick-window2
qml-module-qtquick2
qml-module-qttest
qmlscene
qt5-qmltooling-plugins
qtdeclarative5-dev
qtdeclarative5-dev-tools (1 bugs: 0, 1, 0, 0)
qtdeclarative5-doc
qtdeclarative5-doc-dev
qtdeclarative5-doc-html
qtdeclarative5-examples (1 bugs: 0, 1, 0, 0)
qtdeclarative5-private-dev

action needed

A new upstream version is available: 5.15.18 high

A new upstream version 5.15.18 is available, you should consider packaging it.

Created: 2025-11-27 Last update: 2025-12-10 16:01

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2025-12385: Allocation of Resources Without Limits or Throttling, Improper Validation of Specified Quantity in Input vulnerability in The Qt Company Qt on Windows, MacOS, Linux, iOS, Android, x86, ARM, 64 bit, 32 bit allows Excessive Allocation. This issue affects users of the Text component in Qt Quick. Missing validation of the width and height in the <img> tag could cause an application to become unresponsive. This issue affects Qt: from 5.0.0 through 6.5.10, from 6.6.0 through 6.8.5, from 6.9.0 through 6.10.0.

Created: 2025-12-05 Last update: 2025-12-08 05:30

1 security issue in forky high

There is 1 open security issue in forky.

1 important issue:

CVE-2025-12385: Allocation of Resources Without Limits or Throttling, Improper Validation of Specified Quantity in Input vulnerability in The Qt Company Qt on Windows, MacOS, Linux, iOS, Android, x86, ARM, 64 bit, 32 bit allows Excessive Allocation. This issue affects users of the Text component in Qt Quick. Missing validation of the width and height in the <img> tag could cause an application to become unresponsive. This issue affects Qt: from 5.0.0 through 6.5.10, from 6.6.0 through 6.8.5, from 6.9.0 through 6.10.0.

Created: 2025-12-05 Last update: 2025-12-08 05:30

lintian reports 1 error and 1 warning high

Lintian reports 1 error and 1 warning about this package. You should make the package lintian clean getting rid of them.

Created: 2025-09-30 Last update: 2025-09-30 12:01

debian/patches: 1 patch with invalid metadata, 7 patches to forward upstream high

Among the 10 debian patches available in version 5.15.17+dfsg-3 of the package, we noticed the following issues:

1 patch with invalid metadata that ought to be fixed.
7 patches where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.

Created: 2023-02-26 Last update: 2025-09-30 09:33

Does not build reproducibly during testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2025-11-28 Last update: 2025-12-10 21:30

1 bug tagged patch in the BTS normal

The BTS contains patches fixing 1 bug, consider including or untagging them.

Created: 2025-01-06 Last update: 2025-12-10 21:00

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 5.15.17+dfsg-4, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 5f1f7f883a6d215135f148e19f58301e2ebdf022
Author: Dmitry Shachnev <mitya57@debian.org>
Date:   Tue Dec 9 19:03:46 2025 +0300

    Update symbols files from buildds’ logs.

commit e2a273930c7083b46ad6a6b53a77a71311968aa3
Author: Dmitry Shachnev <mitya57@debian.org>
Date:   Tue Dec 9 18:58:39 2025 +0300

    Backport upstream patches to fix CVE-2025-12385.
    
    Closes: #1122055.

commit 274e14c556bcc77c371834d6a86f22b84ad80ca4
Author: Dmitry Shachnev <mitya57@debian.org>
Date:   Tue Dec 9 18:52:06 2025 +0300

    Start a new changelog entry.

Created: 2025-12-09 Last update: 2025-12-09 18:00

Multiarch hinter reports 3 issue(s) low

There are issues with the multiarch metadata for this package.

qtdeclarative5-doc could be marked Multi-Arch: foreign
qtdeclarative5-doc-dev could be marked Multi-Arch: foreign
qtdeclarative5-doc-html could be marked Multi-Arch: foreign

Created: 2016-09-14 Last update: 2025-12-10 15:30

1 low-priority security issue in trixie low

There is 1 open security issue in trixie.

1 issue left for the package maintainer to handle:

CVE-2025-12385: (needs triaging) Allocation of Resources Without Limits or Throttling, Improper Validation of Specified Quantity in Input vulnerability in The Qt Company Qt on Windows, MacOS, Linux, iOS, Android, x86, ARM, 64 bit, 32 bit allows Excessive Allocation. This issue affects users of the Text component in Qt Quick. Missing validation of the width and height in the <img> tag could cause an application to become unresponsive. This issue affects Qt: from 5.0.0 through 6.5.10, from 6.6.0 through 6.8.5, from 6.9.0 through 6.10.0.

You can find information about how to handle this issue in the security team's documentation.

Created: 2025-12-05 Last update: 2025-12-08 05:30

1 low-priority security issue in bookworm low

There is 1 open security issue in bookworm.

1 issue left for the package maintainer to handle:

CVE-2025-12385: (needs triaging) Allocation of Resources Without Limits or Throttling, Improper Validation of Specified Quantity in Input vulnerability in The Qt Company Qt on Windows, MacOS, Linux, iOS, Android, x86, ARM, 64 bit, 32 bit allows Excessive Allocation. This issue affects users of the Text component in Qt Quick. Missing validation of the width and height in the <img> tag could cause an application to become unresponsive. This issue affects Qt: from 5.0.0 through 6.5.10, from 6.6.0 through 6.8.5, from 6.9.0 through 6.10.0.

You can find information about how to handle this issue in the security team's documentation.

Created: 2025-12-05 Last update: 2025-12-08 05:30

news

[rss feed]

[2025-10-05] qtdeclarative-opensource-src 5.15.17+dfsg-3 MIGRATED to testing (Debian testing watch)
[2025-09-29] Accepted qtdeclarative-opensource-src 5.15.17+dfsg-3 (source) into unstable (Pino Toscano)
[2025-09-10] qtdeclarative-opensource-src 5.15.17+dfsg-2 MIGRATED to testing (Debian testing watch)
[2025-09-01] Accepted qtdeclarative-opensource-src 5.15.17+dfsg-2 (source) into unstable (Dmitry Shachnev)
[2025-07-05] Accepted qtdeclarative-opensource-src 5.15.17+dfsg-1 (source) into experimental (Dmitry Shachnev)
[2025-02-03] Accepted qtdeclarative-opensource-src 5.15.16+dfsg-1 (source) into experimental (Dmitry Shachnev)
[2024-11-12] qtdeclarative-opensource-src 5.15.15+dfsg-3 MIGRATED to testing (Debian testing watch)
[2024-11-07] Accepted qtdeclarative-opensource-src 5.15.15+dfsg-3 (source) into unstable (Dmitry Shachnev)
[2024-11-06] qtdeclarative-opensource-src 5.15.15+dfsg-2 MIGRATED to testing (Debian testing watch)
[2024-10-25] Accepted qtdeclarative-opensource-src 5.15.15+dfsg-2 (source) into unstable (Dmitry Shachnev)
[2024-09-02] Accepted qtdeclarative-opensource-src 5.15.15+dfsg-1 (source) into experimental (Dmitry Shachnev)
[2024-05-31] qtdeclarative-opensource-src 5.15.13+dfsg-2 MIGRATED to testing (Debian testing watch)
[2024-05-21] Accepted qtdeclarative-opensource-src 5.15.13+dfsg-2 (source) into unstable (Dmitry Shachnev)
[2024-03-09] Accepted qtdeclarative-opensource-src 5.15.13+dfsg-1 (source) into experimental (Dmitry Shachnev)
[2023-12-23] Accepted qtdeclarative-opensource-src 5.15.12+dfsg-1 (source) into experimental (Dmitry Shachnev)
[2023-11-18] Accepted qtdeclarative-opensource-src 5.15.11+dfsg-1 (source) into experimental (Dmitry Shachnev)
[2023-07-27] qtdeclarative-opensource-src 5.15.10+dfsg-2 MIGRATED to testing (Debian testing watch)
[2023-07-08] Accepted qtdeclarative-opensource-src 5.15.10+dfsg-2 (source) into unstable (Dmitry Shachnev)
[2023-06-11] Accepted qtdeclarative-opensource-src 5.15.10+dfsg-1 (source) into experimental (Dmitry Shachnev)
[2023-04-16] Accepted qtdeclarative-opensource-src 5.15.9+dfsg-1 (source) into experimental (Dmitry Shachnev)
[2023-03-09] qtdeclarative-opensource-src 5.15.8+dfsg-3 MIGRATED to testing (Debian testing watch)
[2023-02-26] Accepted qtdeclarative-opensource-src 5.15.8+dfsg-3 (source) into unstable (Dmitry Shachnev)
[2023-01-22] qtdeclarative-opensource-src 5.15.8+dfsg-2 MIGRATED to testing (Debian testing watch)
[2023-01-13] Accepted qtdeclarative-opensource-src 5.15.8+dfsg-2 (source) into unstable (Dmitry Shachnev)
[2023-01-05] Accepted qtdeclarative-opensource-src 5.15.8+dfsg-1 (source) into experimental (Dmitry Shachnev)
[2022-12-30] qtdeclarative-opensource-src 5.15.7+dfsg-2 MIGRATED to testing (Debian testing watch)
[2022-12-17] Accepted qtdeclarative-opensource-src 5.15.7+dfsg-2 (source) into unstable (Dmitry Shachnev)
[2022-11-19] Accepted qtdeclarative-opensource-src 5.15.7+dfsg-1 (source) into experimental (Simon Quigley)
[2022-10-28] qtdeclarative-opensource-src 5.15.6+dfsg-2 MIGRATED to testing (Debian testing watch)
[2022-09-29] Accepted qtdeclarative-opensource-src 5.15.6+dfsg-2 (source) into unstable (Dmitry Shachnev)

bugs [bug history graph]

all: 9
RC: 0
I&N: 7
M&W: 2
F&P: 0
patch: 1

links

homepage
lintian (1, 1)
buildd: logs, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
debian patches

ubuntu

[Information about Ubuntu for Debian Developers]

version: 5.15.17+dfsg-3
58 bugs