-
Task
-
Resolution: Unresolved
-
P1: Critical
-
None
-
None
-
-
3
-
61a9510ea (dev), f7fd1f55c (dev), df01d275f (dev), d6c345610 (tqtc/lts-6.8), daefa1eb9 (6.10), 041a6c3ec (6.10), 62e36af01 (6.10), cb9204f1a (6.10), 77a4d8ab8 (6.10), 0682d9bd2 (tqtc/lts-6.8), 93246abcd (tqtc/lts-6.8), 9528e6aeb (tqtc/lts-6.8)
-
Foundation Sprint 132, Foundation Sprint 133, Foundation Sprint 134, Foundation Sprint 135, Foundation Sprint 136, Foundation Sprint 137, Foundation Sprint 138, Foundation Sprint 139
Review all source code and header files in the Qt source code sub directory mentioned in the summary of this task. Marking this task as done implies that every file was reviewed and assessed for its criticality according to QUIP 23. Alternatively if no file was marked, it implies that no code section was deemed to be critical from a security perspective.
For more context information about this task please check the description of the epic associated with this task.
- resulted in
-
QTBUG-138630 QLocale::toUpper() is not 64-bit-safe on Windows
-
- Reported
-
-
QTBUG-138583 QLocale::toUpper() is not 64-bit-safe on ICU
-
- Open
-
-
QTBUG-138659 QTextBoundaryFinder is copyable (deep-copies lookup tables), but not movable
-
- Closed
-
-
QTBUG-138582 QSystemLocaleData/Unix relocks environmentMutex many times for one update
-
- Open
-
-
QTBUG-140091 Missing move SMFs disable move semantics for Boyer-Moore searchers
-
- Open
-
-
QTBUG-138860 qvsnprintf() incorrectly reports success when it should report EOVERFLOW
-
- Closed
-
For Gerrit Dashboard: QTBUG-135195 | ||||||
---|---|---|---|---|---|---|
# | Subject | Branch | Project | Status | CR | V |
674701,4 | Mark string collation classes as security-critical | dev | qt/qtbase | Status: NEW | +1 | 0 |
679834,3 | Mark remaining corelib/text/*.qdoc files are insignificant | dev | qt/qtbase | Status: NEW | -2 | 0 |
680095,2 | Mark QUnicodeTools as security-critical | tqtc/lts-6.8 | qt/tqtc-qtbase | Status: NEW | 0 | 0 |
630559,5 | Mark QByteArray and QString as security-critical | dev | qt/qtbase | Status: MERGED | +2 | 0 |
630618,6 | Mark QRegularExpression* classes as security-critical | dev | qt/qtbase | Status: MERGED | +2 | 0 |
641115,2 | Mark QByteArray and QString as security-critical | 6.9 | qt/qtbase | Status: MERGED | +2 | 0 |
641117,2 | Mark QRegularExpression* classes as security-critical | 6.9 | qt/qtbase | Status: MERGED | +2 | 0 |
641216,2 | Mark QByteArray and QString as security-critical | tqtc/lts-6.8 | qt/tqtc-qtbase | Status: MERGED | +2 | 0 |
641218,2 | Mark QRegularExpression* classes as security-critical | tqtc/lts-6.8 | qt/tqtc-qtbase | Status: MERGED | +2 | 0 |
662490,2 | Mark qlocale_<os>.cpp's as security-critical | dev | qt/qtbase | Status: MERGED | +2 | 0 |
662684,2 | Mark qlocale_<os>.cpp's as security-critical | 6.10 | qt/qtbase | Status: MERGED | +2 | 0 |
662721,2 | Mark qlocale_<os>.cpp's as security-critical | 6.9 | qt/qtbase | Status: MERGED | +2 | 0 |
662737,3 | Mark qlocale_<os>.cpp's as security-critical | tqtc/lts-6.8 | qt/tqtc-qtbase | Status: MERGED | +2 | 0 |
665241,3 | Mark qvsnprintf as security-critical | dev | qt/qtbase | Status: MERGED | +2 | 0 |
665392,2 | Mark qvsnprintf as security-critical | 6.10 | qt/qtbase | Status: MERGED | +2 | 0 |
665441,2 | Mark qvsnprintf as security-critical | 6.9 | qt/qtbase | Status: MERGED | +2 | 0 |
665458,3 | Mark qvsnprintf as security-critical | tqtc/lts-6.8 | qt/tqtc-qtbase | Status: MERGED | +2 | 0 |
674687,2 | Mark string view classes as security-critical | dev | qt/qtbase | Status: MERGED | +2 | 0 |
674703,2 | QString: mark MIPS assembly file as security-critical | dev | qt/qtbase | Status: MERGED | +2 | 0 |
674707,2 | Mark qlocale_tools_p.h as security-critical | dev | qt/qtbase | Status: MERGED | +2 | 0 |
674708,3 | QLocale: mark qlocale_mac.mm as security-critical | dev | qt/qtbase | Status: MERGED | +2 | 0 |
674807,2 | QLocale: mark the header as security-significant | dev | qt/qtbase | Status: MERGED | +2 | 0 |
674815,2 | Mark the deprecation header for QStringConverterBase | dev | qt/qtbase | Status: MERGED | +2 | 0 |
674824,2 | Mark qstringfwd.h as header-decl-only | dev | qt/qtbase | Status: MERGED | +2 | 0 |
674880,2 | QString: mark MIPS assembly file as security-critical | 6.10 | qt/qtbase | Status: MERGED | +2 | 0 |
674907,2 | QLocale: mark qlocale_mac.mm as security-critical | 6.10 | qt/qtbase | Status: MERGED | +2 | 0 |
674908,2 | QLocale: mark the header as security-significant | 6.10 | qt/qtbase | Status: MERGED | +2 | 0 |
674910,1 | Mark the deprecation header for QStringConverterBase | 6.10 | qt/qtbase | Status: ABANDONED | 0 | 0 |
674911,2 | Mark qstringfwd.h as header-decl-only | 6.10 | qt/qtbase | Status: MERGED | +2 | 0 |
674924,2 | QString: mark MIPS assembly file as security-critical | 6.9 | qt/qtbase | Status: MERGED | +2 | 0 |
674925,2 | QString: mark MIPS assembly file as security-critical | 6.10.0 | qt/qtbase | Status: MERGED | +2 | 0 |
675051,3 | Mark qlocale_data_p.h as security-critical | dev | qt/qtbase | Status: MERGED | +2 | 0 |
675076,3 | Mark qtextboundaryfinder.h as trivial-impl-only | dev | qt/qtbase | Status: MERGED | +2 | 0 |
675171,2 | Mark qtextboundaryfinder.h as trivial-impl-only | 6.10 | qt/qtbase | Status: MERGED | +2 | 0 |
675185,2 | QLocale: mark qlocale_mac.mm as security-critical | 6.10.0 | qt/qtbase | Status: MERGED | +2 | 0 |
675186,2 | QLocale: mark qlocale_mac.mm as security-critical | 6.9 | qt/qtbase | Status: MERGED | +2 | 0 |
675189,2 | QLocale: mark the header as security-significant | 6.10.0 | qt/qtbase | Status: MERGED | +2 | 0 |
675190,2 | QLocale: mark the header as security-significant | 6.9 | qt/qtbase | Status: MERGED | +2 | 0 |
675196,2 | Mark qstringfwd.h as header-decl-only | 6.10.0 | qt/qtbase | Status: MERGED | +2 | 0 |
675197,2 | Mark qstringfwd.h as header-decl-only | 6.9 | qt/qtbase | Status: MERGED | +2 | 0 |
675246,3 | QLocale: mark qlocale_mac.mm as security-critical | tqtc/lts-6.8 | qt/tqtc-qtbase | Status: MERGED | +2 | 0 |
675371,3 | QString: mark MIPS assembly file as security-critical | tqtc/lts-6.8 | qt/tqtc-qtbase | Status: MERGED | +2 | 0 |
675444,2 | Mark qtextboundaryfinder.h as trivial-impl-only | 6.10.0 | qt/qtbase | Status: MERGED | +2 | 0 |
675445,2 | Mark qtextboundaryfinder.h as trivial-impl-only | 6.9 | qt/qtbase | Status: MERGED | +2 | 0 |
675459,3 | QLocale: mark the header as security-significant | tqtc/lts-6.8 | qt/tqtc-qtbase | Status: MERGED | +2 | 0 |
675464,3 | Mark qstringfwd.h as header-decl-only | tqtc/lts-6.8 | qt/tqtc-qtbase | Status: MERGED | +2 | 0 |
675923,3 | Mark qtextboundaryfinder.h as trivial-impl-only | tqtc/lts-6.8 | qt/tqtc-qtbase | Status: MERGED | +2 | 0 |
677970,2 | Mark string view classes as security-critical | 6.10 | qt/qtbase | Status: MERGED | +2 | 0 |
677971,2 | Mark qlocale_tools_p.h as security-critical | 6.10 | qt/qtbase | Status: MERGED | +2 | 0 |
677972,2 | Mark qlocale_data_p.h as security-critical | 6.10 | qt/qtbase | Status: MERGED | +2 | 0 |
678015,4 | Fix Qt-Security score:(sensitive => significant) | dev | qt/qtbase | Status: MERGED | +2 | 0 |
678033,2 | Mark qlocale_data_p.h as security-critical | 6.10.0 | qt/qtbase | Status: MERGED | +2 | 0 |
678034,2 | Mark string view classes as security-critical | 6.10.0 | qt/qtbase | Status: MERGED | +2 | 0 |
678035,2 | Mark qlocale_tools_p.h as security-critical | 6.10.0 | qt/qtbase | Status: MERGED | +2 | 0 |
678039,4 | Mark string view classes as security-critical | tqtc/lts-6.8 | qt/tqtc-qtbase | Status: MERGED | +2 | 0 |
678040,2 | Mark qlocale_data_p.h as security-critical | tqtc/lts-6.8 | qt/tqtc-qtbase | Status: MERGED | +2 | 0 |
678041,3 | Mark qlocale_tools_p.h as security-critical | tqtc/lts-6.8 | qt/tqtc-qtbase | Status: MERGED | +2 | 0 |
678267,3 | Mark qregularexpression.h as security-significant | dev | qt/qtbase | Status: MERGED | +2 | 0 |
678270,1 | Mark QStringLiteral as security-significant (=default) | dev | qt/qtbase | Status: ABANDONED | +2 | 0 |
678287,2 | Mark QStringList as security-significant (=default) | dev | qt/qtbase | Status: MERGED | +2 | 0 |
678358,3 | Fix Qt-Security score:(sensitive => significant) | 6.10 | qt/qtbase | Status: MERGED | +2 | 0 |
678379,3 | Mark qdoublescanprint_p.h as security-critical | dev | qt/qtbase | Status: MERGED | +2 | 0 |
678382,2 | Mark qstringalgorithms headers as security-critical | dev | qt/qtbase | Status: MERGED | +2 | 0 |
678449,2 | Mark qregularexpression.h as security-significant | 6.10 | qt/qtbase | Status: MERGED | +2 | 0 |
678451,2 | Mark QStringList as security-significant (=default) | 6.10 | qt/qtbase | Status: MERGED | +2 | 0 |
678525,3 | Mark qregularexpression.h as security-significant | tqtc/lts-6.8 | qt/tqtc-qtbase | Status: MERGED | +2 | 0 |
678530,3 | Mark QStringList as security-significant (=default) | tqtc/lts-6.8 | qt/tqtc-qtbase | Status: MERGED | +2 | 0 |
678592,2 | Mark qstringalgorithms headers as security-critical | 6.10 | qt/qtbase | Status: MERGED | +2 | 0 |
678710,3 | Mark qstringalgorithms headers as security-critical | tqtc/lts-6.8 | qt/tqtc-qtbase | Status: MERGED | +2 | 0 |
678737,2 | Mark qdoublescanprint_p.h as security-critical | 6.10 | qt/qtbase | Status: MERGED | +2 | 0 |
678763,2 | Fix Qt-Security score:(sensitive => significant) | 6.10.0 | qt/qtbase | Status: MERGED | +2 | 0 |
678765,3 | Fix Qt-Security score:(sensitive => significant) | tqtc/lts-6.8 | qt/tqtc-qtbase | Status: MERGED | +2 | 0 |
678795,3 | Mark qdoublescanprint_p.h as security-critical | tqtc/lts-6.8 | qt/tqtc-qtbase | Status: MERGED | +2 | 0 |
678858,3 | Mark qbytedata_p.h as security-critical | dev | qt/qtbase | Status: MERGED | +2 | 0 |
679051,2 | Mark qbytedata_p.h as security-critical | 6.10 | qt/qtbase | Status: MERGED | +2 | 0 |
679651,3 | Mark qbytedata_p.h as security-critical | tqtc/lts-6.8 | qt/tqtc-qtbase | Status: MERGED | +2 | 0 |
679800,2 | Mark QUnicodeTables as security-significant (= default) | dev | qt/qtbase | Status: MERGED | +2 | 0 |
679802,2 | Mark Unicode data explicitly not security-critical | dev | qt/qtbase | Status: MERGED | +2 | 0 |
679814,2 | Mark QUnicodeTools as security-critical | dev | qt/qtbase | Status: MERGED | +2 | 0 |
679815,2 | Mark QStringBuilder as security-critical | dev | qt/qtbase | Status: MERGED | +2 | 0 |
679833,2 | Mark qformat_impl.h as security-significant | dev | qt/qtbase | Status: MERGED | +2 | 0 |
679881,1 | Mark the deprecation header for QStringConverterBase | 6.10.0 | qt/qtbase | Status: ABANDONED | +2 | 0 |
680044,2 | Mark QUnicodeTables as security-significant (= default) | 6.10 | qt/qtbase | Status: MERGED | +2 | 0 |
680045,2 | Mark Unicode data explicitly not security-critical | 6.10 | qt/qtbase | Status: MERGED | +2 | 0 |
680046,2 | Mark QUnicodeTools as security-critical | 6.10 | qt/qtbase | Status: MERGED | +2 | 0 |
680047,2 | Mark QStringBuilder as security-critical | 6.10 | qt/qtbase | Status: MERGED | +2 | 0 |
680048,2 | Mark qformat_impl.h as security-significant | 6.10 | qt/qtbase | Status: MERGED | +2 | 0 |
680091,2 | Mark QUnicodeTables as security-significant (= default) | tqtc/lts-6.8 | qt/tqtc-qtbase | Status: MERGED | +2 | 0 |
680094,2 | Mark Unicode data explicitly not security-critical | tqtc/lts-6.8 | qt/tqtc-qtbase | Status: MERGED | +2 | 0 |
680096,3 | Mark QStringBuilder as security-critical | tqtc/lts-6.8 | qt/tqtc-qtbase | Status: MERGED | +2 | 0 |