3 files changed, 3 insertions, 169 deletions

diff --git a/net/qt5-network/Makefile b/net/qt5-network/Makefile
index c0ec67874b8c..c92c8074b1f0 100644
--- a/net/qt5-network/Makefile
+++ b/net/qt5-network/Makefile
@@ -1,6 +1,5 @@
 PORTNAME=	network
 PORTVERSION=	${QT5_VERSION}${QT5_KDE_PATCH}
-PORTREVISION=	1
 CATEGORIES=	net
 PKGNAMEPREFIX=	qt5-
 
diff --git a/net/qt5-network/distinfo b/net/qt5-network/distinfo
index fe7534db9127..6dd26aff108e 100644
--- a/net/qt5-network/distinfo
+++ b/net/qt5-network/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1703809652
-SHA256 (KDE/Qt/5.15.12/kde-qtbase-5.15.12p148.tar.xz) = bca3c00f7bf842b3ee7c8c3c89ec369c3fb25cfc24bf705c6d1f6ce7e2882c5f
-SIZE (KDE/Qt/5.15.12/kde-qtbase-5.15.12p148.tar.xz) = 50366532
+TIMESTAMP = 1711771153
+SHA256 (KDE/Qt/5.15.13/kde-qtbase-5.15.13p142.tar.xz) = 1fa166c50478b5d09250a352912449e16d6ad73de46275d92d0b4b90abe2dcdb
+SIZE (KDE/Qt/5.15.13/kde-qtbase-5.15.13p142.tar.xz) = 50408504
diff --git a/net/qt5-network/files/patch-security-rollup b/net/qt5-network/files/patch-security-rollup
deleted file mode 100644
index 09cf34ef8b34..000000000000
--- a/net/qt5-network/files/patch-security-rollup
+++ /dev/null
@@ -1,165 +0,0 @@
-From a4d20b51de320a5da2d5f1bf277af8293adc5398 Mon Sep 17 00:00:00 2001
-From: Marc Mutz <marc.mutz@qt.io>
-Date: Tue, 12 Dec 2023 20:51:56 +0100
-Subject: [PATCH] HPack: fix a Yoda Condition
-
-Putting the variable on the LHS of a relational operation makes the
-expression easier to read. In this case, we find that the whole
-expression is nonsensical as an overflow protection, because if
-name.size() + value.size() overflows, the result will exactly _not_
-be > max() - 32, because UB will have happened.
-
-To be fixed in a follow-up commit.
-
-As a drive-by, add parentheses around the RHS.
-
-Change-Id: I35ce598884c37c51b74756b3bd2734b9aad63c09
-Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
-(cherry picked from commit 658607a34ead214fbacbc2cca44915655c318ea9)
-Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
-(cherry picked from commit 4f7efd41740107f90960116700e3134f5e433867)
-(cherry picked from commit 13c16b756900fe524f6d9534e8a07aa003c05e0c)
-(cherry picked from commit 1d4788a39668fb2dc5912a8d9c4272dc40e99f92)
-(cherry picked from commit 87de75b5cc946d196decaa6aef4792a6cac0b6db)
----
- src/network/access/http2/hpacktable.cpp | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/network/access/http2/hpacktable.cpp b/src/network/access/http2/hpacktable.cpp
-index fddb5feca56..3d88cb66f51 100644
---- src/network/access/http2/hpacktable.cpp.orig
-+++ src/network/access/http2/hpacktable.cpp
-@@ -63,7 +63,7 @@ HeaderSize entry_size(const QByteArray &name, const QByteArray &value)
-     // 32 octets of overhead."
- 
-     const unsigned sum = unsigned(name.size() + value.size());
--    if (std::numeric_limits<unsigned>::max() - 32 < sum)
-+    if (sum > (std::numeric_limits<unsigned>::max() - 32))
-         return HeaderSize();
-     return HeaderSize(true, quint32(sum + 32));
- }
-From c379f4ef587d61c9a5b61b5ada57fdadcc8145eb Mon Sep 17 00:00:00 2001
-From: Marc Mutz <marc.mutz@qt.io>
-Date: Tue, 12 Dec 2023 22:08:07 +0100
-Subject: [PATCH] HPack: fix incorrect integer overflow check
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-This code never worked:
-
-For the comparison with max() - 32 to trigger, on 32-bit platforms (or
-Qt 5) signed interger overflow would have had to happen in the
-addition of the two sizes. The compiler can therefore remove the
-overflow check as dead code.
-
-On Qt 6 and 64-bit platforms, the signed integer addition would be
-very unlikely to overflow, but the following truncation to uint32
-would yield the correct result only in a narrow 32-value window just
-below UINT_MAX, if even that.
-
-Fix by using the proper tool, qAddOverflow.
-
-Manual conflict resolutions:
- - qAddOverflow doesn't exist in Qt 5, use private add_overflow
-   predecessor API instead
-
-Change-Id: I7599f2e75ff7f488077b0c60b81022591005661c
-Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
-(cherry picked from commit ee5da1f2eaf8932aeca02ffea6e4c618585e29e3)
-Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
-(cherry picked from commit debeb8878da2dc706ead04b6072ecbe7e5313860)
-Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
-Reviewed-by: Marc Mutz <marc.mutz@qt.io>
-(cherry picked from commit 811b9eef6d08d929af8708adbf2a5effb0eb62d7)
-(cherry picked from commit f931facd077ce945f1e42eaa3bead208822d3e00)
-(cherry picked from commit 9ef4ca5ecfed771dab890856130e93ef5ceabef5)
-Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
----
- src/network/access/http2/hpacktable.cpp | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/src/network/access/http2/hpacktable.cpp b/src/network/access/http2/hpacktable.cpp
-index 3d88cb66f51..315f3e23440 100644
---- src/network/access/http2/hpacktable.cpp.orig
-+++ src/network/access/http2/hpacktable.cpp
-@@ -40,6 +40,7 @@
- #include "hpacktable_p.h"
- 
- #include <QtCore/qdebug.h>
-+#include <QtCore/private/qnumeric_p.h>
- 
- #include <algorithm>
- #include <cstddef>
-@@ -62,7 +63,9 @@ HeaderSize entry_size(const QByteArray &name, const QByteArray &value)
-     // for counting the number of references to the name and value would have
-     // 32 octets of overhead."
- 
--    const unsigned sum = unsigned(name.size() + value.size());
-+    size_t sum;
-+    if (add_overflow(size_t(name.size()), size_t(value.size()), &sum))
-+        return HeaderSize();
-     if (sum > (std::numeric_limits<unsigned>::max() - 32))
-         return HeaderSize();
-     return HeaderSize(true, quint32(sum + 32));
-From 8907dedc858cc344d770a2e826d6acc516429540 Mon Sep 17 00:00:00 2001
-From: Marc Mutz <marc.mutz@qt.io>
-Date: Tue, 19 Dec 2023 14:22:37 +0100
-Subject: [PATCH] Http2: fix potential overflow in assemble_hpack_block()
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-The function is given a vector of Http2::Frame's and flattens it into
-a vector<uchar>. While each Frame can contain a maximum of 16GiB of
-data (24-bit size field), one "only" needs 257 of them to overflow the
-quint32 variable's range.
-
-So make sure any overflow does not go undetected.
-
-Keep the limited uint32_t range for now, as we don't know whether all
-consumers of the result can deal with more than 4GiB of data.
-
-Since all these frames must be in memory, this cannot overflow in
-practice on 32-bit machines.
-
-Pick-to: 6.7 6.6 6.5 6.2 5.15
-Change-Id: Iafaa7d1c870cba9100e75065db11d95934f86213
-Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
-(cherry picked from commit 1e6bb61af3ae29755f93b92f157df026f934ae61)
-
-* asturmlechner 2024-01-02: Use correct include for 5.15
----
- src/network/access/qhttp2protocolhandler.cpp | 8 ++++++--
- 1 file changed, 6 insertions(+), 2 deletions(-)
-
-diff --git a/src/network/access/qhttp2protocolhandler.cpp b/src/network/access/qhttp2protocolhandler.cpp
-index 39dd460881a..ead88d781ae 100644
---- src/network/access/qhttp2protocolhandler.cpp.orig
-+++ src/network/access/qhttp2protocolhandler.cpp
-@@ -46,10 +46,12 @@
- #include <private/qnoncontiguousbytedevice_p.h>
- 
- #include <QtNetwork/qabstractsocket.h>
-+
- #include <QtCore/qloggingcategory.h>
- #include <QtCore/qendian.h>
- #include <QtCore/qdebug.h>
- #include <QtCore/qlist.h>
-+#include <QtCore/private/qnumeric_p.h>
- #include <QtCore/qurl.h>
- 
- #include <qhttp2configuration.h>
-@@ -124,8 +126,10 @@ std::vector<uchar> assemble_hpack_block(const std::vector<Http2::Frame> &frames)
-     std::vector<uchar> hpackBlock;
- 
-     quint32 total = 0;
--    for (const auto &frame : frames)
--        total += frame.hpackBlockSize();
-+    for (const auto &frame : frames) {
-+        if (add_overflow(total, frame.hpackBlockSize(), &total))
-+            return hpackBlock;
-+    }
- 
-     if (!total)
-         return hpackBlock;