[Development] How do I fix a vulnerability in Qt. I forward the question to someone, or should I write the code myself?
Lars Knoll
lars.knoll at qt.io
Thu Jul 9 12:48:18 CEST 2020
> On 8 Jul 2020, at 19:02, Thiago Macieira <thiago.macieira at intel.com> wrote:
>
> On Wednesday, 8 July 2020 09:44:33 PDT Bruno Crocamo wrote:
>> An organization may need to remove sensitive information from a PDF
>> document to share an ostentatious version. Adobe software is one way to do
>> this. However, depending on the program used to render the PDF, the removal
>> may fail in part due to the fact that the CMap object reflects the order in
>> which the characters appear in the text. This would be the case for PDF
>> documents generated using Qt.
>
> I see. Thanks, this explanation above should be in your commit message.
The easiest fix for this would probably be to simply change the "QList<int> glyph_indices;" in QFontSubset to a QSet.
Cheers,
Lars
More information about the Development
mailing list