2 files changed, 24 insertions, 0 deletions

diff --git a/dev-qt/qtbase/files/qtbase-6.7.0-CVE-2024-33861.patch b/dev-qt/qtbase/files/qtbase-6.7.0-CVE-2024-33861.patch
new file mode 100644
index 000000000000..0a73d721612b
--- /dev/null
+++ b/dev-qt/qtbase/files/qtbase-6.7.0-CVE-2024-33861.patch
@@ -0,0 +1,23 @@
+https://bugs.gentoo.org/931096
+https://www.qt.io/blog/security-advisory-qstringconverter
+https://codereview.qt-project.org/c/qt/qtbase/+/556191
+--- a/src/corelib/text/qstringconverter.cpp
++++ b/src/corelib/text/qstringconverter.cpp
+@@ -1954,7 +1954,7 @@ struct QStringConverterICU : QStringConverter
+         const void *context;
+         ucnv_getToUCallBack(icu_conv, &action, &context);
+         if (context != state)
+-             ucnv_setToUCallBack(icu_conv, action, &state, nullptr, nullptr, &err);
++             ucnv_setToUCallBack(icu_conv, action, state, nullptr, nullptr, &err);
+ 
+         ucnv_toUnicode(icu_conv, &target, targetLimit, &source, sourceLimit, nullptr, flush, &err);
+         // We did reserve enough space:
+@@ -1987,7 +1987,7 @@ struct QStringConverterICU : QStringConverter
+         const void *context;
+         ucnv_getFromUCallBack(icu_conv, &action, &context);
+         if (context != state)
+-             ucnv_setFromUCallBack(icu_conv, action, &state, nullptr, nullptr, &err);
++             ucnv_setFromUCallBack(icu_conv, action, state, nullptr, nullptr, &err);
+ 
+         ucnv_fromUnicode(icu_conv, &target, targetLimit, &source, sourceLimit, nullptr, flush, &err);
+         // We did reserve enough space:
diff --git a/dev-qt/qtbase/qtbase-6.7.0-r1.ebuild b/dev-qt/qtbase/qtbase-6.7.0-r2.ebuild
index 23c59f62fc8d..203bcb3c6d6f 100644
--- a/dev-qt/qtbase/qtbase-6.7.0-r1.ebuild
+++ b/dev-qt/qtbase/qtbase-6.7.0-r2.ebuild
@@ -141,6 +141,7 @@ PATCHES=(
 	"${FILESDIR}"/${PN}-6.6.3-gcc14-avx512fp16.patch
 	"${FILESDIR}"/${PN}-6.6.3-pkgconf-deps.patch
 	"${FILESDIR}"/${PN}-6.7.0-qspan-ifdef.patch
+	"${FILESDIR}"/${PN}-6.7.0-CVE-2024-33861.patch
 )
 
 src_prepare() {