QHttpSocketEngine/QSslCertificate/OpenSSL: 4 clean picks
QSslCertificate: Guard against accessing empty QByteArray
Fixes oss-fuzz issue 29276.
Pick-to: 5.12 5.15 6.0
Change-Id: I57b0c26e5377bd6b82d9f044ae1d1d13acec996a
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
(cherry picked from commit ce90248882b73b4b816a8550710279e3e55ab64c)QSslCertificate(OpenSSL) - harden protection against nullpointers
An invalid (as input data) certificate may have non-zero number of invalid (nullptr)
extensions (if OpenSSL failed to parse them, for example).
Fixes: QTBUG-89547
Pick-to: 6.0 5.15 5.12
Change-Id: I4b93ac9f482f850f02d01b0aea10560dc11b688d
Reviewed-by: Lars Schmertmann <lars.schmertmann@governikus.de>
Reviewed-by: Alex Blasche <alexander.blasche@qt.io>
(cherry picked from commit f31997448838902eb5237b567f0c80f423f2406e)QHttpSocketEngine: Fix memory leak
The reply needs to be parented or it's not guaranteed to be deleted
Pick-to: 6.2 6.1 5.15
Change-Id: I7cbc31682f80dbbd9fb240fff9e6781cb6ca7b36
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
(cherry picked from commit d8077a0973f362376b69564a730c74e5c9366f8f)Doc: bump the OpenSSL minimum supported version to 1.1.1
Pick-to: 5.15 6.1 6.2
Change-Id: Ibfc8b64be23eb023dafb875f367da98b7c7bb5f6
Reviewed-by: Giuseppe D'Angelo <giuseppe.dangelo@kdab.com>
(cherry picked from commit 418850d55976ca283f1ad92997379df27bb6028a)Edited by Andreas Sturmlechner