From 878533ff2cc26df398e586ba989b64919a49103c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sl=C3=A1vek=20Banko?= <slavek.banko@axis.cz>
Date: Thu, 26 Jul 2018 18:33:03 +0200
Subject: Fix security issue CVE-2016-10040 [taken from RedHat Qt3 patches]
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Slávek Banko <slavek.banko@axis.cz>
---
 src/xml/ntqxml.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/xml/ntqxml.h b/src/xml/ntqxml.h
index f729b6ab..6f5f6046 100644
--- a/src/xml/ntqxml.h
+++ b/src/xml/ntqxml.h
@@ -311,7 +311,7 @@ private:
     // for the DTD currently being parsed.
     static const uint dtdRecursionLimit = 2U;
     // The maximum amount of characters an entity value may contain, after expansion.
-    static const uint entityCharacterLimit = 65536U;
+    static const uint entityCharacterLimit = 4096U;
 
     const TQString &string();
     void stringClear();
-- 
cgit v1.2.3