Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 927746 - <dev-qt/qtwebengine-5.15.13_p20240322: Multiple vulnerabilities
Summary: <dev-qt/qtwebengine-5.15.13_p20240322: Multiple vulnerabilities
Status: CONFIRMED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard: A2 [glsa]
Keywords: PullRequest
Depends on: 922189 qt-5.15.13-stable
Blocks: CVE-2024-1283, CVE-2024-1284 CVE-2024-0804, CVE-2024-0805, CVE-2024-0806, CVE-2024-0807, CVE-2024-0808, CVE-2024-0809, CVE-2024-0810, CVE-2024-0811, CVE-2024-0812, CVE-2024-0813, CVE-2024-0814 CVE-2024-1059, CVE-2024-1060, CVE-2024-1077
  Show dependency tree
 
Reported: 2024-03-24 19:25 UTC by Andreas Sturmlechner
Modified: 2024-04-05 15:34 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Andreas Sturmlechner gentoo-dev 2024-03-24 19:25:27 UTC 
[Backport] Security bug 325296797
Fixup for: Fixup for [Backport] Security bug 1519980
[Backport] CVE-2024-1059: Use after free in WebRTC
[Backport] Security bug 1518994
Fixup for [Backport] Security bug 1519980
[Backport] CVE-2024-1283: Heap buffer overflow in Skia
[Backport] CVE-2024-1060: Use after free in Canvas
[Backport] CVE-2024-1077: Use after free in Network
[Backport] Security bug 1519980
[Backport] CVE-2024-0808: Integer underflow in WebUI
[Backport] CVE-2024-0807: Use after free in WebAudio
[Backport] Security bug 1511689
Comment 1 Larry the Git Cow gentoo-dev 2024-04-05 15:01:20 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=01b2aa626e4e6ba9171d4194c47e2ad74a53f41d

commit 01b2aa626e4e6ba9171d4194c47e2ad74a53f41d
Author:     Andreas Sturmlechner <asturm@gentoo.org>
AuthorDate: 2024-04-04 18:34:51 +0000
Commit:     Andreas Sturmlechner <asturm@gentoo.org>
CommitDate: 2024-04-05 15:00:59 +0000

    dev-qt/qtwebengine: drop 5.15.12_p20240122
    
    Closes: https://bugs.gentoo.org/636242
    Bug: https://bugs.gentoo.org/927746
    Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org>

 dev-qt/qtwebengine/Manifest                        |   4 -
 .../qtwebengine-5.15.12_p20240122.ebuild           | 279 ---------------------
 2 files changed, 283 deletions(-)