931960 – (CVE-2023-7104, CVE-2024-3157, CVE-2024-3516) <dev-qt/qtwebengine-5.15.13_p20240510: Multiple vulnerabilities

Bug 931960 (CVE-2023-7104, CVE-2024-3157, CVE-2024-3516) - <dev-qt/qtwebengine-5.15.13_p20240510: Multiple vulnerabilities

Summary: <dev-qt/qtwebengine-5.15.13_p20240510: Multiple vulnerabilities

Status:	CONFIRMED

Alias:	CVE-2023-7104, CVE-2024-3157, CVE-2024-3516

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal normal
Assignee:	Gentoo Security

URL:	A2 [glsa?]
Whiteboard:
Keywords:

Depends on:	931961
Blocks:
	Show dependency tree

Reported:	2024-05-15 18:42 UTC by Andreas Sturmlechner
Modified:	2024-05-24 09:19 UTC (History)
CC List:	1 user (show)

See Also:	927746
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Andreas Sturmlechner gentoo-dev

2024-05-15 18:42:23 UTC

[Backport] CVE-2024-3516
[Backport] CVE-2024-3157
[Backport] Security bug 329674887
[Backport] Security bug 41495984
CVE-2023-7104

Comment 1 Larry the Git Cow gentoo-dev

2024-05-23 16:04:50 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=50a6e3e045ea76761e442d15cc917e0159161f53

commit 50a6e3e045ea76761e442d15cc917e0159161f53
Author:     Andreas Sturmlechner <asturm@gentoo.org>
AuthorDate: 2024-05-22 17:08:24 +0000
Commit:     Andreas Sturmlechner <asturm@gentoo.org>
CommitDate: 2024-05-23 16:01:52 +0000

    dev-qt/qtwebengine: drop vulnerable 5.15.13_p20240322
    
    Bug: https://bugs.gentoo.org/931960
    Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org>

 dev-qt/qtwebengine/Manifest                        |   1 -
 .../qtwebengine-5.15.13_p20240322-ninja1.12.patch  |  23 --
 .../qtwebengine-5.15.13_p20240322.ebuild           | 247 ---------------------
 3 files changed, 271 deletions(-)