Summary: | <dev-qt/qtwebengine-5.15.2_p20210224: Multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Andreas Sturmlechner <asturm> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | gyakovlev |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
See Also: |
https://bugs.gentoo.org/show_bug.cgi?id=768459 https://bugs.gentoo.org/show_bug.cgi?id=771012 https://bugs.gentoo.org/show_bug.cgi?id=768831 https://bugs.gentoo.org/show_bug.cgi?id=766207 https://bugs.gentoo.org/show_bug.cgi?id=755227 https://bugs.gentoo.org/show_bug.cgi?id=773919 |
||
Whiteboard: | A2 [glsa+] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 787950 |
Description
Andreas Sturmlechner
2021-02-26 13:40:50 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b17a3763239b411e863259e928b496bea2b9d051 commit b17a3763239b411e863259e928b496bea2b9d051 Author: Andreas Sturmlechner <asturm@gentoo.org> AuthorDate: 2021-02-26 13:35:44 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2021-02-26 21:19:23 +0000 dev-qt/qtwebengine: 5.15.2_p20210224 bump Snapshotted at: Branch: 5.15 Commit: 0b5f110234256eabaa264189d9117069f2a2d144 Submodule qtwebengine-chromium.git: Branch: 87-based Commit: 0eea95b24a9ed61c185adeeb787fb5b62e8f4537 V8-ICU-68 runtime fix: Thanks-to: Stephan Hartmann <sultan@gentoo.org> Bug: https://bugs.gentoo.org/773040 Package-Manager: Portage-3.0.15, Repoman-3.0.2 Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org> dev-qt/qtwebengine/Manifest | 2 +- ...2_p20210220-fixup-CVE-2021-21149-backport.patch | 42 ---------------------- ...ne-5.15.2_p20210224-chromium-87-v8-icu68.patch} | 0 ...qtwebengine-5.15.2_p20210224-disable-git.patch} | 0 dev-qt/qtwebengine/metadata.xml | 1 + ....ebuild => qtwebengine-5.15.2_p20210224.ebuild} | 11 +++--- 6 files changed, 7 insertions(+), 49 deletions(-) As these browser things go, let's presume there's code execution somewhere. Thank you for the report. Please proceed with stabilization when ready. Let's not waste any more time then. x86 stable amd64 done arm64 done all arches done Please cleanup. Cleanup is currently blocked by - ~ppc64 - bug 773919 bug 773919 should be no longer blocking us, just waiting for ~ppc64 to catch up now. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f16bf0c1808fac00085c2ef8833879ed39642425 commit f16bf0c1808fac00085c2ef8833879ed39642425 Author: Andreas Sturmlechner <asturm@gentoo.org> AuthorDate: 2021-03-24 12:14:09 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2021-03-24 12:14:47 +0000 dev-qt/qtwebengine: 5.15.2 security cleanup Bug: https://bugs.gentoo.org/773040 Package-Manager: Portage-3.0.17, Repoman-3.0.2 Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org> dev-qt/qtwebengine/Manifest | 2 - .../qtwebengine-5.15.2-icu-68-v8-runtime-fix.patch | 170 ------------ .../files/qtwebengine-5.15.2-icu-68.patch | 302 --------------------- dev-qt/qtwebengine/qtwebengine-5.15.2.ebuild | 172 ------------ 4 files changed, 646 deletions(-) qt proj is done in this bug anyway. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. ping security Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. GLSA request filed The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=3212eacb7aa1bccb5bf765cd0a4fb91d206ad2c5 commit 3212eacb7aa1bccb5bf765cd0a4fb91d206ad2c5 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2022-08-14 14:29:30 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-08-14 14:33:57 +0000 [ GLSA 202208-25 ] Chromium, Google Chrome, Microsoft Edge, QtWebEngine: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/773040 Bug: https://bugs.gentoo.org/787950 Bug: https://bugs.gentoo.org/800181 Bug: https://bugs.gentoo.org/810781 Bug: https://bugs.gentoo.org/815397 Bug: https://bugs.gentoo.org/828519 Bug: https://bugs.gentoo.org/829161 Bug: https://bugs.gentoo.org/834477 Bug: https://bugs.gentoo.org/835397 Bug: https://bugs.gentoo.org/835761 Bug: https://bugs.gentoo.org/836011 Bug: https://bugs.gentoo.org/836381 Bug: https://bugs.gentoo.org/836777 Bug: https://bugs.gentoo.org/836830 Bug: https://bugs.gentoo.org/837497 Bug: https://bugs.gentoo.org/838049 Bug: https://bugs.gentoo.org/838433 Bug: https://bugs.gentoo.org/838682 Bug: https://bugs.gentoo.org/841371 Bug: https://bugs.gentoo.org/843035 Bug: https://bugs.gentoo.org/843728 Bug: https://bugs.gentoo.org/847370 Bug: https://bugs.gentoo.org/847613 Bug: https://bugs.gentoo.org/848864 Bug: https://bugs.gentoo.org/851003 Bug: https://bugs.gentoo.org/851009 Bug: https://bugs.gentoo.org/853229 Bug: https://bugs.gentoo.org/853643 Bug: https://bugs.gentoo.org/854372 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Sam James <sam@gentoo.org> glsa-202208-25.xml | 284 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 284 insertions(+) GLSA done, all done. |