| Summary: | <dev-qt/qtwebengine-5.15.12_p20240122: Multiple vulnerabilities | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Andreas Sturmlechner <asturm> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | CC: | asturm, qt |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | A1 [glsa+] | ||
| Package list: | Runtime testing required: | --- | |
| Bug Depends on: | 921565 | ||
| Bug Blocks: | 917357, 918882, 919321, 919802, 920442, 921337, 922062, 922340, 927746 | ||
|
Description
Andreas Sturmlechner
2024-01-15 22:04:39 UTC
[Backport] Security bug 151168987-based [Backport] CVE-2024-0224: Use after free in WebAudio [Backport] CVE-2023-7024: Heap buffer overflow in WebRTC [Backport] Security bug 1506535 [Backport] CVE-2024-0519: Out of bounds memory access in V8 [Backport] CVE-2024-0518: Type Confusion in V8 [Backport] CVE-2024-0333: Insufficient data validation in Extensions [Backport] CVE-2024-0222: Use after free in ANGLE Fixup: [Backport] Security bug 1488199 The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7beb9333b115f33305c81e2bbecd04a36a94d0a2 commit 7beb9333b115f33305c81e2bbecd04a36a94d0a2 Author: Andreas Sturmlechner <asturm@gentoo.org> AuthorDate: 2024-01-22 19:20:57 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2024-01-22 19:27:33 +0000 dev-qt/qtwebengine: add 5.15.12_p20240122 Bug: https://bugs.gentoo.org/921565 Bug: https://bugs.gentoo.org/922189 Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org> dev-qt/qtwebengine/Manifest | 1 + .../qtwebengine-5.15.12_p20240122.ebuild | 279 +++++++++++++++++++++ 2 files changed, 280 insertions(+) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=acf45c1ef3f684fe1c639477406c73485709ca97 commit acf45c1ef3f684fe1c639477406c73485709ca97 Author: Andreas Sturmlechner <asturm@gentoo.org> AuthorDate: 2024-02-01 22:57:53 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2024-02-01 23:00:58 +0000 dev-qt/qtwebengine: drop 5.15.11_p20231120, 5.15.12_p20240112 Bug: https://bugs.gentoo.org/922189 Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org> dev-qt/qtwebengine/Manifest | 2 - ...twebengine-5.15.11_p20231120-libxml2-2.12.patch | 43 --- .../files/qtwebengine-6.5.3-icu74.patch | 16 -- .../qtwebengine-5.15.11_p20231120.ebuild | 287 --------------------- .../qtwebengine-5.15.12_p20240112.ebuild | 279 -------------------- 5 files changed, 627 deletions(-) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=5daca99d83cb70fd50b2416394c79519718a247a commit 5daca99d83cb70fd50b2416394c79519718a247a Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-02-18 07:37:49 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-02-18 08:01:27 +0000 [ GLSA 202402-14 ] QtWebEngine: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/922189 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202402-14.xml | 69 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 69 insertions(+) |