Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 800181 - <dev-qt/qtwebengine-5.15.2_p20210625: Multiple vulnerabilities
Summary: <dev-qt/qtwebengine-5.15.2_p20210625: Multiple vulnerabilities
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: Gentoo Security
URL:
Whiteboard: A2 [glsa+]
Keywords:
Depends on: 787950
Blocks: 792054 CVE-2021-30551 810781
  Show dependency tree
 
Reported: 2021-07-03 14:26 UTC by Andreas Sturmlechner
Modified: 2022-08-14 14:35 UTC (History)
0 users

See Also:
Package list:
dev-qt/qtwebengine-5.15.2_p20210625
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Andreas Sturmlechner gentoo-dev 2021-07-03 14:26:43 UTC
Too many really to keep track of.

See also: https://code.qt.io/cgit/qt/qtwebengine-chromium.git/log/?h=87-based&qt=range&q=0b959ee2
Comment 1 Larry the Git Cow gentoo-dev 2021-07-04 20:40:25 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=393d361644d173d4ea6bfaaaa224f4a07ffef9bf

commit 393d361644d173d4ea6bfaaaa224f4a07ffef9bf
Author:     Andreas Sturmlechner <asturm@gentoo.org>
AuthorDate: 2021-07-03 14:45:46 +0000
Commit:     Andreas Sturmlechner <asturm@gentoo.org>
CommitDate: 2021-07-04 20:40:06 +0000

    dev-qt/qtwebengine: Drop 5.15.2_p20210521
    
    Overshadowed by 5.15.2_p20210625.
    
    Bug: https://bugs.gentoo.org/800181
    Package-Manager: Portage-3.0.20, Repoman-3.0.3
    Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org>

 dev-qt/qtwebengine/Manifest                        |   1 -
 .../qtwebengine-5.15.2_p20210521.ebuild            | 215 ---------------------
 2 files changed, 216 deletions(-)
Comment 2 Andreas Sturmlechner gentoo-dev 2021-07-14 10:36:23 UTC
arches please stabilise.
Comment 3 Agostino Sarubbo gentoo-dev 2021-07-17 07:44:36 UTC
x86 stable
Comment 4 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2021-07-18 00:33:33 UTC
amd64 done
Comment 5 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2021-07-22 06:06:53 UTC
arm64 done

all arches done
Comment 6 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2021-07-22 06:07:40 UTC
Please cleanup, thanks!
Comment 7 Larry the Git Cow gentoo-dev 2021-07-22 09:35:50 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1e28eaa9c45fdfeb0c75271d0cf52e427032dd76

commit 1e28eaa9c45fdfeb0c75271d0cf52e427032dd76
Author:     Andreas Sturmlechner <asturm@gentoo.org>
AuthorDate: 2021-07-22 09:28:29 +0000
Commit:     Andreas Sturmlechner <asturm@gentoo.org>
CommitDate: 2021-07-22 09:35:34 +0000

    dev-qt/qtwebengine: 5.15.2_p20210421 security cleanup
    
    Bug: https://bugs.gentoo.org/800181
    Package-Manager: Portage-3.0.20, Repoman-3.0.3
    Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org>

 dev-qt/qtwebengine/Manifest                        |   1 -
 .../files/qtwebengine-5.15.2_p20210406-gcc11.patch | 126 -------
 .../files/qtwebengine-5.15.2_p20210406-icu69.patch |  92 -----
 .../qtwebengine-5.15.2_p20210421-qtbug-91773.patch | 372 ---------------------
 .../qtwebengine-5.15.2_p20210421.ebuild            | 218 ------------
 5 files changed, 809 deletions(-)
Comment 8 Andreas Sturmlechner gentoo-dev 2021-07-22 09:36:56 UTC
Cleanup done.
Comment 9 Andreas Sturmlechner gentoo-dev 2021-07-26 18:35:31 UTC
qt proj done anyway, ping security.
Comment 10 NATTkA bot gentoo-dev 2021-09-19 13:44:36 UTC
Unable to check for sanity:

> no match for package: dev-qt/qtwebengine-5.15.2_p20210625
Comment 11 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-08-14 04:59:01 UTC
GLSA request filed
Comment 12 Larry the Git Cow gentoo-dev 2022-08-14 14:34:51 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=3212eacb7aa1bccb5bf765cd0a4fb91d206ad2c5

commit 3212eacb7aa1bccb5bf765cd0a4fb91d206ad2c5
Author:     GLSAMaker <glsamaker@gentoo.org>
AuthorDate: 2022-08-14 14:29:30 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2022-08-14 14:33:57 +0000

    [ GLSA 202208-25 ] Chromium, Google Chrome, Microsoft Edge, QtWebEngine: Multiple Vulnerabilities
    
    Bug: https://bugs.gentoo.org/773040
    Bug: https://bugs.gentoo.org/787950
    Bug: https://bugs.gentoo.org/800181
    Bug: https://bugs.gentoo.org/810781
    Bug: https://bugs.gentoo.org/815397
    Bug: https://bugs.gentoo.org/828519
    Bug: https://bugs.gentoo.org/829161
    Bug: https://bugs.gentoo.org/834477
    Bug: https://bugs.gentoo.org/835397
    Bug: https://bugs.gentoo.org/835761
    Bug: https://bugs.gentoo.org/836011
    Bug: https://bugs.gentoo.org/836381
    Bug: https://bugs.gentoo.org/836777
    Bug: https://bugs.gentoo.org/836830
    Bug: https://bugs.gentoo.org/837497
    Bug: https://bugs.gentoo.org/838049
    Bug: https://bugs.gentoo.org/838433
    Bug: https://bugs.gentoo.org/838682
    Bug: https://bugs.gentoo.org/841371
    Bug: https://bugs.gentoo.org/843035
    Bug: https://bugs.gentoo.org/843728
    Bug: https://bugs.gentoo.org/847370
    Bug: https://bugs.gentoo.org/847613
    Bug: https://bugs.gentoo.org/848864
    Bug: https://bugs.gentoo.org/851003
    Bug: https://bugs.gentoo.org/851009
    Bug: https://bugs.gentoo.org/853229
    Bug: https://bugs.gentoo.org/853643
    Bug: https://bugs.gentoo.org/854372
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: Sam James <sam@gentoo.org>

 glsa-202208-25.xml | 284 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 284 insertions(+)
Comment 13 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2022-08-14 14:35:40 UTC
GLSA done, all done.