Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 810781 - <dev-qt/qtwebengine-5.15.2_p20210824: Multiple vulnerabilities
Summary: <dev-qt/qtwebengine-5.15.2_p20210824: Multiple vulnerabilities
Status: IN_PROGRESS
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: https://github.com/gentoo/gentoo/pull...
Whiteboard: B2 [glsa?]
Keywords: PullRequest
Depends on: 800181 811441
Blocks:
  Show dependency tree
 
Reported: 2021-08-28 10:58 UTC by Andreas Sturmlechner
Modified: 2021-09-19 13:46 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Andreas Sturmlechner gentoo-dev 2021-08-28 10:58:55 UTC
Too many really to keep track of. Half of the linked bugs have severity=major.

See also: https://code.qt.io/cgit/qt/qtwebengine-chromium.git/log/?h=87-based&qt=range&q=9f71911e
Comment 1 Larry the Git Cow gentoo-dev 2021-09-02 18:38:27 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=65d22cb153e059dfec7e973a92c2dd95aad1730e

commit 65d22cb153e059dfec7e973a92c2dd95aad1730e
Author:     Andreas Sturmlechner <asturm@gentoo.org>
AuthorDate: 2021-08-28 10:07:17 +0000
Commit:     Andreas Sturmlechner <asturm@gentoo.org>
CommitDate: 2021-09-02 18:38:07 +0000

    dev-qt/qtwebengine: 5.15.2_p20210824 snapshot bump, EAPI-8 bump
    
    Snapshotted at:
    Branch: 5.15.6
    Commit: 2acbba86362ac3a1c2d8c20390dc263875f8f09c
    
    Additional cherry-pick from branch 5.15:
    Fix crash when clicking on a link in PDF
    Commit: 7f4a6ff45743cecbfe0dd14ef29afd0874a2ed39
    
    Submodule qtwebengine-chromium.git:
    Branch: 87-based
    Commit: 9f71911e38c041cedc5291c5e772b7d03ce8b8c
    
    Bug: https://bugs.gentoo.org/810781
    Package-Manager: Portage-3.0.22, Repoman-3.0.3
    Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org>

 dev-qt/qtwebengine/Manifest                        |   1 +
 .../qtwebengine-5.15.2_p20210824.ebuild            | 224 +++++++++++++++++++++
 2 files changed, 225 insertions(+)
Comment 2 Larry the Git Cow gentoo-dev 2021-09-19 13:42:01 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fd6fb46a681e8d3a3628fb13c92d459a022e1acd

commit fd6fb46a681e8d3a3628fb13c92d459a022e1acd
Author:     Andreas Sturmlechner <asturm@gentoo.org>
AuthorDate: 2021-09-19 13:35:18 +0000
Commit:     Andreas Sturmlechner <asturm@gentoo.org>
CommitDate: 2021-09-19 13:41:47 +0000

    dev-qt/qtwebengine: Drop vulnerable 5.15.2_p20210625
    
    Bug: https://bugs.gentoo.org/810781
    Package-Manager: Portage-3.0.23, Repoman-3.0.3
    Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org>

 dev-qt/qtwebengine/Manifest                        |   1 -
 ...qtwebengine-5.15.0-disable-fatal-warnings.patch |  10 -
 .../qtwebengine-5.15.2_p20210625.ebuild            | 224 ---------------------
 3 files changed, 235 deletions(-)
Comment 3 John Helmert III gentoo-dev Security 2021-09-19 13:46:06 UTC
Thanks asturm!