openSUSE-SU-2022:10049-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2022:10049-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/openSUSE-SU-2022:10049-1
- Related
- Published
- 2022-07-10T16:01:15Z
- Modified
- 2022-07-10T16:01:15Z
- Summary
- Security update for libqt5-qtwebengine
- Details
-
This update for libqt5-qtwebengine fixes the following issues:
Update to version 5.15.10:
- Fix top level build with no widget
- Fix read-after-free on EGL extensions
- Update Chromium
- Add workaround for unstable gn on macOS in ci
- Pass archiver to gn build
- Fix navigation to non-local URLs
- Add support for universal builds for qtwebengine and qtpdf
- Enable Apple Silicon support
- Fix cross compilation x86_64->arm64 on mac
- Bump version to 5.15.10
- CustomDialogs: Make custom input fields readable in dark mode
CookieBrowser: Make alternating rows readable in dark mode
Update Chromium:
- Bump V8PATCHLEVEL
- Fix clang set-but-unused-variable warning
- Fix mac toolchain python linker script call
- Fix missing dependency for gpu sources
- Fix python calls
- Fix undefined symbol for universal link
- Quick fix for regression in service workers by reverting backports
- [Backport] CVE-2022-0797: Out of bounds memory access in Mojo
- [Backport] CVE-2022-1125
- [Backport] CVE-2022-1138: Inappropriate implementation in Web Cursor.
- [Backport] CVE-2022-1305: Use after free in storage
- [Backport] CVE-2022-1310: Use after free in regular expressions
- [Backport] CVE-2022-1314: Type Confusion in V8
- [Backport] CVE-2022-1493: Use after free in Dev Tools
- [Backport] On arm64 hosts, set host_cpu to 'arm64', not 'arm'
- [Backport] Security Bug 1296876
- [Backport] Security bug 1269999
- [Backport] Security bug 1280852
- [Backport] Security bug 1292905
- [Backport] Security bug 1304659
- [Backport] Security bug 1306507
- References
-
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WT2AEVSRASQUW7I7AGAMZLKVP3GE3BMY/
- https://www.suse.com/security/cve/CVE-2022-0797
- https://www.suse.com/security/cve/CVE-2022-1125
- https://www.suse.com/security/cve/CVE-2022-1138
- https://www.suse.com/security/cve/CVE-2022-1305
- https://www.suse.com/security/cve/CVE-2022-1310
- https://www.suse.com/security/cve/CVE-2022-1314
- https://www.suse.com/security/cve/CVE-2022-1493
Affected packages
SUSE:Package Hub 15 SP4 / libqt5-qtwebengine
Package
- Name
- libqt5-qtwebengine
- Purl
- purl:rpm/suse/libqt5-qtwebengine&distro=SUSE%20Package%20Hub%2015%20SP4
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.15.10-bp154.2.3.2
Ecosystem specific
{
"binaries": [
{
"libQt5PdfWidgets5": "5.15.10-bp154.2.3.2",
"libqt5-qtpdf-imports": "5.15.10-bp154.2.3.2",
"libqt5-qtwebengine-devel": "5.15.10-bp154.2.3.2",
"libqt5-qtwebengine": "5.15.10-bp154.2.3.2",
"libqt5-qtpdf-examples": "5.15.10-bp154.2.3.2",
"libqt5-qtpdf-private-headers-devel": "5.15.10-bp154.2.3.2",
"libQt5Pdf5": "5.15.10-bp154.2.3.2",
"libqt5-qtpdf-devel": "5.15.10-bp154.2.3.2",
"libqt5-qtwebengine-examples": "5.15.10-bp154.2.3.2",
"libqt5-qtwebengine-private-headers-devel": "5.15.10-bp154.2.3.2"
}
]
}
openSUSE:Leap 15.4 / libqt5-qtwebengine
Package
- Name
- libqt5-qtwebengine
- Purl
- purl:rpm/suse/libqt5-qtwebengine&distro=openSUSE%20Leap%2015.4
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.15.10-bp154.2.3.2
Ecosystem specific
{
"binaries": [
{
"libQt5PdfWidgets5": "5.15.10-bp154.2.3.2",
"libqt5-qtpdf-imports": "5.15.10-bp154.2.3.2",
"libqt5-qtwebengine-devel": "5.15.10-bp154.2.3.2",
"libqt5-qtwebengine": "5.15.10-bp154.2.3.2",
"libqt5-qtpdf-examples": "5.15.10-bp154.2.3.2",
"libqt5-qtpdf-private-headers-devel": "5.15.10-bp154.2.3.2",
"libQt5Pdf5": "5.15.10-bp154.2.3.2",
"libqt5-qtpdf-devel": "5.15.10-bp154.2.3.2",
"libqt5-qtwebengine-examples": "5.15.10-bp154.2.3.2",
"libqt5-qtwebengine-private-headers-devel": "5.15.10-bp154.2.3.2"
}
]
}