| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: libqt5-qtwebengine-private-headers-devel | Distribution: openSUSE Tumbleweed |
| Version: 5.15.18 | Vendor: openSUSE |
| Release: 1.2 | Build date: Tue Dec 3 14:23:13 2024 |
| Group: Development/Libraries/C and C++ | Build host: reproducible |
| Size: 350634 | Source RPM: libqt5-qtwebengine-5.15.18-1.2.src.rpm |
| Packager: http://bugs.opensuse.org | |
| Url: https://www.qt.io | |
| Summary: Non-ABI stable experimental API for the Qt5 WebEngine library | |
This package provides private headers of libqt5-qtwebengine that are normally not used by application development and that do not have any ABI or API guarantees. The packages that build against these have to require the exact Qt version.
LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
* Tue Dec 03 2024 christophe@krop.fr
- Update to version 5.15.18:
* Bump version to 5.15.18
* Fix build errors with -no-opengl configuration
* Fixup "Add option to chose python version for building 5.15 WebEngine"
* [Backport] CVE-2024-9602: Type Confusion in V8
* [Backport] CVE-2024-9603: Type Confusion in V8
* FIXUP: [Backport] CVE-2024-7965: Inappropriate implementation in V8
* [Backport] CVE-2024-45492 / Security bug 364778067
* [Backport] CVE-2024-9123: Integer overflow in Skia
* [Backport] CVE-2024-5158: Type Confusion in V8
* [Backport] CVE-2024-7971: Type confusion in V8
* [Backport] CVE-2024-4761: Out of bounds write in V8
* [Backport] CVE-2024-8636: Heap buffer overflow in Skia
* [Backport] CVE-2024-8198: Heap buffer overflow in Skia
* [Backport] Security bug 346799730
* [Backport] CVE-2024-7967: Heap buffer overflow in Fonts
* [Backport] CVE-2024-7965: Inappropriate implementation in V8
* [Backport] CVE-2024-7532: Out of bounds memory access in ANGLE
* Fix build with GCC 15
* [Backport] CVE-2024-7536: Use after free in WebAudio
* [Backport] Dependency for CVE-2024-7536
* [Backport] Security bug 338574384
* [Backport] CVE-2024-6996: Race in Frames
* [Backport] CVE-2024-6989: Use after free in Loader
* [Backport] CVE-2024-6291: Use after free in Swiftshader
* [Backport] CVE-2024-5846: Use after free in PDFium
* [Backport] Security bug 340606786
* [Backport] CVE-2024-5496: Use after free in Media Session
* [Backport] Dependency for CVE-2024-3914
* [Backport] Security bug 329699609
* [Backport] CVE-2024-3914: Use after free in V8
* [Backport] CVE-2024-4558: Use after free in ANGLE
* [Backport] Security bug 327698060
* [Backport] CVE-2024-4058: Type Confusion in ANGLE
* [Backport] Security bug 40940917
* [Backport] CVE-2024-3837: Use after free in QUIC
* [Backport] CVE-2024-3839: Out of bounds read in Fonts
* Fix dependecy when compiling content/browser
* [Backport] CVE-2024-3516: Heap buffer overflow in ANGLE
* [Backport] CVE-2024-3157: Out of bounds write in Compositing
* [Backport] Security bug 329674887
* Prevent duplicate definition of blink::ResolveColor in jumbo builds
* Wed Sep 04 2024 Guillaume GARDET <guillaume.gardet@opensuse.org>
- Disable LTO on %{arm} to fix build
* Thu Aug 29 2024 Antonio Larrosa <alarrosa@suse.com>
- Remove the unrar sources from the third_party directory in %prep
so we're sure not to use any code with a non-free license.
* Wed Aug 07 2024 Christophe Marin <christophe@krop.fr>
- Add ffmpeg 7 compatibility patch (Picked from Arch):
* qt5-webengine-ffmpeg7.patch
* Sun Jun 09 2024 Andreas Stieger <andreas.stieger@gmx.de>
- use bundled re2 (boo#1226119)
* Thu May 23 2024 Christophe Marin <christophe@krop.fr>
- Add compatibility patches for ICU 75:
* qt5-webengine-icu-75.patch
* 0001-Use-default-constructor-in-place-of-self-delegation-.patch
- Consequently build with a newer compiler on Leap 15
* Wed May 22 2024 christophe@krop.fr
- Update to version 5.15.17:
* Add option to chose python version for building 5.15 WebEngine
* Update Chromium. Backported fixes:
* [Backport] Security bug 325296797
* [Backport] CVE-2024-1059: Use after free in WebRTC
* [Backport] Security bug 1518994
* Fixup for [Backport] Security bug 1519980
* [Backport] CVE-2024-1283: Heap buffer overflow in Skia
* [Backport] CVE-2024-1060: Use after free in Canvas
* [Backport] CVE-2024-1077: Use after free in Network
* [Backport] Security bug 1519980
* [Backport] CVE-2024-0808: Integer underflow in WebUI
* [Backport] CVE-2024-0807: Use after free in WebAudio
* Fix ffmpeg assembly with newer binutil
* [Backport] Security bug 1511689
* [Backport] CVE-2024-0224: Use after free in WebAudio
* [Backport] CVE-2023-7024: Heap buffer overflow in WebRTC
* [Backport] Security bug 1506535
* [Backport] CVE-2024-0519: Out of bounds memory access in V8
* [Backport] CVE-2024-0518: Type Confusion in V8
* [Backport] CVE-2024-0333: Insufficient data validation in Extensions
* [Backport] CVE-2024-0222: Use after free in ANGLE
* Fixup: [Backport] Security bug 1488199
* FIXUP: Fix compilation with system ICU
* Fixup: [Backport] Security bug 1505632
* [Backport] Security bug 1505632
* [Backport] CVE-2023-6702: Type Confusion in V8
* [Backport] CVE-2023-6345: Integer overflow in Skia
* Bump V8_PATCH_LEVEL
* [Backport] Security bug 1488199 (2/2)
* [Backport] Security bug 1488199 (1/2)
* [Backport] CVE-2023-6510: Use after free in Media Capture
* Fix building with system libxml2
* [Backport] CVE-2023-6347: Use after free in Mojo
* [Backport] CVE-2023-6112: Use after free in Navigation
* [Backport] CVE-2023-5997: Use after free in Garbage Collection
- Drop patches, merged upstream:
* 0001-Fix-building-with-system-libxml2.patch
* qtwebengine-python3.patch
* python311-fixes.patch
- Update _service file, catapult snapshots are not needed anymore
* Fri May 17 2024 Christoph G <foss@grueninger.de>
- Backport Ninja 1.12 compatibility patch (and adjust paths)
Add-missing-dependencies.patch from upstream
* Fri Apr 19 2024 Christophe Marin <christophe@krop.fr>
- Add patch to fix build with libxml >= 2.12:
* 0001-Fix-building-with-system-libxml2.patch
* Sat Feb 24 2024 Jan Engelhardt <jengelh@inai.de>
- Drop BuildRequire on libsrtp, qt builds a bundled copy.
* Tue Feb 20 2024 Christophe Marin <christophe@krop.fr>
- Switch to '%patch -P'
- Build with python 3.11 on Leap
* Wed Nov 22 2023 christophe@krop.fr
- Update to version 5.15.16:
* Bump version to 5.15.16
* Add check for system ffmpeg compatibility
* Fix handling of external URLs in PDFs
* Update Chromium:
* [Backport] CVE-2023-5996: Use after free in WebAudio
* [Backport] CVE-2023-5482 and CVE-2023-5849
* [Backport] CVE-2023-45853: Buffer overflow in MiniZip
* [Backport] Security bug 1478470
* [Backport] Security bug 1472365 and 1472366
* [Backport] CVE-2023-5218: Use after free in Site Isolation
* [Backport] Security bug 1486316
* FIXUP: [Backport] [PA] Support 16kb pagesize on Linux+ARM64
* [Backport] Add Intel Meteorlake GPU series type
* [Backport] Add Intel Raptorlake GPU series type
* [Backport] Add a few missing IntelGpuSeriesTypes in
gpu_util.cc
* [Backport] Add Intel Alchemist GPU series type
* [Backport] Add Alderlake to intel_gpu_series field in gpu
control list.
* [Backport] Add missing Intel GPU series types.
* [Backport] Add Alderlake's GPU to list supporting two NV12
overlay planes.
* [Backport] CVE-2023-5217: Heap buffer overflow in vp8
encoding in libvpx
* [Backport] Security bug 1479104
* [Backport] [PA] Support 16kb pagesize on Linux+ARM64
* [Backport] Replace uses of re2::StringPiece::set().
* Fix build with GCC 13
* Fix errors and warnings for perfetto
* Remove nodiscard attribute from cpwl_combo_box.h
* Bump V8_PATCH_LEVEL
* [Backport] CVE-2023-4762: Type Confusion in V8
* [Backport] CVE-2023-4362: Heap buffer overflow in Mojom IDL
* [Backport] CVE-2023-4354: Heap buffer overflow in Skia
* [Backport] CVE-2023-4351: Use after free in Network
* Disable Windows IME for GPU thread
* [Backport] CVE-2023-4863: Heap buffer overflow in WebP
* [Backport] Security bug 1465224
* [Backport] Dependency for security bug 1465224
* [Backport] CVE-2023-4071: Heap buffer overflow in Visuals
* [Backport] CVE-2023-4076: Use after free in WebRTC
* [Backport] CVE-2023-4074: Use after free in Blink Task
Scheduling
* Fri Sep 01 2023 christophe@krop.fr
- Update to version 5.15.15:
* Update Chromium:
* [Backport] Security bug 1454860
* Further fixes for building with GCC 13
* Fixup [Backport] CVE-2023-2935: Type Confusion in V8
* [Backport] Security bug 1447430
* [Backport] CVE-2023-2930: Use after free in Extensions
* [Backport] CVE-2023-3079: Type Confusion in V8
* [Backport] CVE-2023-3216: Type Confusion in V8
* [Backport] CVE-2023-2933: Use after free in PDF
* [Backport] CVE-2023-2935: Type Confusion in V8
* [Backport] CVE-2023-2932: Use after free in PDF
* [Backport] CVE-2023-2931: Use after free in PDF
* [Backport] Security bug 1444195
* [Backport] Security bug 1428743
* [Backport] CVE-2023-2721: Use after free in Navigation
* Fri Jul 28 2023 Andreas Stieger <andreas.stieger@gmx.de>
- build with older re2 on Tumbleweed, the upcoming re2 2023-07-01
breaks qtwebengine
* Thu May 25 2023 christophe@krop.fr
- Update to version 5.15.14:
* Blacklist TouchInputTest::touchTap for sles 15.4
* Blacklist tst_QWebEnginePage::mouseMovementProperties for SLES-15
* Do not allow universal with debug builds
* Enable accessibility by default on Linux
* Fix blacklisting of mouseMovementProperties for sles 15.4
* Fix build with GCC 13
* Fix initialization of QWebEngineDownloadItem::totalBytes for Widgets
* Fix memory management in QPdfDocument functions
* Update Chromium:
* Fixes for building with GCC-13
* [Backport] CVE-2023-1215: Type Confusion in CSS
* [Backport] CVE-2023-1217: Stack buffer overflow in Crash reporting
* [Backport] CVE-2023-1219: Heap buffer overflow in Metrics
* [Backport] CVE-2023-1220: Heap buffer overflow in UMA
* [Backport] CVE-2023-1222: Heap buffer overflow in Web Audio API
* [Backport] CVE-2023-1529: Out of bounds memory access in WebHID
* [Backport] CVE-2023-1530: Use after free in PDF
* [Backport] CVE-2023-1531: Use after free in ANGLE
* [Backport] CVE-2023-1534: Out of bounds read in ANGLE
* [Backport] CVE-2023-1810: Heap buffer overflow in Visuals
* [Backport] CVE-2023-1811: Use after free in Frames
* [Backport] CVE-2023-2033: Type Confusion in V8
* [Backport] CVE-2023-2137: Heap buffer overflow in sqlite
* [Backport] CVE-2023-29469 / Security bug 1433328
* [Backport] Security bug 1337747
* [Backport] Security bug 1417585
* [Backport] Security bug 1418734
* [Backport] Security bug 1423360
* [Backport] Security bug 1427388
- Drop patch, merged upstream:
* 0001-Fixes-for-building-with-GCC-13.patch
* Fri Apr 28 2023 Dirk Müller <dmueller@suse.com>
- add python311-fixes.patch:
* Fix build when python3 is python 3.11+
* Tue Apr 11 2023 Christophe Marin <christophe@krop.fr>
- Add patch to fix build with GCC 13 (boo#1207469):
* 0001-Fixes-for-building-with-GCC-13.patch
* Thu Mar 09 2023 christophe@krop.fr
- Update to version 5.15.13:
* Force to disable IPC logging
* Move out GetInProcessGpuShareGroup form content browser client
* Fix probabilistic signature scheme
* Bump version to 5.15.13
* Recreate response head objects on multiple redirect
* Add checksum to mailbox name in Release build too
* Drop dependency on content/public/browser in content gpu
* FIXUP: Mark Node::opcode() and Operator::opcode()
as constexpr
* [Backport] Add missing include for std::begin and std::end
in SkParseColor.cpp
* [Backport] CVE-2022-4179: Use after free in Audio
* [Backport] CVE-2022-4437: Use after free in Mojo IPC
* [Backport] CVE-2022-4438: Use after free in Blink Frames
* [Backport] CVE-2023-0129: Heap buffer overflow in
Network Service
* [Backport] CVE-2023-0472: Use after free in WebRTC
* [Backport] CVE-2023-0698: Out of bounds read in WebRTC
* [Backport] CVE-2023-0931: Use after free in Video
* [Backport] CVE-2023-0933: Integer overflow in PDF
* [Backport] Disable ABSL_HAVE_STD_IS_TRIVIALLY_ASSIGNABLE
for clang-cl
* [Backport] Fix more clang deprecated builtins
* [Backport] Map the absl::is_trivially_* functions to their
std impl
* [Backport] Mark Node::opcode() and Operator::opcode()
as constexpr
* [Backport] Security bug 1393384
* [Backport] Security bug 1394382
* [Backport] Security bug 1399424
* [Backport] Security bug 1406115
* [Backport][Windows] Remove unused sidestep intercepts
- Update 0001-skia-Some-includes-to-fix-build-with-GCC-12.patch
* Thu Mar 09 2023 Martin Liška <mliska@suse.cz>
- Use gcc12 for openSUSE:Factory as workaround for boo#1207469.
* Thu Dec 29 2022 christophe@krop.fr
- Update to version 5.15.12:
* Bump version to 5.15.12
* Update Chromium:
* Bump V8_PATCH_LEVEL
* Fixup for patch for CVE-2022-3200 on OpenSuse 15.1
* Fixup the patch for CVE-2022-3200 on 87-based / 5.15
* [Backport] CVE-2022-3038: Use after free in Network Service
* [Backport] CVE-2022-3040: Use after free in Layout
* [Backport] CVE-2022-3041: Use after free in WebSQL
* [Backport] CVE-2022-3046: Use after free in Browser Tag
* [Backport] CVE-2022-3075: Insufficient data validation in Mojo
* [Backport] CVE-2022-3196: Use after free in PDF
* [Backport] CVE-2022-3197: Use after free in PDF
* [Backport] CVE-2022-3198: Use after free in PDF
* [Backport] CVE-2022-3199: Use after free in Frames.
* [Backport] CVE-2022-3200: Heap buffer overflow in Internals
* [Backport] CVE-2022-3201: Insufficient validation of untrusted
input in Developer Tools (1/2)
* [Backport] CVE-2022-3201: Insufficient validation of untrusted
input in Developer Tools (2/2)
* [Backport] CVE-2022-3304: Use after free in CSS
* [Backport] CVE-2022-3370: Use after free in Custom Elements
* [Backport] CVE-2022-3373: Out of bounds write in V8
* [Backport] CVE-2022-3445: Use after free in Skia.
* [Backport] CVE-2022-3446 and CVE-2022-35737
* [Backport] CVE-2022-3885: Use after free in V8
* [Backport] CVE-2022-3887: Use after free in Web Workers
* [Backport] CVE-2022-3889: Type Confusion in V8
* [Backport] CVE-2022-3890: Heap buffer overflow in Crashpad
* [Backport] CVE-2022-4174: Type Confusion in V8
* [Backport] CVE-2022-4180: Use after free in Mojo
* [Backport] CVE-2022-4181: Use after free in Forms
* [Backport] CVE-2022-4262: Type Confusion in V8
* [Backport] Security bug 1356308
* [Backport] Security bug 1378916
* [Backport] Security bugs 1346938 and 1338114
* Wed Oct 05 2022 christophe@krop.fr
- Update to version 5.15.11:
* Work-around GNOME bug misidentifying HTML content
* Fix busy waiting on streaming QIODevice's
* Add workaround for un-minimizing QWebEngineView under Gnome
* Build the QtDesigner plugin in all configurations
* Bump version to 5.15.11
* Fix method check
* Do not use the native dialog to show the color picker on macOS
* FIXUP: Add workaround for unstable gn on macOS in ci
* Fix top level build with no widget
* Fix touch input for widget's delegate for html popup
* Keep page's zoom level on loading new urls
* Fix leak if loader error is seen first
* Add workaround for unstable gn on macOS in ci
* Pass archiver to gn build
* Fix read-after-free on EGL extensions
* Update Chromium:
* FIXUP: Fix url_utils for QtWebEngine
* FIXUP: Workaround MSVC2022 ICE in constexpr functions
* Fixup: CVE-2022-0796: Use after free in Media
* [Backport] CVE-2022-0796: Use after free in Media
* [Backport] CVE-2022-1855: Use after free in Messaging
* [Backport] CVE-2022-1857: Insufficient policy enforcement in
File System API
* [Backport] CVE-2022-2008: Out of bounds memory access in WebGL
* [Backport] CVE-2022-2010: Out of bounds read in compositing
* [Backport] CVE-2022-2158: Type Confusion in V8
* [Backport] CVE-2022-2160: Insufficient policy enforcement
in DevTools
* [Backport] CVE-2022-2162: Insufficient policy enforcement in
File System API
* [Backport] CVE-2022-2294: Heap buffer overflow in WebRTC
* [Backport] CVE-2022-2295: Type Confusion in V8
* [Backport] CVE-2022-2477 : Use after free in Guest View
* [Backport] CVE-2022-2610: Insufficient policy enforcement
in Background Fetch
* [Backport] CVE-2022-27404
* [Backport] CVE-2022-27405
* [Backport] CVE-2022-27406
* [Backport] Linux sandbox: ENOSYS for some statx syscalls
* [Backport] Security bug 1287804
* [Backport] Security bug 1316578
* [Backport] Security bug 1343889
- Replace sandbox-statx-futex_time64.patch with upstream change:
* sandbox_futex_time64.patch
* Mon Sep 26 2022 Christophe Giboudeaux <christophe@krop.fr>
- Use python 3.9 to build qtwebengine on Leap 15.
* Fri Sep 23 2022 Christophe Giboudeaux <christophe@krop.fr>
- Add patches to build with python 3, ffmpeg 5 and pipewire 0.3:
* qtwebengine-ffmpeg5.patch
* qtwebengine-pipewire-0.3.patch
* qtwebengine-python3.patch
- Use a newer catapult snapshot when building with python3
* Mon Aug 08 2022 Christophe Giboudeaux <christophe@krop.fr>
- Stop using 'pkgconfig(xxx)' BuildRequires for FFmpeg
dependencies. They will point to FFmpeg-5 soon.
* Wed Jun 08 2022 Christophe Giboudeaux <christophe@krop.fr>
- Update to version 5.15.10:
* Fix top level build with no widget
* Fix read-after-free on EGL extensions
* Update Chromium
* Add workaround for unstable gn on macOS in ci
* Pass archiver to gn build
* Fix navigation to non-local URLs
* Add support for universal builds for qtwebengine and qtpdf
* Enable Apple Silicon support
* Fix cross compilation x86_64->arm64 on mac
* Bump version to 5.15.10
* CustomDialogs: Make custom input fields readable in dark mode
* CookieBrowser: Make alternating rows readable in dark mode
* Update Chromium:
* Bump V8_PATCH_LEVEL
* Fix clang set-but-unused-variable warning
* Fix mac toolchain python linker script call
* Fix missing dependency for gpu sources
* Fix python calls
* Fix undefined symbol for universal link
* Quick fix for regression in service workers by reverting
backports
* [Backport] CVE-2022-0797: Out of bounds memory access
in Mojo
* [Backport] CVE-2022-1125
* [Backport] CVE-2022-1138: Inappropriate implementation
in Web Cursor.
* [Backport] CVE-2022-1305: Use after free in storage
* [Backport] CVE-2022-1310: Use after free in regular
expressions
* [Backport] CVE-2022-1314: Type Confusion in V8
* [Backport] CVE-2022-1493: Use after free in Dev Tools
* [Backport] On arm64 hosts, set host_cpu to 'arm64', not 'arm'
* [Backport] Security Bug 1296876
* [Backport] Security bug 1269999
* [Backport] Security bug 1280852
* [Backport] Security bug 1292905
* [Backport] Security bug 1304659
* [Backport] Security bug 1306507
* Mon May 02 2022 Martin Liška <mliska@suse.cz>
- Remove dependency on binutils-gold as the package will be removed
in the future. Gold linker is unmaintained by the upstream project.
* Wed Apr 27 2022 Christophe Giboudeaux <christophe@krop.fr>
- Add libqt5-qtwebengine-rpmlintrc to silence the
'shlib-policy-name-error' rpmlint error
* Wed Apr 06 2022 christophe@krop.fr
- Update to version 5.15.9:
* QPdfView: scale page rendering according to devicePixelRatio
* Update documented Chromium version
* Use IsSameDocument() rather than IsLoadingToDifferentDocument()
* Update module-split for installer
* Fix printing PDF files
* Do not override signal handlers
* Avoid using xkbcommon in non-X11 builds
* Update documentation
* Update Chromium:
* Bump V8_PATCH_LEVEL
* Do not overwrite signal handlers in the browser process.
* Replace base::ranges::set_union with std::set_union to fix
MSVC2017 build
* [Backport] CVE-2022-0100: Heap buffer overflow in Media
streams API
* [Backport] CVE-2022-0102: Type Confusion in V8
* [Backport] CVE-2022-0103: Use after free in SwiftShader
* [Backport] CVE-2022-0104: Heap buffer overflow in ANGLE
* [Backport] CVE-2022-0108: Inappropriate implementation
in Navigation
* [Backport] CVE-2022-0109: Inappropriate implementation
in Autofill
* [Backport] CVE-2022-0111 and CVE-2022-0117
* [Backport] CVE-2022-0113: Inappropriate implementatio
n in Blink
* [Backport] CVE-2022-0116: Inappropriate implementation
in Compositing
* [Backport] CVE-2022-0289: Use after free in Safe browsing
* [Backport] CVE-2022-0291: Inappropriate implementation
in Storage
* [Backport] CVE-2022-0293: Use after free in Web packaging
* [Backport] CVE-2022-0298: Use after free in Scheduling
* [Backport] CVE-2022-0305: Inappropriate implementation in
Service Worker API
* [Backport] CVE-2022-0306: Heap buffer overflow in PDFium
* [Backport] CVE-2022-0310 and CVE-0311: Heap buffer overflow
in Task Manager
* [Backport] CVE-2022-0456: Use after free in Web Search
* [Backport] CVE-2022-0459: Use after free in Screen Capture
* [Backport] CVE-2022-0460: Use after free in Window Dialog
* [Backport] CVE-2022-0461: Policy bypass in COOP
* [Backport] CVE-2022-0606: Use after free in ANGLE
* [Backport] CVE-2022-0607: Use after free in GPU
* [Backport] CVE-2022-0608: Integer overflow in Mojo
* [Backport] CVE-2022-0609: Use after free in Animation
* [Backport] CVE-2022-0610: Inappropriate implementation
in Gamepad API
* [Backport] CVE-2022-0971 (boo#1197163)
* [Backport] CVE-2022-1096 (boo#1197552)
* [Backport] CVE-2022-23852
* [Backport] Copy 'name_' member during StyleRuleProperty::Copy
* [Backport] Security bug 1256885
* [Backport] Security bug 1258603
* [Backport] Security bug 1259557
* [Backport] Security bug 1261415
* [Backport] Security bug 1265570
* [Backport] Security bug 1268448
* [Backport] Security bug 1270014
* [Backport] Security bug 1274113
* [Backport] Security bug 1276331
* [Backport] Security bug 1280743
* [Backport] Security bug 1289394
* [Backport] Security bug 1292537
* [Backport] sandbox: build if glibc 2.34+ dynamic stack size
is enabled
- Drop patches, now upstream:
* CVE-2022-0971-qtwebengine-5.15.patch
* CVE-2022-1096-qtwebengine-5.15.patch
* Mon Apr 04 2022 Christophe Giboudeaux <christophe@krop.fr>
- Add security fixes:
* CVE-2022-0971-qtwebengine-5.15.patch (CVE-2022-0971, boo#1197163)
* CVE-2022-1096-qtwebengine-5.15.patch (CVE-2022-1096, boo#1197552)
* Fri Mar 25 2022 Fabian Vogt <fvogt@suse.com>
- Add patch to fix build with GCC 12:
* 0001-skia-Some-includes-to-fix-build-with-GCC-12.patch
* Tue Jan 04 2022 christophe@krop.fr
- Update to version 5.15.8:
* Update Chromium:
[Backport] CVE-2021-3517: libxml2: Heap-based buffer overflow
in xmlEncodeEntitiesInternal() in entities.c
[Backport] CVE-2021-3541 libxml2: Exponential entity expansion
attack bypasses all existing protection mechanisms
[Backport] CVE-2021-37984 : Heap buffer overflow in PDFium
[Backport] CVE-2021-37987 : Use after free in Network APIs
[Backport] CVE-2021-37989 : Inappropriate implementation in Blink
[Backport] CVE-2021-37992 : Out of bounds read in WebAudio
[Backport] CVE-2021-37993 : Use after free in PDF Accessibility
[Backport] CVE-2021-37996 : Insufficient validation of untrusted
input in Downloads
[Backport] CVE-2021-38001 : Type Confusion in V8
[Backport] CVE-2021-38003 : Inappropriate implementation in V8
[Backport] CVE-2021-38005: Use after free in loader (1/3)
[Backport] CVE-2021-38005: Use after free in loader (2/3)
[Backport] CVE-2021-38005: Use after free in loader (3/3)
[Backport] CVE-2021-38007: Type Confusion in V8
[Backport] CVE-2021-38009: Inappropriate implementation in cache
[Backport] CVE-2021-38010: Inappropriate implementation in serviceworkers
[Backport] CVE-2021-38012: Type Confusion in V8
[Backport] CVE-2021-38015: Inappropriate implementation in input
[Backport] CVE-2021-38017: Insufficient policy enforcement in iframe
sandbox
[Backport] CVE-2021-38018: Inappropriate implementation in navigation
[Backport] CVE-2021-38019: Insufficient policy enforcement in CORS
[Backport] CVE-2021-38021: Inappropriate implementation in referrer
[Backport] CVE-2021-38022: Inappropriate implementation in WebAuthentication
[Backport] CVE-2021-4057: Use after free in file API
[Backport] CVE-2021-4058: Heap buffer overflow in ANGLE (1/2)
[Backport] CVE-2021-4058: Heap buffer overflow in ANGLE (2/2)
[Backport] CVE-2021-4059: Insufficient data validation in loader
[Backport] CVE-2021-4062: Heap buffer overflow in BFCache
[Backport] CVE-2021-4078: Type confusion in V8
[Backport] CVE-2021-4079: Out of bounds write in WebRTC
[Backport] CVE-2021-4098: Insufficient data validation in Mojo
[Backport] CVE-2021-4099: Use after free in Swiftshader
[Backport] CVE-2021-4101: Heap buffer overflow in Swiftshader.
[Backport] CVE-2021-4102: Use after free in V8
[Backport] Dependency for CVE-2021-37989
[Backport] Dependency for CVE-2021-38009
[Backport] Security bug 1245870
[Backport] Security bug 1252858
[Backport] Security bug 1259899
Bump V8_PATCH_LEVEL
Compile with GCC 11 -std=c++20
Fix stack overflow on gpu channel recreate with an error
Use wglSetPixelFormat directly only if in software mode
[Backport] Handle long SIGSTKSZ in glibc > 2.33
[Backport] abseil-cpp: Fixes build with latest glibc
* Handle qtpdf compilation with static runtime
* Add bitcode support for qtpdf on ios
* Do not access accessibility from qt post routines
* Blacklist javascriptClipboard test on ubuntu 20.04
* Re-enable network-service-in-process
* Bump version from 5.15.7 to 5.15.8
* Update patch level
* Fix pinch gesture
* Fix leak of properties after XkbRF_GetNamesProp
* Fix leak on getDefaultScreeenId
- Drop patch:
* 0001-Fix-build-with-glibc-2.34.patch
/usr/include/qt5/QtWebEngine/5.15.18 /usr/include/qt5/QtWebEngine/5.15.18/QtWebEngine /usr/include/qt5/QtWebEngine/5.15.18/QtWebEngine/private /usr/include/qt5/QtWebEngine/5.15.18/QtWebEngine/private/qquickwebengineaction_p.h /usr/include/qt5/QtWebEngine/5.15.18/QtWebEngine/private/qquickwebengineaction_p_p.h /usr/include/qt5/QtWebEngine/5.15.18/QtWebEngine/private/qquickwebenginecertificateerror_p.h /usr/include/qt5/QtWebEngine/5.15.18/QtWebEngine/private/qquickwebengineclientcertificateselection_p.h /usr/include/qt5/QtWebEngine/5.15.18/QtWebEngine/private/qquickwebenginecontextmenurequest_p.h /usr/include/qt5/QtWebEngine/5.15.18/QtWebEngine/private/qquickwebenginedialogrequests_p.h /usr/include/qt5/QtWebEngine/5.15.18/QtWebEngine/private/qquickwebenginedownloaditem_p.h /usr/include/qt5/QtWebEngine/5.15.18/QtWebEngine/private/qquickwebenginedownloaditem_p_p.h /usr/include/qt5/QtWebEngine/5.15.18/QtWebEngine/private/qquickwebenginefaviconprovider_p_p.h /usr/include/qt5/QtWebEngine/5.15.18/QtWebEngine/private/qquickwebenginehistory_p.h /usr/include/qt5/QtWebEngine/5.15.18/QtWebEngine/private/qquickwebenginehistory_p_p.h /usr/include/qt5/QtWebEngine/5.15.18/QtWebEngine/private/qquickwebengineloadrequest_p.h /usr/include/qt5/QtWebEngine/5.15.18/QtWebEngine/private/qquickwebenginenavigationrequest_p.h /usr/include/qt5/QtWebEngine/5.15.18/QtWebEngine/private/qquickwebenginenewviewrequest_p.h /usr/include/qt5/QtWebEngine/5.15.18/QtWebEngine/private/qquickwebengineprofile_p.h /usr/include/qt5/QtWebEngine/5.15.18/QtWebEngine/private/qquickwebenginescript_p.h /usr/include/qt5/QtWebEngine/5.15.18/QtWebEngine/private/qquickwebenginesettings_p.h /usr/include/qt5/QtWebEngine/5.15.18/QtWebEngine/private/qquickwebenginesingleton_p.h /usr/include/qt5/QtWebEngine/5.15.18/QtWebEngine/private/qquickwebenginetestsupport_p.h /usr/include/qt5/QtWebEngine/5.15.18/QtWebEngine/private/qquickwebenginetouchhandleprovider_p_p.h /usr/include/qt5/QtWebEngine/5.15.18/QtWebEngine/private/qquickwebengineview_p.h /usr/include/qt5/QtWebEngine/5.15.18/QtWebEngine/private/qquickwebengineview_p_p.h /usr/include/qt5/QtWebEngine/5.15.18/QtWebEngine/private/qtwebengine-config_p.h /usr/include/qt5/QtWebEngine/5.15.18/QtWebEngine/private/qtwebengineglobal_p.h /usr/include/qt5/QtWebEngineCore/5.15.18 /usr/include/qt5/QtWebEngineCore/5.15.18/QtWebEngineCore /usr/include/qt5/QtWebEngineCore/5.15.18/QtWebEngineCore/private /usr/include/qt5/QtWebEngineCore/5.15.18/QtWebEngineCore/private/qtwebenginecore-config_p.h /usr/include/qt5/QtWebEngineCore/5.15.18/QtWebEngineCore/private/qtwebenginecoreglobal_p.h /usr/include/qt5/QtWebEngineCore/5.15.18/QtWebEngineCore/private/qwebenginecallback_p.h /usr/include/qt5/QtWebEngineCore/5.15.18/QtWebEngineCore/private/qwebenginecookiestore_p.h /usr/include/qt5/QtWebEngineCore/5.15.18/QtWebEngineCore/private/qwebenginemessagepumpscheduler_p.h /usr/include/qt5/QtWebEngineCore/5.15.18/QtWebEngineCore/private/qwebengineurlrequestinfo_p.h /usr/include/qt5/QtWebEngineWidgets/5.15.18 /usr/include/qt5/QtWebEngineWidgets/5.15.18/QtWebEngineWidgets /usr/include/qt5/QtWebEngineWidgets/5.15.18/QtWebEngineWidgets/private /usr/include/qt5/QtWebEngineWidgets/5.15.18/QtWebEngineWidgets/private/qtwebenginewidgets-config_p.h /usr/include/qt5/QtWebEngineWidgets/5.15.18/QtWebEngineWidgets/private/qwebenginedownloaditem_p.h /usr/include/qt5/QtWebEngineWidgets/5.15.18/QtWebEngineWidgets/private/qwebenginehistory_p.h /usr/include/qt5/QtWebEngineWidgets/5.15.18/QtWebEngineWidgets/private/qwebenginenotificationpresenter_p.h /usr/include/qt5/QtWebEngineWidgets/5.15.18/QtWebEngineWidgets/private/qwebenginepage_p.h /usr/include/qt5/QtWebEngineWidgets/5.15.18/QtWebEngineWidgets/private/qwebengineprofile_p.h /usr/include/qt5/QtWebEngineWidgets/5.15.18/QtWebEngineWidgets/private/qwebenginescriptcollection_p.h /usr/include/qt5/QtWebEngineWidgets/5.15.18/QtWebEngineWidgets/private/qwebengineview_p.h /usr/share/licenses/libqt5-qtwebengine-private-headers-devel /usr/share/licenses/libqt5-qtwebengine-private-headers-devel/LICENSE.Chromium /usr/share/licenses/libqt5-qtwebengine-private-headers-devel/LICENSE.FDL /usr/share/licenses/libqt5-qtwebengine-private-headers-devel/LICENSE.GPL2 /usr/share/licenses/libqt5-qtwebengine-private-headers-devel/LICENSE.GPL3 /usr/share/licenses/libqt5-qtwebengine-private-headers-devel/LICENSE.GPL3-EXCEPT /usr/share/licenses/libqt5-qtwebengine-private-headers-devel/LICENSE.GPLv3 /usr/share/licenses/libqt5-qtwebengine-private-headers-devel/LICENSE.LGPL3 /usr/share/licenses/libqt5-qtwebengine-private-headers-devel/LICENSE.LGPLv3
Generated by rpm2html 1.8.1
Fabrice Bellet, Sun Feb 9 01:37:00 2025