summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAntti Kokko <antti.kokko@qt.io>2020-10-27 10:02:11 +0200
committerAllan Sandfeld Jensen <allan.jensen@qt.io>2020-10-29 07:30:07 +0100
commitf795d7c0d4b5a831dd847911c355c8d01d0a235f (patch)
tree3334f0370db2a36b7ff9d53f0a77d96feb487525
parent1bbd0db1190193f29297881b42c25947b4bf87bd (diff)
downloadqtwebengine-f795d7c0d4b5a831dd847911c355c8d01d0a235f.tar.gz
Add changes file for Qt 5.15.2
Pick-to: dev 5.15 Change-Id: If1c29cc043736619513620120f96133575bf28d5 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
-rw-r--r--dist/changes-5.15.282
1 files changed, 82 insertions, 0 deletions
diff --git a/dist/changes-5.15.2 b/dist/changes-5.15.2
new file mode 100644
index 000000000..de6ffc584
--- /dev/null
+++ b/dist/changes-5.15.2
@@ -0,0 +1,82 @@
+Qt 5.15.2 is a bug-fix release. It maintains both forward and backward
+compatibility (source and binary) with Qt 5.15.1.
+
+For more details, refer to the online documentation included in this
+distribution. The documentation is also available online:
+
+ https://doc.qt.io/qt-5.15/index.html
+
+The Qt version 5.15 series is binary compatible with the 5.14.x series.
+Applications compiled for 5.14 will continue to run with 5.15.
+
+Some of the changes listed in this file include issue tracking numbers
+corresponding to tasks in the Qt Bug Tracker:
+
+ https://bugreports.qt.io/
+
+Each of these identifiers can be entered in the bug tracker to obtain more
+information about a particular change.
+
+****************************************************************************
+* Library *
+****************************************************************************
+
+General
+-------
+ - [QTBUG-84632] Warn about QtWebengineProcess launching from network share
+ on Windows.
+ - [QTBUG-85363] Handle non-ASCII names for PulseAudio
+ - [QTBUG-85494] Fix regression crash when not handling QQuickWebEngineNewViewRequest
+ - [QTBUG-85817] Fix crashes on resize
+ - [QTBUG-86672] Fix remapped menu key being mapped back to menu key
+ - [QTBUG-86945] Fix crash when opening a PDF in debug build on windows.
+ - [QTBUG-87129] Mention node.js build-time dependency
+ - The QtWebEngineProcess now has a version number
+ - The old compositor has been removed and can no longer be restored using
+ command line argument.
+
+Chromium
+--------
+
+ - The Chromium version has been updated to 83.0.4103.122
+ - Security fixes from Chromium up to version 86.0.4240.111, including:
+ - CVE-2020-6540: Heap buffer overflow in Skia
+ - CVE-2020-6557: Inappropriate implementation in networking
+ - CVE-2020-6561: Inappropriate implementation in Content Security Policy
+ - CVE-2020-6562: Insufficient policy enforcement in Blink
+ - CVE-2020-6569: Integer overflow in WebUSB
+ - CVE-2020-6570: Side-channel information leakage in WebRTC
+ - CVE-2020-6573: Use after free in video
+ - CVE-2020-6571: Incorrect security UI in Omnibox
+ - CVE-2020-6575: Race in Mojo
+ - CVE-2020-6576: Use after free in offscreen canvas
+ - CVE-2020-15959: Insufficient policy enforcement in networking
+ - CVE-2020-15960: Out of bounds read in storage
+ - CVE-2020-15961: Insufficient policy enforcement in extensions
+ - CVE-2020-15962: Insufficient policy enforcement in serial
+ - CVE-2020-15963
+ - CVE-2020-15964: Insufficient data validation in media
+ - CVE-2020-15965: Out of bounds write in V8
+ - CVE-2020-15966
+ - CVE-2020-15968: Use after free in Blink
+ - CVE-2020-15969: Use after free in WebRTC.
+ - CVE-2020-15972: Use after free in audio.
+ - CVE-2020—15973: Insufficient policy enforcement in extensions
+ - CVE-2020-15974: Integer overflow in Blink
+ - CVE-2020-15976: Use after free in WebXR
+ - CVE-2020-15977: Insufficient data validation in dialogs.
+ - CVE-2020-15978: Insufficient data validation in navigation
+ - CVE-2020-15979: Inappropriate implementation in V8.
+ - CVE-2020-15985: Inappropriate implementation in Blink.
+ - CVE-2020-15987: Use after free in WebRTC
+ - CVE-2020-15989: Uninitialized Use in PDFium
+ - CVE-2020-15992: Insufficient policy enforcement in networking
+ - CVE-2020-15999: Heap buffer overflow in freetype
+ - CVE-2020-16001: Use after free in media.
+ - CVE-2020-16002: Use after free in PDFium
+ - CVE-2020-16003: Use after free in printing
+ - Security bug 1106091
+ - Security bug 1107824
+ - Security bug 1111149
+ - Security bug 1125199
+