diff options
| author | Michael BrĂ¼ning <michael.bruning@qt.io> | 2020-03-24 10:16:30 +0100 |
|---|---|---|
| committer | Michael BrĂ¼ning <michael.bruning@qt.io> | 2020-03-24 11:09:34 +0100 |
| commit | 35aa6c30f0e766b8825519e04242b7a4c93b6e0e (patch) | |
| tree | 9addeadd6e09bff2d14bdbd3dbc79610e2e3e244 /dist | |
| parent | 98af37969ec9cfd4eaa28884ea6d21dfbe008764 (diff) | |
| download | qtwebengine-35aa6c30f0e766b8825519e04242b7a4c93b6e0e.tar.gz | |
Pulls in the following changes:
ab79f5394af [Backport] CVE-2020-6426: Inappropriate implementation in V8.
c110d4f93df [Backport] CVE-2020-6422: Use after free in WebGL.
8f4cef2a9d9 [Backport] CVE-2020-6427: Use after free in audio.
72d0936150f [Backport] CVE-2020-6428: Use after free in audio.
2a9a1c057d8 [Backport] CVE-2020-6429: Use after free in audio.
9aabebeb69b [Backport] CVE-2020-6449: Use after free in audio.
6c9be50c2d9 [Backport] CVE-2019-20503: Out of bounds read in usersctplib
Task-number: QTBUG-81909
Change-Id: I15d5a786db945202f8577e894e9f0e1fb6bf6086
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Diffstat (limited to 'dist')
| -rw-r--r-- | dist/changes-5.14.2 | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/dist/changes-5.14.2 b/dist/changes-5.14.2 index 17c784815..3cf48a4f4 100644 --- a/dist/changes-5.14.2 +++ b/dist/changes-5.14.2 @@ -54,6 +54,7 @@ Chromium * CVE-2019-19925 - Multiple vulnerabilities in SQLite * CVE-2019-19926 - Inappropriate implementation in SQLite * CVE-2019-18197 - Multiple vulnerabilities in XML + * CVE-2019-20503 - Out of bounds read in usersctplib * CVE-2020-6381 - Integer overflow in Javascript * CVE-2020-6383 - Type confusion in V8 * CVE-2020-6384 - Use after free in WebAudio @@ -70,19 +71,25 @@ Chromium * CVE-2020-6396 - Inappropriate implementation in Skia * CVE-2020-6398 - Uninitialized use in PDFium * CVE-2020-6399 - Insufficient policy enforcement in AppCache + * CVE-2020-6400 - Inappropriate implementation in CORS + * CVE-2020-6401 * CVE-2020-6404 - Inappropriate implementation in Blink * CVE-2020-6405 - Out of bounds read in SQLite * CVE-2020-6406 - Use after free in audio + * CVE-2020-6407 - Out of bounds memory access in streams * CVE-2020-6410 - Insufficient policy enforcement in navigation + * CVE-2020-6411 * CVE-2020-6412 - Insufficient validation of untrusted input in Omnibox * CVE-2020-6413 - Inappropriate implementation in Blink * CVE-2020-6415 - * CVE-2020-6400 - Inappropriate implementation in CORS - * CVE-2020-6401 - * CVE-2020-6407 - Out of bounds memory access in streams - * CVE-2020-6411 * CVE-2020-6418 - Type confusion in V8 * CVE-2020-6420 - Insufficient policy enforcement in media + * CVE-2020-6422 - Use after free in WebGL. + * CVE-2020-6426 - Inappropriate implementation in V8. + * CVE-2020-6427 - Use after free in audio. + * CVE-2020-6428 - Use after free in audio. + * CVE-2020-6429 - Use after free in audio. + * CVE-2020-6449 - Use after free in audio. * Security bug 925035 * Security bug 1016038 * Security bug 1016506 |