| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pulls in the following changes:
ab79f5394af [Backport] CVE-2020-6426: Inappropriate implementation in V8.
c110d4f93df [Backport] CVE-2020-6422: Use after free in WebGL.
8f4cef2a9d9 [Backport] CVE-2020-6427: Use after free in audio.
72d0936150f [Backport] CVE-2020-6428: Use after free in audio.
2a9a1c057d8 [Backport] CVE-2020-6429: Use after free in audio.
9aabebeb69b [Backport] CVE-2020-6449: Use after free in audio.
6c9be50c2d9 [Backport] CVE-2019-20503: Out of bounds read in usersctplib
Task-number: QTBUG-81909
Change-Id: I15d5a786db945202f8577e894e9f0e1fb6bf6086
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
| |
Change-Id: Iff32b1757c33698a878e926b5fd2b8c9326b364f
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
| |
Running build in parallel for debug and release on mac os
was resulting in corrupted resource, due to possible
simultaneous QMAKE_BUNDLE_DATA resources write
from release and debug builds. Add missing qtConfig checks.
Fixes: QTBUG-76549
Change-Id: Icc0dee7b06d442e9c15d7afa53c0372e8d82b4a2
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
|
|
|
| |
Pulls in the following change
f7ffd2f7dff Fixup for [Backport] CVE-2020-6401 (2/3)
Fixes: QTBUG-81909
Change-Id: I735544d31dc97c0e85a0abf912ed3651b3adee1c
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
|
|
|
|
|
|
|
|
|
|
| |
Pulls in the following changes:
80bf361c042 [Backport] Dependency for security bug 925035
4af826b4d35 [Backport] Fix for security issue 925035
Change-Id: I1941c5c9b91028129e76b1f95186d2ec2140ab8b
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pulls in the following changes:
7622e2b8071 [Backport] CVE-2020-6395 - Out of bounds read in JavaScript
2643eee04e0 [Backport] CVE-2020-6410 - Insufficient policy enforcement in navigation
f938fe1765e [Backport] CVE-2020-6412 - Insufficient validation of untrusted input in Omnibox
98f5d9e5b14 [Backport] CVE-2020-6413 - Inappropriate implementation in Blink
e95d8df0220 [Backport] CVE-2020-6415 - Inappropriate implementation in JavaScript
cac651b7205 [Backport] Security bug 1020031
20b67be01c3 [Backport] Security bug 1016506
5043a049628 [Backport] Security bug 1026293
edd82d1d7ce [Backport] Security bug 1047097
334bb80e4ce [Backport] Security bug 1025442
6f1a37c63ba [Backport] Security bug 1016038
Change-Id: I443677e4d832c7f7336eb95cd640f69be11dbe1e
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
| |
Fixes: QTBUG-82715
Change-Id: I9a269efa20d092f75a8a43cb20d1e0dc0f46b9f9
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|\
| |
| |
| | |
Change-Id: I50afabc6022fea5b3db2a7dcb8659b654573661f
|
| |
| |
| |
| |
| | |
Change-Id: Id25796d4f95878f674009f27a221b2c7b73237fe
Reviewed-by: Alexandru Croitor <alexandru.croitor@qt.io>
|
| |
| |
| |
| |
| | |
Change-Id: I1420b0c6293fbd3caf5dce3ada3b6fec90c74bfc
Reviewed-by: Leena Miettinen <riitta-leena.miettinen@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Without this, an already focused web element might not be read
when QQuickWebEngineView gets the active focus.
QWidget::setFocus() does this for Widget.
Fixes: QTBUG-81539
Change-Id: Iaa418c416871e580583ea05e50b223dea3501fd8
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |
| |
| |
| |
| | |
Change-Id: I847a1750ce5c9533db43fb60f91b9739c544791a
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Toggling page's setting is actually first batched and then executed
asynchronously by timer. So javascript code might not necessarily see
this update immediately after change on UI thread.
Change-Id: I1a1f373b5fd0b96c5b937a2dca1ce0ed99364c33
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The RenderWidgetHostViewQtDelegate(Widget|Quick)Accessible interfaces
are forwarding their queries to the WebEngineView. In case of widget,
the view also forwards the query to the page.
The accessible interfaces may outlive the view and page. The interfaces
are not supposed to be used after the destruction of the underlying
objects. Thus, set the RenderWidgetHostViewQtDelegate and WebEngineView
accessible interfaces invalid if the corresponding pointers are null.
Also fix querying the root accessible interface of the web page when
the render frame host is not available.
This fixes crash when
QT_LOGGING_RULES="qt.accessibility.cache.debug=true"
is set and logger tries to pretty-print QAccessibleInterfaces during
destruction.
Task-number: QTBUG-78284
Change-Id: If18af0605061fcd82d019d0042dbf1c9d3a910be
Reviewed-by: Kirill Burtsev <kirill.burtsev@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The ACCESSIBILITY_EVENTS permission is used to enable AOM
(Accessibility Object Model) event listeners in blink. The current
implementation of the AOM is deprecated and it doesn't seem to be
supported in the foreseeable future by QtWebEngine.
Avoid the "Not implemented" error message in case of this permission
type because it is kept unsupported on purpose but blink still registers
permission status listener when AXObjectCache is created.
Change-Id: I4e9babb06015635e6c4c94c8fe433c714329692b
Reviewed-by: Kirill Burtsev <kirill.burtsev@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The RenderViewObserverQt_SetBackgroundColor message was sent with wrong
Routing ID.
This fix also cleans up RenderWidgetHostViewQt::UpdateBackgroundColor()
method.
Fixes: QTBUG-81781
Change-Id: Ida198fb061715d389859ace17e1f773db491c51d
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Pulls in the following changes:
b6fde543e11 FIXUP: Fix build with gcc 5
feeaf8ecd52 [Backport] CVE-2020-6406 - Use after free in audio
ada63371baf [Backport] CVE-2020-6392 - Insufficient policy enforcement in extensions
80029e44737 [Backport] CVE-2020-6393 - Insufficient policy enforcement in Blink
cfd1a2eb98c [Backport] CVE-2020-6394 - Insufficient policy enforcement in Blink
8b524801b75 [Backport] CVE-2020-6396 - Inappropriate implementation in Skia
7b2e898f2b4 [Backport] CVE-2020-6398 - Uninitialized use in PDFium
d8c1659ae97 [Backport] CVE-2020-6400 - Inappropriate implementation in CORS
4d5dbe41ae3 [Backport] CVE-2020-6401 (1/3) and CVE-2020-6411
b88a10e7a66 [Backport] CVE-2020-6401 (2/3)
25b6ec913a1 [Backport] CVE-2020-6401 (3/3)
31bf030226a [Backport] CVE-2020-6404 - Inappropriate implementation in Blink
42e3d739230 [Backport] CVE-2020-6399 - Insufficient policy enforcement in AppCache
02f1da71840 [Backport] Security bug 1035723
3e757b536e5 [Backport] Dependency for CVE-2020-6391
f720be4aac5 [Backport] CVE-2020-6391 - Insufficient validation of untrusted input in Blink (1/3)
e7980ade9ab [Backport] CVE-2020-6391 - Insufficient validation of untrusted input in Blink (2/3)
3f6e9bf1fb0 [Backport] CVE-2020-6391 - Insufficient validation of untrusted input in Blink (3/3)
6b0d12aa31a [Backport] Security bug 1018629
Change-Id: I929158db502b6e3705e50cd3c0da6601d3a17c04
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Pulls in the following changes:
a7d90c1eadc Fix undefined range-based for loops in torque
24581ca7dde [Backport] Security bug 1040700
e4659a4c8a8 [Backport] CVE-2020-6418 - Type confusion in V8
5707cc4f757 [Backport] CVE-2020-6383 - Type confusion in V8
642c7bea74e [Backport] CVE-2020-6407: Out of bounds memory access in streams
d8724284f47 [Backport] CVE-2020-6384: Use after free in WebAudio
e87caa4598d [Backport] Security bug 1029865
da60616b969 [Backport] Security bug 1044570
51012dcb3e6 [Backport] CVE-2020-6387 - Out of bounds write in WebRTC
6c4b486ce60 [Backport] CVE-2020-6389 - Out of bounds write in WebRTC
1c3145818e4 [Backport] CVE-2020-6420: Insufficient policy enforcement in media
4a01d3a4103 [Backport] Security bug 1031909
Change-Id: Ic6d76f64a82d3f5738c31a53cf7e0f3f37183767
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This pulls in the following changes:
ac97c98fc69 Restore -fno-delete-null-pointer-checks
ca787f956d8 [Backport] CVE-2020-6385 - Insufficient policy enforcement in storage
5887eeff3a3 [Backport] CVE-2020-6388 - Out of bounds memory access in WebAudio
5751c8f7214 [Backport] CVE-2020-6390 - Out of bounds memory access in streams
08bb21bc0ae [Backport] CVE-2020-6381 - Integer overflow in Javascript
18b9ecb1968 [Backport] CVE-18197 - Multiple vulnerabilities in XML
dcfdd7e5cac [Backport] Fix multiple CVEs and security bugs in sqlite
Change-Id: I4e175da43127c7a14f53c7ffcfda30bb715e050a
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch aims to handle 3 deadlocks on exit:
(1) Do not attempt to restart Viz thread on shutdown,
this will make deadlock with no separate gpu thread,
since force shut down of FrameSinkManager requires
interaction with gpu process.
(2) QCoreApplication, QGuiApplication, QApplication
behave differently when doing qt post routine,
~QGuiApplication calls the post routine handler after
closing event dispatcher, which will on windows stop processing
timer events, which we need to pump message loop when
shuting down viz. Do not use QEventLoop and switch
to active pulling. The proper solution is to fix QGuiApplication
destructor to call post routine first, but this change might
have side effects on already existing user code.
(3) Since 7f1649b438329e we delete root frame sink asynchronously,
which will in gpu thread running in separate thread create a deadlock.
Viz requires gpu to destruct root frame sink, however if main process
tries to close gpu process this will in turn try close viz, but viz calls
back gpu now since the root frame sink is not destroyed.
Use the same solution as in (1).
Change-Id: Ic6bc904bdac90ee01a5c5b9398a2e2746be3bbd8
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
|
|
|
|
|
|
|
|
|
| |
Remove code duplication on triggering new url load, and use direct
code to clear SelectedText instead of CollapseSelection as it assumes
focused frame and might be ignored.
Fixes: QTBUG-81574
Change-Id: I01cf02967e118f407c8a3997e176d5b258478a5a
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This pulls in the following changes:
c1be521d4b0 Create an AudioOutputIPCFactory even without WebRTC
35b6d2c4838 third_party perfetto: add missing include for clang, asan and no_pch
6c2cf4c4571 Fix access after move
86de069171e FIXUP: Fix building with g++ 5
5c2d377121c Suppress racy DCHECK
458aa4294db Fix generation of attribution documentation
a370b2f7a7e Don't force gpu process launch on macOS with vizdc and no GL
5b79320c013 Expose StoragePartitionImpl::InitNetworkContext
bbc3a3082b4 [Backport] Fix input spinner double-increment.
432e1a9b1a0 Suppress DCHECK triggered by NGInlineNode::ComputeMinMaxSize
caa20eed16d Add explicit dependencies on spellcheck buildflags
c3737fb3824 [Backport] metatrace: remove memset and trivial-ctor assumption
12a57d9c943 Fix recursive deadlock in sandbox::InitLibcLocaltimeFunctions
Change-Id: Id06aa2d5a148d3805ebd172ab21db2400f78f19a
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
| |
Fixes: QTBUG-81783
Change-Id: I107a4009630dc261013498a05987c0e8e29651eb
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
| |
The size of QJsonDocument's binary format is well known and we don't
need the header to know what it is. This fixes the build with 5.15,
where the contents of the previous QJsonPrivate namespace are now
in QBinaryJsonPrivate.
web_channel_ipc_transport_host.cpp:148:51: error: 'Header' is not a member of 'QJsonPrivate'
Change-Id: Id7decde0c426479bbf61fffd15dcc5c20a9eca2c
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
| |
Profile interceptors run also on ui thread.
Change-Id: Iacfce46549e7ffd821033308077ba5f4fa410575
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add tests for changing httpUserAgent, httpAcceptLanguage, and
persistentCookiesPolicy.
Use local HttpServer instead of network in existing tests.
Stabilize disableCache test and unblacklist.
Stop actually downloading the test binary in downloadItem test.
Register 'myscheme' to avoid warning from QWebEngineUrlScheme.
Task-number: QTBUG-81558
Change-Id: I3178edd1eb241257e211855168ec4ca428a90d29
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
| |
The test assumes a 1-1 correspondence between request URLs and initiator
origins, but really we have a 1-N correspondence since the same URL can be
requested multiple times by different initiator origins. The current flakiness
results from just such a conflict, namely from one URL being requested both by
the main site (w3schools.com) and by AdSense (doubleclick.net).
Fixes: QTBUG-82288
Change-Id: Ida121d8f23b396b72a28faab91780d6fa4d99c92
Reviewed-by: Kirill Burtsev <kirill.burtsev@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Same as the widget fix:
ffdf7ece Fix widget accessibility on macOS
This patch depends on a focusChild() fix in qtdeclarative:
6420ad91d3 Fix QAccessibleQuickWindow::focusChild() to return focused descendant
Task-number: QTBUG-78284
Task-number: QTBUG-81539
Change-Id: If0da937d2c778a158ce02e1433b28ca0888692d8
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
| |
Setting an empty string instead of "()" fixes that case where the file
input doesn't have "accept" attribute.
Task-number: QTBUG-82109
Change-Id: I8a72f819fa6d8bbab4e5f1067b38ad75ff11e118
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
|
|
|
|
| |
Ammends 445235bc01. Preserve some previous assumptions on order of
change events for url and title. Fixes flaky failures in previously
written tests like WebEngineViewSource::test_viewSource.
Fixes: QTBUG-81855
Change-Id: I487d27d594d5a0d74d39b7b58e815e5c75a73fb3
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
|
|
|
|
|
|
|
|
|
| |
Trigger cookie monster init by making simple blank navigation to allow
run every single test separately. API loadAllCookies supposed to init
cookie storage to avoid this navigation but currenly doesn't work.
Task-number: QTBUG-80605
Change-Id: I0b71e7eeb015169af2042e90713c5aa96f8bb135
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
|
|
|
|
|
|
|
|
|
| |
* Fix TabView containing no tabs by using one method on close
with tab's button, StandardKey and windowCloseRequested.
* Prevent warning on invalid tab's icon
* Set default title for new empty tab
Change-Id: I1a8522b10fff8107e4ee213cb6760c637a4f6e9d
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
|
| |
BackAction might not be immediatelly enabled after frame's
content check through javascript. Amends d7d40469b5.
Change-Id: I2b6242da190c39b8d72d17d563c6c86238e56887
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
| |
Change-Id: Id4fa7fd2e28e9be44b5c1d9e0414d9e90277d9bd
|
|
|
|
|
|
|
|
|
|
|
| |
Since 5.14.1, it is supported.
List restrictions on Linux and ways of explicitly disabling sandboxing
on all platforms.
Fixes: QTBUG-81688
Change-Id: I7f8fc08b921cc0e50056cc143cbf63b62be90b4e
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We changed RootCompositorFrameSinks to be destroyed asynchronously (in
HostFrameSinkManager::InvalidateFrameSinkId) which means that one can still
exist during shutdown in GpuThreadControllerQt::destroyGpuProcess. This results
in a deadlock in single threaded GPU mode: in destroyGpuProcess we wait for the
viz thread to exit, but the FrameSinkManagerImpl on the viz thread will try to
destroy the RootCompositorFrameSink, which waits for work to be done on the
GPU=UI thread, which is waiting for the viz thread to exit.
Fix by destroying all RootCompositorFrameSinks before destroyGpuProcess.
Change-Id: I4cf135f29b90ae0bf78525d5747567dc10a775e6
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|\
| |
| |
| | |
Change-Id: I5a856d3976581806e75b775c2f383c6e4ed35530
|
| |
| |
| |
| |
| | |
Change-Id: I09c28da2c23a7132667fe5f839fea78e026123b1
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Pulls in following changes:
* 3bbfff059e3 FIXUP: Support GPU service on UI thread with viz
* a9a20127e8a Improve jpeg headers handling
Change-Id: I0c81edbb24e984a798bb71444a4a6498a38abb38
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
macOS Accessibility queries the window for the focused accessibility
element. The window forwards the query to the widget with active focus.
This widget is the RWHVQtDelegateWidget if a web element is focused
in QWebEngineView. Therefore, a QAccessibleWidget interface has been
implemented for the RWHVQtDelegateWidget to forward the request to the
QWebEngineView.
The focused accessibility element expected to be returned by the
QAccessibleInterface::focusChild() method. In case of the macOS accessibility
backend, it is called by the accessibilityFocusedUIElement() NSAccessibility
API function. It expects the focused web accessibility element otherwise
VoiceOver won't focus properly.
The focused web accessiblity element is looked up by the new
BrowserAccessibilityQt::focusChild() method.
RenderWidgetHostviewQtDelegateWidget::focusChild() and
QWebengineViewAccessible::focusChild() methods have been also implemented
to forward it.
This patch depends on a focusChild() fix in qtbase:
a132e02540 Fix QAccessibleWidget::focusChild() to return focused descendant
Microsoft Narrator also uses focusChild() to query the current focused
element when it starts but it is still functional without this fix.
Task-number: QTBUG-78284
Task-number: QTBUG-81539
Change-Id: I3c4861e58622ccbb5046c60c4efcc19842400a88
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| | |
It relies on moving the cursor.
Task-number: QTBUG-76312
Change-Id: I6bdd53b8c0eb41300a538137fb7ec52881c38f33
Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>
|
| |
| |
| |
| |
| |
| |
| | |
Fixes: QTBUG-81521
Change-Id: I8ca82224cd834b667471d1e96a44430164d3669e
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
| |
| |
| |
| |
| | |
Change-Id: I3fc41f664bf79ff6379c943411f7d38d0b4fa962
Reviewed-by: Kirill Burtsev <kirill.burtsev@qt.io>
|
|\ \ |
|
| |\ \
| | |/
| | |
| | | |
Change-Id: Ic2b5f2a3e6f5af56d92652e57c05a631481201b3
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Pulls in the following change:
* 0f7953646c1 [Backport] Allow restricted clock_nanosleep in Linux sandbox
Change-Id: I317ff3c5f068577e2eb7e0a49820ec19f4eb5300
Fixes: QTBUG-81313
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
| | |
| | |
| | |
| | |
| | | |
Change-Id: Ifb5f7c866c26746f989ab4e8c49c48bcbdb50077
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
We got one failure at previous integration.
Change-Id: Ic229a66bde151ea6a6a1805e38eb8e2f6f337107
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Pulls in following changes:
* c68e3faa08f [Backport] CVE-2019-13735: Out of bounds write in V8
* c0a7f013646 [Backport] CVE-2019-13754: Insufficient policy enforcement in extensions. (1/3)
* 11f1bad3655 [Backport] CVE-2019-13754: Insufficient policy enforcement in extensions (2/3)
* 9df23a4c06e [Backport] CVE-2019-13754: Insufficient policy enforcement in extensions. (3/3)
* fd8cf772447 [Backport] Security bug 1028191
* 8417e835260 [Backport] Security bug 974375
* 046bd9f50b6 [Backport] Security bug 889276
* 5fc987f210c [Backport] Security bug 1033260
* 9f87a1ede7c [Backport] CVE-2019-13755: Insufficient policy enforcement in extensions.
* cb8bce9edb2 Fix compile issues for ios
* fb54428bc4c Fix crash on page allocator
* e687bc69cdc Fix properly not working about_credits target
* 41d474d0e7c [Backport] CVE-2019-13745 1/2
* 6cd2b35a453 [Backport] CVE-2019-13746 1/2
* e89fce7cfa3 [Backport] CVE-2019-13746 2/2
* b7ce677ea5c [Backport] CVE-2019-13745 2/2
Task-number: QTBUG-80735
Change-Id: I15be332ef55ede2d110e0ba87c54fa936fd0bf18
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Pulls in security patches:
* 545b591cee6 [Backport] Security bug 1027905
* 9e44d0450c1 [Backport] CVE-2019-13747: Uninitialized Use in rendering.
* f32f09593b6 [Backport] Security bug 1025089
* 684a48706ad [Backport] Security bug 1016703
* ee0ec6e55f0 [Backport] CVE-2019-13757: Incorrect security UI in Omnibox (1/2)
* d5651e21821 [Backport] CVE-2019-13757: Incorrect security UI in Omnibox (2/2)
* 05833b160db [Backport] CVE-2019-13739
* 5e753a5b1d7 [Backport] CVE-2019-13738
Task-number: QTBUG-80735
Change-Id: Iad1afccce59ee09496e560f69d9dbe3743b29b06
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
|