Opened 4 years ago

Closed 4 years ago

#11164 closed enhancement (fixed)

qt-everywhere-src-5.11.2

Reported by: Bruce Dubbs Owned by: ken@…
Priority: normal Milestone: 8.4
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description

New point version.

Change History (4)

comment:1 by Douglas R. Reno, 4 years ago

Just a snippet from one of the changelogs:

****************************************************************************
*                              Qt 5.11.2 Changes                           *
****************************************************************************

Chromium
--------

 - Security fixes from Chromium up to version 68.0.3440.75, including:
     * CVE-2018-4117
     * CVE-2018-6150
     * CVE-2018-6152
     * CVE-2018-6155
     * CVE-2018-6158
     * CVE-2018-6159
     * CVE-2018-6161
     * CVE-2018-6162
     * CVE-2018-6163
     * CVE-2018-6164
     * CVE-2018-6165
     * CVE-2018-6167
     * CVE-2018-6168
     * CVE-2018-6172
     * CVE-2018-6175
     * CVE-2018-6177
     * Security Bug 683418
     * Security Bug 831117
     * Security Bug 838886
     * Security Bug 839197
     * Security Bug 840695
     * Security Bug 854887
     * Security Bug 860721
     * Security Bug 861571

comment:2 by ken@…, 4 years ago

Owner: changed from blfs-book to ken@…
Status: newassigned

Just a note that all of those security fixes are in qtwebengine.

Other changes listed at https://wiki.qt.io/Qt_5.11.2_Change_Files - I can see bugfixes in qtbase, qtconnectivity, qtdeclarative, qtlocation, qtmultimedia, qtquickcontrols2, qtvirtualkeyboard, qtwayland. A few of them might be relevant to x86_64-linux.

As a user of falkon, and therefore qtwebengine, I assume that just dropping that in over 5.11.1 will work.

in reply to:  2 comment:3 by ken@…, 4 years ago

Replying to ken@…:

As a user of falkon, and therefore qtwebengine, I assume that just dropping that in over 5.11.1 will work.

Confirmed, qtwebengine-5.11.2 builds fine on qt-5.11.1 and the symlinks for webengine's libraries updated correctly, as I had expected. So for anyone updating webengine to fix the vulnerabilities, a bit less required effort.

comment:4 by ken@…, 4 years ago

Resolution: fixed
Status: assignedclosed

Fixed in r20520 and patch name fixed in r20521.

Note: See TracTickets for help on using tickets.