#12160 closed enhancement (fixed)
qt-everywhere-src-5.12.4 qtwebengine-5.12.4
Reported by: | Douglas R. Reno | Owned by: | Douglas R. Reno |
---|---|---|---|
Priority: | highest | Milestone: | 9.0 |
Component: | BOOK | Version: | SVN |
Severity: | normal | Keywords: | |
Cc: |
Description
New point version
Includes some security fixes for QtWebEngine, but that's the only component I checked so far.
If nobody else gets to this by the time I build it for gstreamer examples, I'll take it.
Change History (7)
comment:1 by , 6 years ago
comment:2 by , 6 years ago
Owner: | changed from | to
---|---|
Priority: | normal → highest |
Status: | new → assigned |
This is just for QtWebEngine. There are very many HIGH vulnerabilities, with a few Medium and Low sprinkled in there too.
**************************************************************************** * Qt 5.12.4 Changes * **************************************************************************** General ------- - [QTBUG-57729, QTBUG-75539] Fixed automatic NTLM authentication, and added support for --auth-server-whitelist. - [QTBUG-60203] Fixed setting referer HTTP header in request interceptor. - [QTBUG-74251, QTBUG-74698] Normalize download paths on Windows. - [QTBUG-74864] Fixed resolving relative URLs with custom schemes. - [QTBUG-75092] Fixed printing in landscape orientation. - [QTBUG-75212] Added support for building with VS 2019. - [QTBUG-75304] Fixed running non-MainWorld DocumentCreations scripts when JavaScript is disabled. - [QTBUG-75465] Fixed -no-gui builds. - [QTBUG-75629] Fixed crash on Linux when pulseaudio had no devices. - [QTBUG-76045] Fixed desktop capture on macOS. - [QTBUG-73799] Try different versions when creating a CoreProfile context on macOS Chromium -------- - Security fixes from Chromium up to version 74.0.3729.157, including: - CVE-2019-5805 - CVE-2019-5806 - CVE-2019-5808 - CVE-2019-5814 - CVE-2019-5815 - CVE-2019-5818 - CVE-2019-5819 - CVE-2019-5820 - CVE-2019-5821 - CVE-2019-5822 - CVE-2019-5823 - CVE-2019-5824 - CVE-2019-5825 - CVE-2019-5826 - CVE-2019-5827 - security issue 894933 - security issue 908669 - security issue 931949 - security issue 937663 - security issue 939316 - security issue 940205 - security issue 949015 - security issue 951322 Qt WebEngine Widgets -------------------- - [QTBUG-75131, QTBUG-75175] Fixed QWebEngineView::setPage not deleting old page. - [QTBUG-75547] Fixed crash on exit when page and profile were deleted in the wrong order. - [QTBUG-75566] Added path validation to QWebEngineDownloadItem::setPath().
comment:3 by , 6 years ago
I'm going to add a comment to the book for this, but DESTDIR doesn't work for this package. You must use INSTALL_ROOT= instead
Ken, I'll try to get around to testing Falkon and/or Plasma by Tuesday or Wednesday.
follow-up: 5 comment:4 by , 6 years ago
Resolution: | → fixed |
---|---|
Status: | assigned → closed |
Fixed at r21693
Ken, I'll give Falkon and Plasma a shot this week at some point
comment:5 by , 6 years ago
Replying to renodr:
Fixed at r21693
Ken, I'll give Falkon and Plasma a shot this week at some point
I think I'm becoming senile - I documented this on the qtwebengine page in Configuring QtWebEngine. I've just updated to 5.12.4 on a different system, got the same problem, and eventually found a link to that page ;-)
Mind you, getting some sleep might also help.
comment:6 by , 6 years ago
Just in case anybody using 5.12 cares: if all you care about is vulnerabilities on an existing system, falkon is working with qtwebengine-5.12.4 (only) on top of qt-5.12.3 on my systems. So, just like most 5.11 and earlier changes - only webengine needs to be updated.
Obviously, doing that doesn't bring in whatever bugfixes are in qt itself, and I'm sure that BLFS will move to 5.13. But for my own builds I'll probably stick with 5.12 which is a long term support version.
I gave this a try on a current system: builds with the current instructions, but falkon is unable to display anything from some sites, such as theregister.co.uk and mail.google.com : for me the latter is critical, I'm reverting to a backup.