Next set of qtwebengine updates
|Reported by:||Owned by:|
Description (last modified by )
The public release of qt-5.15.3 might happen at the end of april, but meanwhile they have updated their 5.15 branch to fix a number of specified security issues (those turned out to be chromium security issues, I see no point in trying to discover the details of what are probably still restricted issues), as well as several CVEs:
At the end of March they fixed CVE-2021-21193, CVE-2021-21191, CVE-2021-21166, CVE-2021-21187, CVE-2021-21183 and CVE-2020-27844 (all originally raised against chromium).
On 1st April they fixed two more of the latest batch of chromium CVEs, CVE-2021-21198 and CVE-2021-21195.
It is not clear if they have finished with this latest batch, but the items changed suggest that they maybe have (the latest batch is CVE-2021-21194-21199, see e.g. [ https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-google-chrome-could-allow-for-arbitrary-code-execution_2021-042/]
Keeping this open for a couple of days to see if more updates appear.