1. Home
  2. Security Advisories
  3. OpenSUSE
  4. openSUSE-SU-2021:0973-1

[openSUSE-SU-2021:0973-1] Security update for libqt5-qtwebengine

Severity Important
Affected Packages 18
CVEs 29
Info Packages References Vulnerabilities

Security update for libqt5-qtwebengine

This update for libqt5-qtwebengine fixes the following issues:

Update to version 5.15.3

CVE fixes backported in chromium updates:

  • CVE-2020-16044: Use after free in WebRTC
  • CVE-2021-21118: Heap buffer overflow in Blink
  • CVE-2021-21119: Use after free in Media
  • CVE-2021-21120: Use after free in WebSQL
  • CVE-2021-21121: Use after free in Omnibox
  • CVE-2021-21122: Use after free in Blink
  • CVE-2021-21123: Insufficient data validation in File System API
  • CVE-2021-21125: Insufficient policy enforcement in File System API
  • CVE-2021-21126: Insufficient policy enforcement in extensions
  • CVE-2021-21127: Insufficient policy enforcement in extensions
  • CVE-2021-21128: Heap buffer overflow in Blink
  • CVE-2021-21129: Insufficient policy enforcement in File System API
  • CVE-2021-21130: Insufficient policy enforcement in File System API
  • CVE-2021-21131: Insufficient policy enforcement in File System API
  • CVE-2021-21132: Inappropriate implementation in DevTools
  • CVE-2021-21135: Inappropriate implementation in Performance API
  • CVE-2021-21137: Inappropriate implementation in DevTools
  • CVE-2021-21140: Uninitialized Use in USB
  • CVE-2021-21141: Insufficient policy enforcement in File System API
  • CVE-2021-21145: Use after free in Fonts
  • CVE-2021-21146: Use after free in Navigation
  • CVE-2021-21147: Inappropriate implementation in Skia
  • CVE-2021-21148: Heap buffer overflow in V8
  • CVE-2021-21149: Stack overflow in Data Transfer
  • CVE-2021-21150: Use after free in Downloads
  • CVE-2021-21152: Heap buffer overflow in Media
  • CVE-2021-21153: Stack overflow in GPU Process
  • CVE-2021-21156: Heap buffer overflow in V8
  • CVE-2021-21157: Use after free in Web Sockets
Package Affected Version
pkg:rpm/opensuse/libQt5PdfWidgets5?arch=x86_64&distro=opensuse-leap-15.2 < 5.15.3-lp152.3.3.4
pkg:rpm/opensuse/libQt5PdfWidgets5?arch=i586&distro=opensuse-leap-15.2 < 5.15.3-lp152.3.3.4
pkg:rpm/opensuse/libQt5Pdf5?arch=x86_64&distro=opensuse-leap-15.2 < 5.15.3-lp152.3.3.4
pkg:rpm/opensuse/libQt5Pdf5?arch=i586&distro=opensuse-leap-15.2 < 5.15.3-lp152.3.3.4
pkg:rpm/opensuse/libqt5-qtwebengine?arch=x86_64&distro=opensuse-leap-15.2 < 5.15.3-lp152.3.3.4
pkg:rpm/opensuse/libqt5-qtwebengine?arch=i586&distro=opensuse-leap-15.2 < 5.15.3-lp152.3.3.4
pkg:rpm/opensuse/libqt5-qtwebengine-private-headers-devel?arch=noarch&distro=opensuse-leap-15.2 < 5.15.3-lp152.3.3.4
pkg:rpm/opensuse/libqt5-qtwebengine-examples?arch=x86_64&distro=opensuse-leap-15.2 < 5.15.3-lp152.3.3.4
pkg:rpm/opensuse/libqt5-qtwebengine-examples?arch=i586&distro=opensuse-leap-15.2 < 5.15.3-lp152.3.3.4
pkg:rpm/opensuse/libqt5-qtwebengine-devel?arch=x86_64&distro=opensuse-leap-15.2 < 5.15.3-lp152.3.3.4
pkg:rpm/opensuse/libqt5-qtwebengine-devel?arch=i586&distro=opensuse-leap-15.2 < 5.15.3-lp152.3.3.4
pkg:rpm/opensuse/libqt5-qtpdf-private-headers-devel?arch=noarch&distro=opensuse-leap-15.2 < 5.15.3-lp152.3.3.4
pkg:rpm/opensuse/libqt5-qtpdf-imports?arch=x86_64&distro=opensuse-leap-15.2 < 5.15.3-lp152.3.3.4
pkg:rpm/opensuse/libqt5-qtpdf-imports?arch=i586&distro=opensuse-leap-15.2 < 5.15.3-lp152.3.3.4
pkg:rpm/opensuse/libqt5-qtpdf-examples?arch=x86_64&distro=opensuse-leap-15.2 < 5.15.3-lp152.3.3.4
pkg:rpm/opensuse/libqt5-qtpdf-examples?arch=i586&distro=opensuse-leap-15.2 < 5.15.3-lp152.3.3.4
pkg:rpm/opensuse/libqt5-qtpdf-devel?arch=x86_64&distro=opensuse-leap-15.2 < 5.15.3-lp152.3.3.4
pkg:rpm/opensuse/libqt5-qtpdf-devel?arch=i586&distro=opensuse-leap-15.2 < 5.15.3-lp152.3.3.4
ID
openSUSE-SU-2021:0973-1
Severity
important
URL
https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5TAIJROLXEDDASYPE5FNK2OGKN4IAJT5/
Published
2021-07-05T20:13:32
(3 years ago)
Modified
2021-07-05T20:13:32
(3 years ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Source # ID Name URL
Suse SUSE ratings https://www.suse.com/support/security/rating/
Suse URL of this CSAF notice https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2021_0973-1.json
Suse URL for openSUSE-SU-2021:0973-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5TAIJROLXEDDASYPE5FNK2OGKN4IAJT5/
Suse E-Mail link for openSUSE-SU-2021:0973-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5TAIJROLXEDDASYPE5FNK2OGKN4IAJT5/
Bugzilla SUSE Bug 1130395 https://bugzilla.suse.com/1130395
Bugzilla SUSE Bug 1158516 https://bugzilla.suse.com/1158516
Bugzilla SUSE Bug 1163744 https://bugzilla.suse.com/1163744
Bugzilla SUSE Bug 1163766 https://bugzilla.suse.com/1163766
Bugzilla SUSE Bug 1182233 https://bugzilla.suse.com/1182233
CVE SUSE CVE CVE-2020-16044 page https://www.suse.com/security/cve/CVE-2020-16044/
CVE SUSE CVE CVE-2021-21118 page https://www.suse.com/security/cve/CVE-2021-21118/
CVE SUSE CVE CVE-2021-21119 page https://www.suse.com/security/cve/CVE-2021-21119/
CVE SUSE CVE CVE-2021-21120 page https://www.suse.com/security/cve/CVE-2021-21120/
CVE SUSE CVE CVE-2021-21121 page https://www.suse.com/security/cve/CVE-2021-21121/
CVE SUSE CVE CVE-2021-21122 page https://www.suse.com/security/cve/CVE-2021-21122/
CVE SUSE CVE CVE-2021-21123 page https://www.suse.com/security/cve/CVE-2021-21123/
CVE SUSE CVE CVE-2021-21125 page https://www.suse.com/security/cve/CVE-2021-21125/
CVE SUSE CVE CVE-2021-21126 page https://www.suse.com/security/cve/CVE-2021-21126/
CVE SUSE CVE CVE-2021-21127 page https://www.suse.com/security/cve/CVE-2021-21127/
CVE SUSE CVE CVE-2021-21128 page https://www.suse.com/security/cve/CVE-2021-21128/
CVE SUSE CVE CVE-2021-21129 page https://www.suse.com/security/cve/CVE-2021-21129/
CVE SUSE CVE CVE-2021-21130 page https://www.suse.com/security/cve/CVE-2021-21130/
CVE SUSE CVE CVE-2021-21131 page https://www.suse.com/security/cve/CVE-2021-21131/
CVE SUSE CVE CVE-2021-21132 page https://www.suse.com/security/cve/CVE-2021-21132/
CVE SUSE CVE CVE-2021-21135 page https://www.suse.com/security/cve/CVE-2021-21135/
CVE SUSE CVE CVE-2021-21137 page https://www.suse.com/security/cve/CVE-2021-21137/
CVE SUSE CVE CVE-2021-21140 page https://www.suse.com/security/cve/CVE-2021-21140/
CVE SUSE CVE CVE-2021-21141 page https://www.suse.com/security/cve/CVE-2021-21141/
CVE SUSE CVE CVE-2021-21145 page https://www.suse.com/security/cve/CVE-2021-21145/
CVE SUSE CVE CVE-2021-21146 page https://www.suse.com/security/cve/CVE-2021-21146/
CVE SUSE CVE CVE-2021-21147 page https://www.suse.com/security/cve/CVE-2021-21147/
CVE SUSE CVE CVE-2021-21148 page https://www.suse.com/security/cve/CVE-2021-21148/
CVE SUSE CVE CVE-2021-21149 page https://www.suse.com/security/cve/CVE-2021-21149/
CVE SUSE CVE CVE-2021-21150 page https://www.suse.com/security/cve/CVE-2021-21150/
CVE SUSE CVE CVE-2021-21152 page https://www.suse.com/security/cve/CVE-2021-21152/
CVE SUSE CVE CVE-2021-21153 page https://www.suse.com/security/cve/CVE-2021-21153/
CVE SUSE CVE CVE-2021-21156 page https://www.suse.com/security/cve/CVE-2021-21156/
CVE SUSE CVE CVE-2021-21157 page https://www.suse.com/security/cve/CVE-2021-21157/
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/opensuse/libQt5PdfWidgets5?arch=x86_64&distro=opensuse-leap-15.2 opensuse libQt5PdfWidgets5 < 5.15.3-lp152.3.3.4 opensuse-leap-15.2 x86_64
Affected pkg:rpm/opensuse/libQt5PdfWidgets5?arch=i586&distro=opensuse-leap-15.2 opensuse libQt5PdfWidgets5 < 5.15.3-lp152.3.3.4 opensuse-leap-15.2 i586
Affected pkg:rpm/opensuse/libQt5Pdf5?arch=x86_64&distro=opensuse-leap-15.2 opensuse libQt5Pdf5 < 5.15.3-lp152.3.3.4 opensuse-leap-15.2 x86_64
Affected pkg:rpm/opensuse/libQt5Pdf5?arch=i586&distro=opensuse-leap-15.2 opensuse libQt5Pdf5 < 5.15.3-lp152.3.3.4 opensuse-leap-15.2 i586
Affected pkg:rpm/opensuse/libqt5-qtwebengine?arch=x86_64&distro=opensuse-leap-15.2 opensuse libqt5-qtwebengine < 5.15.3-lp152.3.3.4 opensuse-leap-15.2 x86_64
Affected pkg:rpm/opensuse/libqt5-qtwebengine?arch=i586&distro=opensuse-leap-15.2 opensuse libqt5-qtwebengine < 5.15.3-lp152.3.3.4 opensuse-leap-15.2 i586
Affected pkg:rpm/opensuse/libqt5-qtwebengine-private-headers-devel?arch=noarch&distro=opensuse-leap-15.2 opensuse libqt5-qtwebengine-private-headers-devel < 5.15.3-lp152.3.3.4 opensuse-leap-15.2 noarch
Affected pkg:rpm/opensuse/libqt5-qtwebengine-examples?arch=x86_64&distro=opensuse-leap-15.2 opensuse libqt5-qtwebengine-examples < 5.15.3-lp152.3.3.4 opensuse-leap-15.2 x86_64
Affected pkg:rpm/opensuse/libqt5-qtwebengine-examples?arch=i586&distro=opensuse-leap-15.2 opensuse libqt5-qtwebengine-examples < 5.15.3-lp152.3.3.4 opensuse-leap-15.2 i586
Affected pkg:rpm/opensuse/libqt5-qtwebengine-devel?arch=x86_64&distro=opensuse-leap-15.2 opensuse libqt5-qtwebengine-devel < 5.15.3-lp152.3.3.4 opensuse-leap-15.2 x86_64
Affected pkg:rpm/opensuse/libqt5-qtwebengine-devel?arch=i586&distro=opensuse-leap-15.2 opensuse libqt5-qtwebengine-devel < 5.15.3-lp152.3.3.4 opensuse-leap-15.2 i586
Affected pkg:rpm/opensuse/libqt5-qtpdf-private-headers-devel?arch=noarch&distro=opensuse-leap-15.2 opensuse libqt5-qtpdf-private-headers-devel < 5.15.3-lp152.3.3.4 opensuse-leap-15.2 noarch
Affected pkg:rpm/opensuse/libqt5-qtpdf-imports?arch=x86_64&distro=opensuse-leap-15.2 opensuse libqt5-qtpdf-imports < 5.15.3-lp152.3.3.4 opensuse-leap-15.2 x86_64
Affected pkg:rpm/opensuse/libqt5-qtpdf-imports?arch=i586&distro=opensuse-leap-15.2 opensuse libqt5-qtpdf-imports < 5.15.3-lp152.3.3.4 opensuse-leap-15.2 i586
Affected pkg:rpm/opensuse/libqt5-qtpdf-examples?arch=x86_64&distro=opensuse-leap-15.2 opensuse libqt5-qtpdf-examples < 5.15.3-lp152.3.3.4 opensuse-leap-15.2 x86_64
Affected pkg:rpm/opensuse/libqt5-qtpdf-examples?arch=i586&distro=opensuse-leap-15.2 opensuse libqt5-qtpdf-examples < 5.15.3-lp152.3.3.4 opensuse-leap-15.2 i586
Affected pkg:rpm/opensuse/libqt5-qtpdf-devel?arch=x86_64&distro=opensuse-leap-15.2 opensuse libqt5-qtpdf-devel < 5.15.3-lp152.3.3.4 opensuse-leap-15.2 x86_64
Affected pkg:rpm/opensuse/libqt5-qtpdf-devel?arch=i586&distro=opensuse-leap-15.2 opensuse libqt5-qtpdf-devel < 5.15.3-lp152.3.3.4 opensuse-leap-15.2 i586
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date