[openSUSE-SU-2021:0973-1] Security update for libqt5-qtwebengine
Severity
Important
Affected Packages
18
CVEs
29
Security update for libqt5-qtwebengine
This update for libqt5-qtwebengine fixes the following issues:
Update to version 5.15.3
CVE fixes backported in chromium updates:
- CVE-2020-16044: Use after free in WebRTC
- CVE-2021-21118: Heap buffer overflow in Blink
- CVE-2021-21119: Use after free in Media
- CVE-2021-21120: Use after free in WebSQL
- CVE-2021-21121: Use after free in Omnibox
- CVE-2021-21122: Use after free in Blink
- CVE-2021-21123: Insufficient data validation in File System API
- CVE-2021-21125: Insufficient policy enforcement in File System API
- CVE-2021-21126: Insufficient policy enforcement in extensions
- CVE-2021-21127: Insufficient policy enforcement in extensions
- CVE-2021-21128: Heap buffer overflow in Blink
- CVE-2021-21129: Insufficient policy enforcement in File System API
- CVE-2021-21130: Insufficient policy enforcement in File System API
- CVE-2021-21131: Insufficient policy enforcement in File System API
- CVE-2021-21132: Inappropriate implementation in DevTools
- CVE-2021-21135: Inappropriate implementation in Performance API
- CVE-2021-21137: Inappropriate implementation in DevTools
- CVE-2021-21140: Uninitialized Use in USB
- CVE-2021-21141: Insufficient policy enforcement in File System API
- CVE-2021-21145: Use after free in Fonts
- CVE-2021-21146: Use after free in Navigation
- CVE-2021-21147: Inappropriate implementation in Skia
- CVE-2021-21148: Heap buffer overflow in V8
- CVE-2021-21149: Stack overflow in Data Transfer
- CVE-2021-21150: Use after free in Downloads
- CVE-2021-21152: Heap buffer overflow in Media
- CVE-2021-21153: Stack overflow in GPU Process
- CVE-2021-21156: Heap buffer overflow in V8
- CVE-2021-21157: Use after free in Web Sockets
- ID
- openSUSE-SU-2021:0973-1
- Severity
- important
- URL
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5TAIJROLXEDDASYPE5FNK2OGKN4IAJT5/
- Published
-
2021-07-05T20:13:32
(3 years ago) - Modified
-
2021-07-05T20:13:32
(3 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS2-2021-1594
- ALPINE:CVE-2020-16044
- ALPINE:CVE-2021-21118
- ALPINE:CVE-2021-21119
- ALPINE:CVE-2021-21120
- ALPINE:CVE-2021-21121
- ALPINE:CVE-2021-21122
- ALPINE:CVE-2021-21123
- ALPINE:CVE-2021-21126
- ALPINE:CVE-2021-21127
- ALPINE:CVE-2021-21128
- ALPINE:CVE-2021-21132
- ALPINE:CVE-2021-21135
- ALPINE:CVE-2021-21137
- ALPINE:CVE-2021-21140
- ALPINE:CVE-2021-21145
- ALPINE:CVE-2021-21146
- ALPINE:CVE-2021-21147
- ALPINE:CVE-2021-21148
- ALPINE:CVE-2021-21149
- ALPINE:CVE-2021-21150
- ALPINE:CVE-2021-21152
- ALPINE:CVE-2021-21153
- ALPINE:CVE-2021-21156
- ALPINE:CVE-2021-21157
- ASA-202101-17
- ASA-202101-5
- ASA-202102-4
- ASA-202102-5
- ASA-202102-6
- ASA-202103-8
- CISA-2021:1103
- DSA-4827-1
- DSA-4842-1
- DSA-4846-1
- DSA-4858-1
- ELSA-2021-0052
- ELSA-2021-0053
- ELSA-2021-0087
- ELSA-2021-0089
- FEDORA-2021-05afa65d39
- FEDORA-2021-48866282e5
- FEDORA-2021-7fb30b9381
- FEDORA-2021-aa764a8531
- FEDORA-2021-b7cc24375b
- FEDORA-2021-c88a96bd4b
- FREEBSD:3E01AAD2-680E-11EB-83E2-E09467587C17
- FREEBSD:479FDFDA-6659-11EB-83E2-E09467587C17
- FREEBSD:48514901-711D-11EB-9846-E09467587C17
- FREEBSD:4ED0E43C-5CEF-11EB-BAFD-3065EC8FD3EC
- GLSA-202101-04
- GLSA-202101-13
- GLSA-202101-14
- GLSA-202104-08
- MFSA-2021-01
- MFSA-2021-02
- MS:CVE-2020-16044
- MS:CVE-2021-21118
- MS:CVE-2021-21119
- MS:CVE-2021-21120
- MS:CVE-2021-21121
- MS:CVE-2021-21122
- MS:CVE-2021-21123
- MS:CVE-2021-21125
- MS:CVE-2021-21126
- MS:CVE-2021-21127
- MS:CVE-2021-21128
- MS:CVE-2021-21129
- MS:CVE-2021-21130
- MS:CVE-2021-21131
- MS:CVE-2021-21132
- MS:CVE-2021-21135
- MS:CVE-2021-21137
- MS:CVE-2021-21140
- MS:CVE-2021-21141
- MS:CVE-2021-21145
- MS:CVE-2021-21146
- MS:CVE-2021-21147
- MS:CVE-2021-21148
- MS:CVE-2021-21149
- MS:CVE-2021-21150
- MS:CVE-2021-21152
- MS:CVE-2021-21153
- MS:CVE-2021-21156
- MS:CVE-2021-21157
- openSUSE-SU-2021:0056-1
- openSUSE-SU-2021:0063-1
- openSUSE-SU-2021:0093-1
- openSUSE-SU-2021:0127-1
- openSUSE-SU-2021:0166-1
- openSUSE-SU-2021:0173-1
- openSUSE-SU-2021:0177-1
- openSUSE-SU-2021:0186-1
- openSUSE-SU-2021:0259-1
- openSUSE-SU-2021:0267-1
- openSUSE-SU-2021:0268-1
- openSUSE-SU-2021:0276-1
- openSUSE-SU-2021:0296-1
- openSUSE-SU-2021:0392-1
- openSUSE-SU-2021:0401-1
- openSUSE-SU-2021:0413-1
- openSUSE-SU-2021:1016-1
- RHSA-2021:0052
- RHSA-2021:0053
- RHSA-2021:0087
- RHSA-2021:0089
- SUSE-SU-2021:0071-1
- SUSE-SU-2021:0072-1
- SUSE-SU-2021:0080-1
- SUSE-SU-2021:0122-1
- SUSE-SU-2021:0123-1
- USN-4687-1
- USN-4701-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/opensuse/libQt5PdfWidgets5?arch=x86_64&distro=opensuse-leap-15.2 | opensuse | libQt5PdfWidgets5 | < 5.15.3-lp152.3.3.4 | opensuse-leap-15.2 | x86_64 | |
Affected | pkg:rpm/opensuse/libQt5PdfWidgets5?arch=i586&distro=opensuse-leap-15.2 | opensuse | libQt5PdfWidgets5 | < 5.15.3-lp152.3.3.4 | opensuse-leap-15.2 | i586 | |
Affected | pkg:rpm/opensuse/libQt5Pdf5?arch=x86_64&distro=opensuse-leap-15.2 | opensuse | libQt5Pdf5 | < 5.15.3-lp152.3.3.4 | opensuse-leap-15.2 | x86_64 | |
Affected | pkg:rpm/opensuse/libQt5Pdf5?arch=i586&distro=opensuse-leap-15.2 | opensuse | libQt5Pdf5 | < 5.15.3-lp152.3.3.4 | opensuse-leap-15.2 | i586 | |
Affected | pkg:rpm/opensuse/libqt5-qtwebengine?arch=x86_64&distro=opensuse-leap-15.2 | opensuse | libqt5-qtwebengine | < 5.15.3-lp152.3.3.4 | opensuse-leap-15.2 | x86_64 | |
Affected | pkg:rpm/opensuse/libqt5-qtwebengine?arch=i586&distro=opensuse-leap-15.2 | opensuse | libqt5-qtwebengine | < 5.15.3-lp152.3.3.4 | opensuse-leap-15.2 | i586 | |
Affected | pkg:rpm/opensuse/libqt5-qtwebengine-private-headers-devel?arch=noarch&distro=opensuse-leap-15.2 | opensuse | libqt5-qtwebengine-private-headers-devel | < 5.15.3-lp152.3.3.4 | opensuse-leap-15.2 | noarch | |
Affected | pkg:rpm/opensuse/libqt5-qtwebengine-examples?arch=x86_64&distro=opensuse-leap-15.2 | opensuse | libqt5-qtwebengine-examples | < 5.15.3-lp152.3.3.4 | opensuse-leap-15.2 | x86_64 | |
Affected | pkg:rpm/opensuse/libqt5-qtwebengine-examples?arch=i586&distro=opensuse-leap-15.2 | opensuse | libqt5-qtwebengine-examples | < 5.15.3-lp152.3.3.4 | opensuse-leap-15.2 | i586 | |
Affected | pkg:rpm/opensuse/libqt5-qtwebengine-devel?arch=x86_64&distro=opensuse-leap-15.2 | opensuse | libqt5-qtwebengine-devel | < 5.15.3-lp152.3.3.4 | opensuse-leap-15.2 | x86_64 | |
Affected | pkg:rpm/opensuse/libqt5-qtwebengine-devel?arch=i586&distro=opensuse-leap-15.2 | opensuse | libqt5-qtwebengine-devel | < 5.15.3-lp152.3.3.4 | opensuse-leap-15.2 | i586 | |
Affected | pkg:rpm/opensuse/libqt5-qtpdf-private-headers-devel?arch=noarch&distro=opensuse-leap-15.2 | opensuse | libqt5-qtpdf-private-headers-devel | < 5.15.3-lp152.3.3.4 | opensuse-leap-15.2 | noarch | |
Affected | pkg:rpm/opensuse/libqt5-qtpdf-imports?arch=x86_64&distro=opensuse-leap-15.2 | opensuse | libqt5-qtpdf-imports | < 5.15.3-lp152.3.3.4 | opensuse-leap-15.2 | x86_64 | |
Affected | pkg:rpm/opensuse/libqt5-qtpdf-imports?arch=i586&distro=opensuse-leap-15.2 | opensuse | libqt5-qtpdf-imports | < 5.15.3-lp152.3.3.4 | opensuse-leap-15.2 | i586 | |
Affected | pkg:rpm/opensuse/libqt5-qtpdf-examples?arch=x86_64&distro=opensuse-leap-15.2 | opensuse | libqt5-qtpdf-examples | < 5.15.3-lp152.3.3.4 | opensuse-leap-15.2 | x86_64 | |
Affected | pkg:rpm/opensuse/libqt5-qtpdf-examples?arch=i586&distro=opensuse-leap-15.2 | opensuse | libqt5-qtpdf-examples | < 5.15.3-lp152.3.3.4 | opensuse-leap-15.2 | i586 | |
Affected | pkg:rpm/opensuse/libqt5-qtpdf-devel?arch=x86_64&distro=opensuse-leap-15.2 | opensuse | libqt5-qtpdf-devel | < 5.15.3-lp152.3.3.4 | opensuse-leap-15.2 | x86_64 | |
Affected | pkg:rpm/opensuse/libqt5-qtpdf-devel?arch=i586&distro=opensuse-leap-15.2 | opensuse | libqt5-qtpdf-devel | < 5.15.3-lp152.3.3.4 | opensuse-leap-15.2 | i586 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |