Bug 30625

Summary: qtwebengine5 new security issues fixed upstream in 5.15.10
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: KDE maintainers <kde>
Status: RESOLVED OLD QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: geiger.david68210, mageia, nicolas.salguero
Version: 8   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Source RPM: qtwebengine5-5.15.9-1.mga9.src.rpm CVE:
Status comment:

Description David Walser 2022-07-11 19:39:44 CEST 
openSUSE has issued an advisory on July 10:
https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WT2AEVSRASQUW7I7AGAMZLKVP3GE3BMY/

It updates the bundled Chromium code to a newer version with more security fixes.

Fedora currently only has 5.15.9, so we might need to get sources from openSUSE.

Advisory will be as follows.

Advisory:
========================

Updated qtwebengine5 packages fix security vulnerabilities:

The qtwebengine5 package has been updated to version 5.15.10, fixing several
security issues in the bundled chromium code.

References:
https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WT2AEVSRASQUW7I7AGAMZLKVP3GE3BMY/
========================

Updated packages in core/updates_testing:
========================
qtwebengine5-5.15.10-1.mga8
qtwebengine5-doc-5.15.10-1.mga8
libqt5pdf5-5.15.10-1.mga8
libqt5webengine-devel-5.15.10-1.mga8
libqt5webengine5-5.15.10-1.mga8
libqt5webenginewidgets5-5.15.10-1.mga8
libqt5pdfwidgets5-5.15.10-1.mga8
libqt5webenginecore5-5.15.10-1.mga8

from qtwebengine5-5.15.10-1.mga8.src.rpm
David Walser 2022-07-11 19:40:03 CEST

Whiteboard: (none) => MGA8TOO

Comment 1 Nicolas Lécureuil 2022-09-05 23:25:29 CEST 
updating cauldron now.

CC: (none) => mageia

Comment 2 David Walser 2022-09-06 21:26:28 CEST 
Fedora has issued an advisory for this on September 5:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/CGGQIS6BNSVELAMFMNOM32DOFNW6WQCR/
Comment 3 David GEIGER 2023-06-27 03:04:59 CEST 
Cauldron is fixed!

CC: (none) => geiger.david68210
Version: Cauldron => 8
Whiteboard: MGA8TOO => (none)

Comment 4 Nicolas Salguero 2024-01-12 09:58:44 CET 
Mageia 8 EOL

Status: NEW => RESOLVED
Resolution: (none) => OLD
CC: (none) => nicolas.salguero