openSUSE has issued an advisory on July 6: https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5TAIJROLXEDDASYPE5FNK2OGKN4IAJT5/
We should push the qtwebengine5 update that I just made in Cauldron to Mageia 8.
It's checked into SVN. I tried building it once, but the build system went homicidal and killed it for no reason. Will have to try again later.
Depends on: (none) => 29362
qtwebengine5-5.15.5-1.mga8 qtwebengine5-doc-5.15.5-1.mga8 libqt5pdf5-5.15.5-1.mga8 libqt5webengine-devel-5.15.5-1.mga8 libqt5webengine5-5.15.5-1.mga8 libqt5webenginewidgets5-5.15.5-1.mga8 libqt5pdfwidgets5-5.15.5-1.mga8 libqt5webenginecore5-5.15.5-1.mga8 from qtwebengine5-5.15.5-1.mga8.src.rpm
Assignee: kde => qa-bugs
MGA8-64 Plasma on Lenovo B50 Installation issue: "Sorry, the following package cannot be seected: - lib64qt5webengine-devel-5.15.5-1.mga8.x86_64" Allthe others install OK. Continuing .....
CC: (none) => herman.viaene
Looking in vain how to test this. BTW:when I check in http://madb.mageia.org/tools/updates the link "Bugzilla" to find previous updates, it returns nothing but this update itself. However, whill googling I found https://bugs.mageia.org/show_bug.cgi?id=20685, isn't that strange?????
Why can't the devel package be installed? For testing, check urpmq --whatrequires on the libraries.
# urpmq --whatrequires qtwebengine5 gives a.o. konqueror $ strace -o qtwebengin.txt konqueror used it to go to newspapersite and read some text, display images and view a video. Trace file has a whole lot of statements like access("/usr/lib64/qt5/libexec/QtWebEngineProcess", F_OK) = 0 lstat("/usr/lib64/qt5/libexec/QtWebEngineProcess", {st_mode=S_IFREG|0755, st_size=11496, ...}) = 0 access("/usr/share/qt5/resources/qtwebengine_resources.pak", F_OK) = 0 access("/usr/share/qt5/translations/qtwebengine_locales", F_OK) = 0 and more..... So OK'ing
Whiteboard: (none) => MGA8-64-OK
We still need to figure out if the -devel package is OK, otherwise this could break building other things. What's the deal there?
Whiteboard: MGA8-64-OK => (none)
I just checked it, there's nothing wrong with it. Must have been user error with qarepo.
Whiteboard: (none) => MGA8-64-OKCC: (none) => sysadmin-bugsKeywords: (none) => validated_update
Advisory: ======================== Updated qtwebengine5 packages fix security vulnerabilities: The qtwebengine5 package has been updated to version 5.15.5, fixing several security issues in the bundled chromium code. References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16044 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21118 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21119 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21120 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21121 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21122 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21123 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21126 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21127 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21128 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21129 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21130 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21131 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21132 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21135 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21137 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21140 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21141 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21145 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21146 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21147 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21148 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21149 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21150 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21152 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21153 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21156 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21157 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5TAIJROLXEDDASYPE5FNK2OGKN4IAJT5/
Keywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2021-0406.html
Status: NEW => RESOLVEDResolution: (none) => FIXED