Fedora Linux 8809 Published by

A qt5-qtwebengine security update has been released for Fedora 32.



SECURITY: Fedora 32 Update: qt5-qtwebengine-5.15.2-7.fc32


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2021-bdaf015218
2021-02-02 02:22:09.324191
--------------------------------------------------------------------------------

Name : qt5-qtwebengine
Product : Fedora 32
Version : 5.15.2
Release : 7.fc32
URL :   http://www.qt.io
Summary : Qt5 - QtWebEngine components
Description :
Qt5 - QtWebEngine components.

--------------------------------------------------------------------------------
Update Information:

This update rebases QtWebEngine to the latest Qt 5 release, 5.15.2, fixing
dozens of security issues. (The same version is already shipped on Fedora 33 and
Rawhide.) The included kf5-messagelib update backports a fix for compatibility
with QtWebEngine 5.15.x. The Chromium version has been updated to
83.0.4103.122, with backported security fixes from Chromium up to version
86.0.4240.183. That fixes dozens of security issues compared to 5.14.2. This
version also adds the Qt PDF module, a Qt wrapper around PDFium. This is a
separate library and cannot cause backwards compatibility issues. In addition,
several bugs have been fixed, see the Changes files: *
  https://code.qt.io/cgit/qt/qtwebengine.git/tree/dist/changes-5.15.0?h=5.15 *
  https://code.qt.io/cgit/qt/qtwebengine.git/tree/dist/changes-5.15.1?h=5.15 *
  https://code.qt.io/cgit/qt/qtwebengine.git/tree/dist/changes-5.15.2?h=5.15
Behavior Changes since 5.14.2: * XSS Auditing has been removed, and the
XSSAuditingEnabled setting no longer has any effect. * [QTBUG-79864] The viz
display compositor is now used by default on all platforms, but can be disabled
with --disable-viz-display-compositor. * The network layer integration has been
rewritten to use Chromium's network service, and now runs in a separate
sandboxed process by default. * [QTBUG-83656] CTRL+mouse wheel page zoom fixed,
and now works by default.
--------------------------------------------------------------------------------
ChangeLog:

* Sat Jan 23 2021 Kevin Kofler - 5.15.2-7
- Fix sandbox issue on 32-bit architectures with glibc >= 2.31 (from Debian)
* Sat Jan 23 2021 Kevin Kofler - 5.15.2-6
- Reenable system ICU on F33+, ICU 67 supported since 5.15.1 according to Debian
* Wed Jan 20 2021 Kevin Kofler - 5.15.2-5
- Fix sandbox issue breaking text rendering with glibc 2.33 (#1904652)
* Wed Dec 30 2020 Mattia Verga - 5.15.2-4
- Rebuild for gcc bugfix upgrade
* Fri Dec 4 2020 Jeff Law - 5.15.2-3
- Fix another missing #include for gcc-11
* Tue Nov 24 2020 Jan Grulich - 5.15.2-2
- Rebuild for qtbase with -no-reduce-relocations option
* Fri Nov 20 2020 Jan Grulich - 5.15.2-1
- 5.15.2
* Wed Nov 4 2020 Jeff Law - 5.15.1-3
- Fix missing #includes for gcc-11
* Wed Sep 23 2020 Jan Grulich - 5.15.1-2
- Rebuild (libevent)
* Fri Sep 11 2020 Jan Grulich - 5.15.1-1
- 5.15.1
* Fri Sep 4 2020 Than Ngo - 5.15.0-4
- Fix FTBFS
* Sat Aug 1 2020 Fedora Release Engineering - 5.15.0-3
- Second attempt - Rebuilt for
  https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Wed Jul 29 2020 Fedora Release Engineering - 5.15.0-2
- Rebuilt for   https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Wed Jun 10 2020 Rex Dieter - 5.15.0-1
- 5.15.0
- f33's icu-67.x currently not compatible, use bundled icu
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2021-bdaf015218' at the command
line. For more information, refer to the dnf documentation available at
  http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
  https://fedoraproject.org/keys