From 77e5ac14bbe084779f440bff1a1642cda0bc9d39 Mon Sep 17 00:00:00 2001 From: GLSAMaker Date: Thu, 23 Jan 2025 07:22:20 +0000 Subject: [ GLSA 202501-09 ] QtWebEngine: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/944807 Signed-off-by: GLSAMaker --- glsa-202501-09.xml | 134 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 134 insertions(+) create mode 100644 glsa-202501-09.xml diff --git a/glsa-202501-09.xml b/glsa-202501-09.xml new file mode 100644 index 00000000..99697342 --- /dev/null +++ b/glsa-202501-09.xml @@ -0,0 +1,134 @@ + + + + QtWebEngine: Multiple Vulnerabilities + Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. + qtwebengine + 2025-01-23 + 2025-01-23 + 944807 + remote + + + 5.15.16_p20241115 + 5.15.16_p20241115 + + + +

QtWebEngine is a library for rendering dynamic web content in Qt5 and Qt6 C++ and QML applications.

+ + +

Multiple vulnerabilities have been discovered in QtWebEngine. Please review the CVE identifiers referenced below for details.

+ + +

Please review the referenced CVE identifiers for details.

+ + +

There is no known workaround at this time.

+ + +

All QtWebEngine users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=dev-qt/qtwebengine-5.15.16_p20241115" + + + + CVE-2024-4058 + CVE-2024-4059 + CVE-2024-4060 + CVE-2024-4558 + CVE-2024-4559 + CVE-2024-4761 + CVE-2024-5157 + CVE-2024-5158 + CVE-2024-5159 + CVE-2024-5160 + CVE-2024-5830 + CVE-2024-5831 + CVE-2024-5832 + CVE-2024-5833 + CVE-2024-5834 + CVE-2024-5835 + CVE-2024-5836 + CVE-2024-5837 + CVE-2024-5838 + CVE-2024-5839 + CVE-2024-5840 + CVE-2024-5841 + CVE-2024-5842 + CVE-2024-5843 + CVE-2024-5844 + CVE-2024-5845 + CVE-2024-5846 + CVE-2024-5847 + CVE-2024-6290 + CVE-2024-6291 + CVE-2024-6292 + CVE-2024-6293 + CVE-2024-6988 + CVE-2024-6989 + CVE-2024-6991 + CVE-2024-6994 + CVE-2024-6995 + CVE-2024-6996 + CVE-2024-6997 + CVE-2024-6998 + CVE-2024-6999 + CVE-2024-7000 + CVE-2024-7001 + CVE-2024-7003 + CVE-2024-7004 + CVE-2024-7005 + CVE-2024-7532 + CVE-2024-7533 + CVE-2024-7534 + CVE-2024-7535 + CVE-2024-7536 + CVE-2024-7550 + CVE-2024-7964 + CVE-2024-7965 + CVE-2024-7966 + CVE-2024-7967 + CVE-2024-7968 + CVE-2024-7969 + CVE-2024-7971 + CVE-2024-7972 + CVE-2024-7973 + CVE-2024-7974 + CVE-2024-7975 + CVE-2024-7976 + CVE-2024-7977 + CVE-2024-7978 + CVE-2024-7979 + CVE-2024-7980 + CVE-2024-7981 + CVE-2024-8033 + CVE-2024-8034 + CVE-2024-8035 + CVE-2024-8193 + CVE-2024-8194 + CVE-2024-8198 + CVE-2024-8636 + CVE-2024-8637 + CVE-2024-8638 + CVE-2024-8639 + CVE-2024-9120 + CVE-2024-9121 + CVE-2024-9122 + CVE-2024-9123 + CVE-2024-9602 + CVE-2024-9603 + CVE-2024-10229 + CVE-2024-10230 + CVE-2024-10231 + CVE-2024-10826 + CVE-2024-10827 + CVE-2024-45490 + CVE-2024-45491 + CVE-2024-45492 + + graaff + graaff + \ No newline at end of file -- cgit v1.2.3-65-gdbad