Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 488
Alerts This Week
Warning Icon 1 488

Fedora 24: 2017-98bed96d12 Moderate: Multiple QtWebEngine Security Issues

fedora
Calendar Grey July 23, 2017
Dist Fedora Esm H88
This release addresses several vulnerabilities in QtWebEngine, implementing critical bug corrections and strengthening overall safety measures.
This update updates QtWebEngine to a snapshot from the Qt 5.6 LTS (long-term support) branch

Summary

Qt5 - QtWebEngine components.

This update updates QtWebEngine to a snapshot from the Qt 5.6 LTS (long-term

support) branch. This is a snapshot of the QtWebEngine that will be included in

the bugfix and security release Qt 5.6.3, but only the QtWebEngine component is

included in this update. The update fixes the following security issues in

QtWebEngine 5.6.2: CVE-2016-5133, CVE-2016-5147, CVE-2016-5153, CVE-2016-5155,

CVE-2016-5161, CVE-2016-5166, CVE-2016-5170, CVE-2016-5171, CVE-2016-5172,

CVE-2016-5181, CVE-2016-5185, CVE-2016-5186, CVE-2016-5187, CVE-2016-5188,

CVE-2016-5192, CVE-2016-5198, CVE-2016-5205, CVE-2016-5207, CVE-2016-5208,

CVE-2016-5214, CVE-2016-5215, CVE-2016-5221, CVE-2016-5222, CVE-2016-5224,

CVE-2016-5225, CVE-2016-9650, CVE-2016-9651, CVE-2016-9652, CVE-2017-5006,

CVE-2017-5007, CVE-2017-5008, CVE-2017-5009, CVE-2017-5010, CVE-2017-5012,

CVE-2017-5015, CVE-2017-5016, CVE-2017-5017, CVE-2017-5019, CVE-2017-5023,

CVE-2017-5024, CVE-2017-5025, CVE-2017-5026, CVE-2017-5027, CVE-2017-5029,

CVE-2017-5033, CVE-2017-5037, CVE-2017-5044, CVE-2017-5046, CVE-2017-5047,

CVE-2017-5048, CVE-2017-5049, CVE-2017-5050, CVE-2017-5051, CVE-2017-5059,

CVE-2017-5061, CVE-2017-5062, CVE-2017-5065, CVE-2017-5067, CVE-2017-5069,

CVE-2017-5070, CVE-2017-5071, CVE-2017-5075, CVE-2017-5076, CVE-2016-5078,

CVE-2017-5083, and CVE-2017-5089. Other important changes include: * Based on

Chromium 49.0.2623.111 (the version used in QtWebEngine 5.7.x) with security

fixes from Chromium up to version 59.0.3071.104. (5.6.2 was based on Chromium

45.0.2554.101 with security fixes from Chromium up to version 52.0.2743.116.) *

All other bug fixes from QtWebEngine 5.7.1 have been backported. See

for

details. (Please note that at the time of this writing, not all security

backports are listed in that file yet. The list above is accurate.)

su -c 'dnf upgrade qt5-qtwebengine' at the command line.

For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Change Log

References

Update Instructions

Product: Fedora 24
Version: 5.6.3
Release: 0.1.20170712gitee719ad313e564.fc24
Summary: Qt5 - QtWebEngine components

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.