Linux Security
    Linux Security
    Linux Security

    Gentoo: GLSA-202101-30: Qt WebEngine: Multiple vulnerabilities

    Date 25 Jan 2021
    162
    Posted By LinuxSecurity Advisories
    Multiple vulnerabilities have been found in Qt WebEngine, the worst of which could result in the arbitrary execution of code.
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Gentoo Linux Security Advisory                           GLSA 202101-30
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                               https://security.gentoo.org/
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    
     Severity: Normal
        Title: Qt WebEngine: Multiple vulnerabilities
         Date: January 26, 2021
         Bugs: #734600, #754852
           ID: 202101-30
    
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    
    Synopsis
    ========
    
    Multiple vulnerabilities have been found in Qt WebEngine, the worst of
    which could result in the arbitrary execution of code.
    
    Background
    ==========
    
    Library for rendering dynamic web content in Qt5 C++ and QML
    applications.
    
    Affected packages
    =================
    
        -------------------------------------------------------------------
         Package              /     Vulnerable     /            Unaffected
        -------------------------------------------------------------------
      1  dev-qt/qtwebengine           < 5.15.2                  >= 5.15.2
    
    Description
    ===========
    
    Multiple vulnerabilities have been discovered in Qt WebEngine. Please
    review the CVE identifiers referenced below for details.
    
    Impact
    ======
    
    Please review the referenced CVE identifiers for details.
    
    Workaround
    ==========
    
    There is no known workaround at this time.
    
    Resolution
    ==========
    
    All Qt WebEngine users should upgrade to the latest version:
    
      # emerge --sync
      # emerge --ask --oneshot --verbose ">=dev-qt/qtwebengine-5.15.2"
    
    References
    ==========
    
    [   1 ] CVE-2020-15959
            https://nvd.nist.gov/vuln/detail/CVE-2020-15959
    [   2 ] CVE-2020-15959
            https://nvd.nist.gov/vuln/detail/CVE-2020-15959
    [   3 ] CVE-2020-15960
            https://nvd.nist.gov/vuln/detail/CVE-2020-15960
    [   4 ] CVE-2020-15960
            https://nvd.nist.gov/vuln/detail/CVE-2020-15960
    [   5 ] CVE-2020-15961
            https://nvd.nist.gov/vuln/detail/CVE-2020-15961
    [   6 ] CVE-2020-15961
            https://nvd.nist.gov/vuln/detail/CVE-2020-15961
    [   7 ] CVE-2020-15962
            https://nvd.nist.gov/vuln/detail/CVE-2020-15962
    [   8 ] CVE-2020-15962
            https://nvd.nist.gov/vuln/detail/CVE-2020-15962
    [   9 ] CVE-2020-15963
            https://nvd.nist.gov/vuln/detail/CVE-2020-15963
    [  10 ] CVE-2020-15963
            https://nvd.nist.gov/vuln/detail/CVE-2020-15963
    [  11 ] CVE-2020-15964
            https://nvd.nist.gov/vuln/detail/CVE-2020-15964
    [  12 ] CVE-2020-15964
            https://nvd.nist.gov/vuln/detail/CVE-2020-15964
    [  13 ] CVE-2020-15965
            https://nvd.nist.gov/vuln/detail/CVE-2020-15965
    [  14 ] CVE-2020-15965
            https://nvd.nist.gov/vuln/detail/CVE-2020-15965
    [  15 ] CVE-2020-15966
            https://nvd.nist.gov/vuln/detail/CVE-2020-15966
    [  16 ] CVE-2020-15966
            https://nvd.nist.gov/vuln/detail/CVE-2020-15966
    [  17 ] CVE-2020-15968
            https://nvd.nist.gov/vuln/detail/CVE-2020-15968
    [  18 ] CVE-2020-15968
            https://nvd.nist.gov/vuln/detail/CVE-2020-15968
    [  19 ] CVE-2020-15969
            https://nvd.nist.gov/vuln/detail/CVE-2020-15969
    [  20 ] CVE-2020-15969
            https://nvd.nist.gov/vuln/detail/CVE-2020-15969
    [  21 ] CVE-2020-15972
            https://nvd.nist.gov/vuln/detail/CVE-2020-15972
    [  22 ] CVE-2020-15972
            https://nvd.nist.gov/vuln/detail/CVE-2020-15972
    [  23 ] CVE-2020-15974
            https://nvd.nist.gov/vuln/detail/CVE-2020-15974
    [  24 ] CVE-2020-15974
            https://nvd.nist.gov/vuln/detail/CVE-2020-15974
    [  25 ] CVE-2020-15976
            https://nvd.nist.gov/vuln/detail/CVE-2020-15976
    [  26 ] CVE-2020-15976
            https://nvd.nist.gov/vuln/detail/CVE-2020-15976
    [  27 ] CVE-2020-15977
            https://nvd.nist.gov/vuln/detail/CVE-2020-15977
    [  28 ] CVE-2020-15977
            https://nvd.nist.gov/vuln/detail/CVE-2020-15977
    [  29 ] CVE-2020-15978
            https://nvd.nist.gov/vuln/detail/CVE-2020-15978
    [  30 ] CVE-2020-15978
            https://nvd.nist.gov/vuln/detail/CVE-2020-15978
    [  31 ] CVE-2020-15979
            https://nvd.nist.gov/vuln/detail/CVE-2020-15979
    [  32 ] CVE-2020-15979
            https://nvd.nist.gov/vuln/detail/CVE-2020-15979
    [  33 ] CVE-2020-15985
            https://nvd.nist.gov/vuln/detail/CVE-2020-15985
    [  34 ] CVE-2020-15985
            https://nvd.nist.gov/vuln/detail/CVE-2020-15985
    [  35 ] CVE-2020-15987
            https://nvd.nist.gov/vuln/detail/CVE-2020-15987
    [  36 ] CVE-2020-15987
            https://nvd.nist.gov/vuln/detail/CVE-2020-15987
    [  37 ] CVE-2020-15989
            https://nvd.nist.gov/vuln/detail/CVE-2020-15989
    [  38 ] CVE-2020-15989
            https://nvd.nist.gov/vuln/detail/CVE-2020-15989
    [  39 ] CVE-2020-15992
            https://nvd.nist.gov/vuln/detail/CVE-2020-15992
    [  40 ] CVE-2020-15992
            https://nvd.nist.gov/vuln/detail/CVE-2020-15992
    [  41 ] CVE-2020-16001
            https://nvd.nist.gov/vuln/detail/CVE-2020-16001
    [  42 ] CVE-2020-16001
            https://nvd.nist.gov/vuln/detail/CVE-2020-16001
    [  43 ] CVE-2020-16002
            https://nvd.nist.gov/vuln/detail/CVE-2020-16002
    [  44 ] CVE-2020-16002
            https://nvd.nist.gov/vuln/detail/CVE-2020-16002
    [  45 ] CVE-2020-16003
            https://nvd.nist.gov/vuln/detail/CVE-2020-16003
    [  46 ] CVE-2020-16003
            https://nvd.nist.gov/vuln/detail/CVE-2020-16003
    [  47 ] CVE-2020-6467
            https://nvd.nist.gov/vuln/detail/CVE-2020-6467
    [  48 ] CVE-2020-6467
            https://nvd.nist.gov/vuln/detail/CVE-2020-6467
    [  49 ] CVE-2020-6470
            https://nvd.nist.gov/vuln/detail/CVE-2020-6470
    [  50 ] CVE-2020-6470
            https://nvd.nist.gov/vuln/detail/CVE-2020-6470
    [  51 ] CVE-2020-6471
            https://nvd.nist.gov/vuln/detail/CVE-2020-6471
    [  52 ] CVE-2020-6471
            https://nvd.nist.gov/vuln/detail/CVE-2020-6471
    [  53 ] CVE-2020-6472
            https://nvd.nist.gov/vuln/detail/CVE-2020-6472
    [  54 ] CVE-2020-6473
            https://nvd.nist.gov/vuln/detail/CVE-2020-6473
    [  55 ] CVE-2020-6474
            https://nvd.nist.gov/vuln/detail/CVE-2020-6474
    [  56 ] CVE-2020-6475
            https://nvd.nist.gov/vuln/detail/CVE-2020-6475
    [  57 ] CVE-2020-6476
            https://nvd.nist.gov/vuln/detail/CVE-2020-6476
    [  58 ] CVE-2020-6480
            https://nvd.nist.gov/vuln/detail/CVE-2020-6480
    [  59 ] CVE-2020-6481
            https://nvd.nist.gov/vuln/detail/CVE-2020-6481
    [  60 ] CVE-2020-6482
            https://nvd.nist.gov/vuln/detail/CVE-2020-6482
    [  61 ] CVE-2020-6483
            https://nvd.nist.gov/vuln/detail/CVE-2020-6483
    [  62 ] CVE-2020-6486
            https://nvd.nist.gov/vuln/detail/CVE-2020-6486
    [  63 ] CVE-2020-6487
            https://nvd.nist.gov/vuln/detail/CVE-2020-6487
    [  64 ] CVE-2020-6489
            https://nvd.nist.gov/vuln/detail/CVE-2020-6489
    [  65 ] CVE-2020-6490
            https://nvd.nist.gov/vuln/detail/CVE-2020-6490
    [  66 ] CVE-2020-6506
            https://nvd.nist.gov/vuln/detail/CVE-2020-6506
    [  67 ] CVE-2020-6510
            https://nvd.nist.gov/vuln/detail/CVE-2020-6510
    [  68 ] CVE-2020-6511
            https://nvd.nist.gov/vuln/detail/CVE-2020-6511
    [  69 ] CVE-2020-6512
            https://nvd.nist.gov/vuln/detail/CVE-2020-6512
    [  70 ] CVE-2020-6513
            https://nvd.nist.gov/vuln/detail/CVE-2020-6513
    [  71 ] CVE-2020-6514
            https://nvd.nist.gov/vuln/detail/CVE-2020-6514
    [  72 ] CVE-2020-6518
            https://nvd.nist.gov/vuln/detail/CVE-2020-6518
    [  73 ] CVE-2020-6523
            https://nvd.nist.gov/vuln/detail/CVE-2020-6523
    [  74 ] CVE-2020-6524
            https://nvd.nist.gov/vuln/detail/CVE-2020-6524
    [  75 ] CVE-2020-6526
            https://nvd.nist.gov/vuln/detail/CVE-2020-6526
    [  76 ] CVE-2020-6529
            https://nvd.nist.gov/vuln/detail/CVE-2020-6529
    [  77 ] CVE-2020-6530
            https://nvd.nist.gov/vuln/detail/CVE-2020-6530
    [  78 ] CVE-2020-6531
            https://nvd.nist.gov/vuln/detail/CVE-2020-6531
    [  79 ] CVE-2020-6532
            https://nvd.nist.gov/vuln/detail/CVE-2020-6532
    [  80 ] CVE-2020-6533
            https://nvd.nist.gov/vuln/detail/CVE-2020-6533
    [  81 ] CVE-2020-6534
            https://nvd.nist.gov/vuln/detail/CVE-2020-6534
    [  82 ] CVE-2020-6535
            https://nvd.nist.gov/vuln/detail/CVE-2020-6535
    [  83 ] CVE-2020-6540
            https://nvd.nist.gov/vuln/detail/CVE-2020-6540
    [  84 ] CVE-2020-6541
            https://nvd.nist.gov/vuln/detail/CVE-2020-6541
    [  85 ] CVE-2020-6542
            https://nvd.nist.gov/vuln/detail/CVE-2020-6542
    [  86 ] CVE-2020-6543
            https://nvd.nist.gov/vuln/detail/CVE-2020-6543
    [  87 ] CVE-2020-6544
            https://nvd.nist.gov/vuln/detail/CVE-2020-6544
    [  88 ] CVE-2020-6545
            https://nvd.nist.gov/vuln/detail/CVE-2020-6545
    [  89 ] CVE-2020-6548
            https://nvd.nist.gov/vuln/detail/CVE-2020-6548
    [  90 ] CVE-2020-6549
            https://nvd.nist.gov/vuln/detail/CVE-2020-6549
    [  91 ] CVE-2020-6550
            https://nvd.nist.gov/vuln/detail/CVE-2020-6550
    [  92 ] CVE-2020-6551
            https://nvd.nist.gov/vuln/detail/CVE-2020-6551
    [  93 ] CVE-2020-6555
            https://nvd.nist.gov/vuln/detail/CVE-2020-6555
    [  94 ] CVE-2020-6557
            https://nvd.nist.gov/vuln/detail/CVE-2020-6557
    [  95 ] CVE-2020-6559
            https://nvd.nist.gov/vuln/detail/CVE-2020-6559
    [  96 ] CVE-2020-6561
            https://nvd.nist.gov/vuln/detail/CVE-2020-6561
    [  97 ] CVE-2020-6562
            https://nvd.nist.gov/vuln/detail/CVE-2020-6562
    [  98 ] CVE-2020-6569
            https://nvd.nist.gov/vuln/detail/CVE-2020-6569
    [  99 ] CVE-2020-6570
            https://nvd.nist.gov/vuln/detail/CVE-2020-6570
    [ 100 ] CVE-2020-6571
            https://nvd.nist.gov/vuln/detail/CVE-2020-6571
    [ 101 ] CVE-2020-6573
            https://nvd.nist.gov/vuln/detail/CVE-2020-6573
    [ 102 ] CVE-2020-6575
            https://nvd.nist.gov/vuln/detail/CVE-2020-6575
    [ 103 ] CVE-2020-6576
            https://nvd.nist.gov/vuln/detail/CVE-2020-6576
    
    Availability
    ============
    
    This GLSA and any updates to it are available for viewing at
    the Gentoo Security Website:
    
     https://security.gentoo.org/glsa/202101-30
    
    Concerns?
    =========
    
    Security is a primary focus of Gentoo Linux and ensuring the
    confidentiality and security of our users' machines is of utmost
    importance to us. Any security concerns should be addressed to
    This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at
    https://bugs.gentoo.org.
    
    License
    =======
    
    Copyright 2021 Gentoo Foundation, Inc; referenced text
    belongs to its owner(s).
    
    The contents of this document are licensed under the
    Creative Commons - Attribution / Share Alike license.
    
    https://creativecommons.org/licenses/by-sa/2.5
    

    LinuxSecurity Poll

    Which is the best secure Linux distro for pentesting?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/50-which-is-the-best-secure-linux-distro-for-pentesting?task=poll.vote&format=json
    50
    radio
    [{"id":"174","title":"Kali Linux","votes":"9","type":"x","order":"1","pct":56.25,"resources":[]},{"id":"175","title":"Parrot OS","votes":"7","type":"x","order":"2","pct":43.75,"resources":[]},{"id":"176","title":"BlackArch Linux","votes":"0","type":"x","order":"3","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    Please vote first in order to view vote results.


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.