#14729: qtwebengine after 5.15.2
-------------------------+-----------------------
Reporter: ken@… | Owner: ken@…
Type: enhancement | Status: assigned
Priority: normal | Milestone: 10.2
Component: BOOK | Version: SVN
Severity: normal | Resolution:
Keywords: |
-------------------------+-----------------------
Comment (by ken@…):
Replying to [comment:5 ken@…]:
> Found what was going to be the changelog, but they decided to not create
it.
> The file is at [https://codereview.qt-
project.org/c/qt/qtwebengine/+/335435/6/dist/changes-5.15.3]
> thread at [https://codereview.qt-project.org/c/qt/qtwebengine/+/335435]
Ignore that. I've now compared my tarball to gentoo's. My webengine code
is sightly later than theirs (yaml file referencing 6.0 instead of 5.15
and so forth), but my 3rdparty is 10 days older than theirs (mine is Feb
11th). Looking around, qtwebengine-5.15.2 used chrome 86 stable channel
(86.0.4240.183) which was released on 2nd November.
This year, chrome CVE fixes have included:
Feb 4th, CVE-2021-21148 (actively exploited) - 88.0.4324.150.
My version is after that.
Mar 2nd, CVE-2021-21159 to 21190, an exploit for 21168 exists in the wild.
That made 89.0.4389.72 stable (tagged late on 26th Feb).
I'm trying to clone chrome to see if I can separately extract that tag,
not sure if I have enough disk space.
--
Ticket URL: <http://wiki.linuxfromscratch.org/blfs/ticket/14729#comment:6>
BLFS Trac <http://wiki.linuxfromscratch.org/blfs>
Beyond Linux From Scratch
--
http://lists.linuxfromscratch.org/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
