#14863: Next set of qtwebengine updates -------------------------+----------------------- Reporter: ken@… | Owner: ken@… Type: enhancement | Status: assigned Priority: normal | Milestone: 10.2 Component: BOOK | Version: SVN Severity: normal | Resolution: Keywords: | -------------------------+-----------------------
Old description: > The public release of qt-5.15.3 ''might'' happen at the end of april, but > meanwhile they have updated their 5.15 branch to fix a number of > specified security issues (those turned out to be ''chromium'' security > issues, I see no point in trying to discover the details of what are > probably still restricted issues), as well as several CVEs: > > At the end of March they fixed CVE-2021-21193, CVE-2021-21191, > CVE-2021-21166, CVE-2021-21187, CVE-2021-21183 and CVE-2020-27844 (all > originally raised against chromium). > > On 1st April they fixed two more of the latest batch of chromium CVEs, > CVE-2021-21198 and CVE-2021-21195. > > It is not clear if they have finished with this latest batch, but the > items changed suggest that they maybe have (the latest batch is > CVE-2021-21194-21199, see e.g. [ https://www.cisecurity.org/advisory > /multiple-vulnerabilities-in-google-chrome-could-allow-for-arbitrary- > code-execution_2021-042/] > > Unfortunately, for some reason the build is now '''a lot''' slower - with > 4 CPUs online (i.e. ninja schedules 6 jobs at a time) the build on > BLFS-10.1 with a default Qt5-5.15.2 (i.e. without forcing my own CFLAGS) > is now up to 123 SBU. At first I thought this was because the box was > slightly (0.5GB) into swap at the end, and then perhaps that writing > stdout to a urxvt term might be slow (DRM terms have been slow in the > past). But all my attempts come out at 123 SBU. > > Strangely, on this machine my '''optimized and hardened''' builds with 8 > cores online were 88 SBU with what I called 5.15.3, and 60 SBU with > recent versions. > Looks as if I screwed up somewhere in measuring 5.15.3. > > Keeping this open for a couple of days to see if more updates appear. New description: The public release of qt-5.15.3 ''might'' happen at the end of april, but meanwhile they have updated their 5.15 branch to fix a number of specified security issues (those turned out to be ''chromium'' security issues, I see no point in trying to discover the details of what are probably still restricted issues), as well as several CVEs: At the end of March they fixed CVE-2021-21193, CVE-2021-21191, CVE-2021-21166, CVE-2021-21187, CVE-2021-21183 and CVE-2020-27844 (all originally raised against chromium). On 1st April they fixed two more of the latest batch of chromium CVEs, CVE-2021-21198 and CVE-2021-21195. It is not clear if they have finished with this latest batch, but the items changed suggest that they maybe have (the latest batch is CVE-2021-21194-21199, see e.g. [ https://www.cisecurity.org/advisory /multiple-vulnerabilities-in-google-chrome-could-allow-for-arbitrary-code- execution_2021-042/] Keeping this open for a couple of days to see if more updates appear. -- Comment (by ken@…): [ken] Removed comments about the build being a lot slower - I think that at some point I installed a debug build of Qt in my "by the book" (i.e. without my CFLAGS) /opt/qt5book. Have just started a complete by-the-book system build to review this. -- Ticket URL: <http://wiki.linuxfromscratch.org/blfs/ticket/14863#comment:2> BLFS Trac <http://wiki.linuxfromscratch.org/blfs> Beyond Linux From Scratch -- http://lists.linuxfromscratch.org/listinfo/blfs-book FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page