File _patchinfo of Package patchinfo.16659
<patchinfo incident="16659">
<issue tracker="cve" id="2021-21152"/>
<issue tracker="cve" id="2021-21140"/>
<issue tracker="cve" id="2021-21132"/>
<issue tracker="cve" id="2021-21135"/>
<issue tracker="cve" id="2021-21128"/>
<issue tracker="cve" id="2020-16044"/>
<issue tracker="cve" id="2021-21127"/>
<issue tracker="cve" id="2021-21122"/>
<issue tracker="cve" id="2021-21156"/>
<issue tracker="cve" id="2021-21131"/>
<issue tracker="cve" id="2021-21148"/>
<issue tracker="cve" id="2021-21146"/>
<issue tracker="cve" id="2021-21130"/>
<issue tracker="cve" id="2021-21149"/>
<issue tracker="cve" id="2021-21141"/>
<issue tracker="cve" id="2021-21118"/>
<issue tracker="cve" id="2021-21137"/>
<issue tracker="cve" id="2021-21126"/>
<issue tracker="cve" id="2021-21150"/>
<issue tracker="cve" id="2021-21153"/>
<issue tracker="cve" id="2021-21125"/>
<issue tracker="cve" id="2021-21145"/>
<issue tracker="cve" id="2021-21129"/>
<issue tracker="cve" id="2021-21121"/>
<issue tracker="cve" id="2021-21123"/>
<issue tracker="cve" id="2021-21157"/>
<issue tracker="cve" id="2021-21119"/>
<issue tracker="cve" id="2021-21120"/>
<issue tracker="cve" id="2021-21147"/>
<issue tracker="bnc" id="1158516">GCC 10: libqt5-qtwebengine build fails</issue>
<issue tracker="bnc" id="1163766">[Build 20200215] openQA test fails in first_boot with the opensuse-welcome splash screen showing only a big geeko</issue>
<issue tracker="bnc" id="1163744">QtWebEngine video playback doesn't start (after update to Qt 5.14.1)</issue>
<issue tracker="bnc" id="1182233">[Build 20210211][glibc2.33] chromium fails to render websites</issue>
<issue tracker="bnc" id="1130395">Valgrind fails to build on armv6 and armv7</issue>
<packager>cgiboudeaux</packager>
<rating>important</rating>
<category>security</category>
<summary>Security update for libqt5-qtwebengine</summary>
<description>This update for libqt5-qtwebengine fixes the following issues:
Update to version 5.15.3
CVE fixes backported in chromium updates:
- CVE-2020-16044: Use after free in WebRTC
- CVE-2021-21118: Heap buffer overflow in Blink
- CVE-2021-21119: Use after free in Media
- CVE-2021-21120: Use after free in WebSQL
- CVE-2021-21121: Use after free in Omnibox
- CVE-2021-21122: Use after free in Blink
- CVE-2021-21123: Insufficient data validation in File System API
- CVE-2021-21125: Insufficient policy enforcement in File System API
- CVE-2021-21126: Insufficient policy enforcement in extensions
- CVE-2021-21127: Insufficient policy enforcement in extensions
- CVE-2021-21128: Heap buffer overflow in Blink
- CVE-2021-21129: Insufficient policy enforcement in File System API
- CVE-2021-21130: Insufficient policy enforcement in File System API
- CVE-2021-21131: Insufficient policy enforcement in File System API
- CVE-2021-21132: Inappropriate implementation in DevTools
- CVE-2021-21135: Inappropriate implementation in Performance API
- CVE-2021-21137: Inappropriate implementation in DevTools
- CVE-2021-21140: Uninitialized Use in USB
- CVE-2021-21141: Insufficient policy enforcement in File System API
- CVE-2021-21145: Use after free in Fonts
- CVE-2021-21146: Use after free in Navigation
- CVE-2021-21147: Inappropriate implementation in Skia
- CVE-2021-21148: Heap buffer overflow in V8
- CVE-2021-21149: Stack overflow in Data Transfer
- CVE-2021-21150: Use after free in Downloads
- CVE-2021-21152: Heap buffer overflow in Media
- CVE-2021-21153: Stack overflow in GPU Process
- CVE-2021-21156: Heap buffer overflow in V8
- CVE-2021-21157: Use after free in Web Sockets
This update was imported from the openSUSE:Leap:15.2:Update update project.</description>
</patchinfo>