Gentoo Linux Security Advisory 202101-30 - Multiple vulnerabilities have been found in Qt WebEngine, the worst of which could result in the arbitrary execution of code. Versions less than 5.15.2 are affected.
28424c2f69b30a3ca8438acc325d630dd9f0ef23602cb485aa4c283dc0599996
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 202101-30
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Qt WebEngine: Multiple vulnerabilities
Date: January 26, 2021
Bugs: #734600, #754852
ID: 202101-30
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
=======
Multiple vulnerabilities have been found in Qt WebEngine, the worst of
which could result in the arbitrary execution of code.
Background
=========
Library for rendering dynamic web content in Qt5 C++ and QML
applications.
Affected packages
================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-qt/qtwebengine < 5.15.2 >= 5.15.2
Description
==========
Multiple vulnerabilities have been discovered in Qt WebEngine. Please
review the CVE identifiers referenced below for details.
Impact
=====
Please review the referenced CVE identifiers for details.
Workaround
=========
There is no known workaround at this time.
Resolution
=========
All Qt WebEngine users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">Þv-qt/qtwebengine-5.15.2"
References
=========
[ 1 ] CVE-2020-15959
https://nvd.nist.gov/vuln/detail/CVE-2020-15959
[ 2 ] CVE-2020-15959
https://nvd.nist.gov/vuln/detail/CVE-2020-15959
[ 3 ] CVE-2020-15960
https://nvd.nist.gov/vuln/detail/CVE-2020-15960
[ 4 ] CVE-2020-15960
https://nvd.nist.gov/vuln/detail/CVE-2020-15960
[ 5 ] CVE-2020-15961
https://nvd.nist.gov/vuln/detail/CVE-2020-15961
[ 6 ] CVE-2020-15961
https://nvd.nist.gov/vuln/detail/CVE-2020-15961
[ 7 ] CVE-2020-15962
https://nvd.nist.gov/vuln/detail/CVE-2020-15962
[ 8 ] CVE-2020-15962
https://nvd.nist.gov/vuln/detail/CVE-2020-15962
[ 9 ] CVE-2020-15963
https://nvd.nist.gov/vuln/detail/CVE-2020-15963
[ 10 ] CVE-2020-15963
https://nvd.nist.gov/vuln/detail/CVE-2020-15963
[ 11 ] CVE-2020-15964
https://nvd.nist.gov/vuln/detail/CVE-2020-15964
[ 12 ] CVE-2020-15964
https://nvd.nist.gov/vuln/detail/CVE-2020-15964
[ 13 ] CVE-2020-15965
https://nvd.nist.gov/vuln/detail/CVE-2020-15965
[ 14 ] CVE-2020-15965
https://nvd.nist.gov/vuln/detail/CVE-2020-15965
[ 15 ] CVE-2020-15966
https://nvd.nist.gov/vuln/detail/CVE-2020-15966
[ 16 ] CVE-2020-15966
https://nvd.nist.gov/vuln/detail/CVE-2020-15966
[ 17 ] CVE-2020-15968
https://nvd.nist.gov/vuln/detail/CVE-2020-15968
[ 18 ] CVE-2020-15968
https://nvd.nist.gov/vuln/detail/CVE-2020-15968
[ 19 ] CVE-2020-15969
https://nvd.nist.gov/vuln/detail/CVE-2020-15969
[ 20 ] CVE-2020-15969
https://nvd.nist.gov/vuln/detail/CVE-2020-15969
[ 21 ] CVE-2020-15972
https://nvd.nist.gov/vuln/detail/CVE-2020-15972
[ 22 ] CVE-2020-15972
https://nvd.nist.gov/vuln/detail/CVE-2020-15972
[ 23 ] CVE-2020-15974
https://nvd.nist.gov/vuln/detail/CVE-2020-15974
[ 24 ] CVE-2020-15974
https://nvd.nist.gov/vuln/detail/CVE-2020-15974
[ 25 ] CVE-2020-15976
https://nvd.nist.gov/vuln/detail/CVE-2020-15976
[ 26 ] CVE-2020-15976
https://nvd.nist.gov/vuln/detail/CVE-2020-15976
[ 27 ] CVE-2020-15977
https://nvd.nist.gov/vuln/detail/CVE-2020-15977
[ 28 ] CVE-2020-15977
https://nvd.nist.gov/vuln/detail/CVE-2020-15977
[ 29 ] CVE-2020-15978
https://nvd.nist.gov/vuln/detail/CVE-2020-15978
[ 30 ] CVE-2020-15978
https://nvd.nist.gov/vuln/detail/CVE-2020-15978
[ 31 ] CVE-2020-15979
https://nvd.nist.gov/vuln/detail/CVE-2020-15979
[ 32 ] CVE-2020-15979
https://nvd.nist.gov/vuln/detail/CVE-2020-15979
[ 33 ] CVE-2020-15985
https://nvd.nist.gov/vuln/detail/CVE-2020-15985
[ 34 ] CVE-2020-15985
https://nvd.nist.gov/vuln/detail/CVE-2020-15985
[ 35 ] CVE-2020-15987
https://nvd.nist.gov/vuln/detail/CVE-2020-15987
[ 36 ] CVE-2020-15987
https://nvd.nist.gov/vuln/detail/CVE-2020-15987
[ 37 ] CVE-2020-15989
https://nvd.nist.gov/vuln/detail/CVE-2020-15989
[ 38 ] CVE-2020-15989
https://nvd.nist.gov/vuln/detail/CVE-2020-15989
[ 39 ] CVE-2020-15992
https://nvd.nist.gov/vuln/detail/CVE-2020-15992
[ 40 ] CVE-2020-15992
https://nvd.nist.gov/vuln/detail/CVE-2020-15992
[ 41 ] CVE-2020-16001
https://nvd.nist.gov/vuln/detail/CVE-2020-16001
[ 42 ] CVE-2020-16001
https://nvd.nist.gov/vuln/detail/CVE-2020-16001
[ 43 ] CVE-2020-16002
https://nvd.nist.gov/vuln/detail/CVE-2020-16002
[ 44 ] CVE-2020-16002
https://nvd.nist.gov/vuln/detail/CVE-2020-16002
[ 45 ] CVE-2020-16003
https://nvd.nist.gov/vuln/detail/CVE-2020-16003
[ 46 ] CVE-2020-16003
https://nvd.nist.gov/vuln/detail/CVE-2020-16003
[ 47 ] CVE-2020-6467
https://nvd.nist.gov/vuln/detail/CVE-2020-6467
[ 48 ] CVE-2020-6467
https://nvd.nist.gov/vuln/detail/CVE-2020-6467
[ 49 ] CVE-2020-6470
https://nvd.nist.gov/vuln/detail/CVE-2020-6470
[ 50 ] CVE-2020-6470
https://nvd.nist.gov/vuln/detail/CVE-2020-6470
[ 51 ] CVE-2020-6471
https://nvd.nist.gov/vuln/detail/CVE-2020-6471
[ 52 ] CVE-2020-6471
https://nvd.nist.gov/vuln/detail/CVE-2020-6471
[ 53 ] CVE-2020-6472
https://nvd.nist.gov/vuln/detail/CVE-2020-6472
[ 54 ] CVE-2020-6473
https://nvd.nist.gov/vuln/detail/CVE-2020-6473
[ 55 ] CVE-2020-6474
https://nvd.nist.gov/vuln/detail/CVE-2020-6474
[ 56 ] CVE-2020-6475
https://nvd.nist.gov/vuln/detail/CVE-2020-6475
[ 57 ] CVE-2020-6476
https://nvd.nist.gov/vuln/detail/CVE-2020-6476
[ 58 ] CVE-2020-6480
https://nvd.nist.gov/vuln/detail/CVE-2020-6480
[ 59 ] CVE-2020-6481
https://nvd.nist.gov/vuln/detail/CVE-2020-6481
[ 60 ] CVE-2020-6482
https://nvd.nist.gov/vuln/detail/CVE-2020-6482
[ 61 ] CVE-2020-6483
https://nvd.nist.gov/vuln/detail/CVE-2020-6483
[ 62 ] CVE-2020-6486
https://nvd.nist.gov/vuln/detail/CVE-2020-6486
[ 63 ] CVE-2020-6487
https://nvd.nist.gov/vuln/detail/CVE-2020-6487
[ 64 ] CVE-2020-6489
https://nvd.nist.gov/vuln/detail/CVE-2020-6489
[ 65 ] CVE-2020-6490
https://nvd.nist.gov/vuln/detail/CVE-2020-6490
[ 66 ] CVE-2020-6506
https://nvd.nist.gov/vuln/detail/CVE-2020-6506
[ 67 ] CVE-2020-6510
https://nvd.nist.gov/vuln/detail/CVE-2020-6510
[ 68 ] CVE-2020-6511
https://nvd.nist.gov/vuln/detail/CVE-2020-6511
[ 69 ] CVE-2020-6512
https://nvd.nist.gov/vuln/detail/CVE-2020-6512
[ 70 ] CVE-2020-6513
https://nvd.nist.gov/vuln/detail/CVE-2020-6513
[ 71 ] CVE-2020-6514
https://nvd.nist.gov/vuln/detail/CVE-2020-6514
[ 72 ] CVE-2020-6518
https://nvd.nist.gov/vuln/detail/CVE-2020-6518
[ 73 ] CVE-2020-6523
https://nvd.nist.gov/vuln/detail/CVE-2020-6523
[ 74 ] CVE-2020-6524
https://nvd.nist.gov/vuln/detail/CVE-2020-6524
[ 75 ] CVE-2020-6526
https://nvd.nist.gov/vuln/detail/CVE-2020-6526
[ 76 ] CVE-2020-6529
https://nvd.nist.gov/vuln/detail/CVE-2020-6529
[ 77 ] CVE-2020-6530
https://nvd.nist.gov/vuln/detail/CVE-2020-6530
[ 78 ] CVE-2020-6531
https://nvd.nist.gov/vuln/detail/CVE-2020-6531
[ 79 ] CVE-2020-6532
https://nvd.nist.gov/vuln/detail/CVE-2020-6532
[ 80 ] CVE-2020-6533
https://nvd.nist.gov/vuln/detail/CVE-2020-6533
[ 81 ] CVE-2020-6534
https://nvd.nist.gov/vuln/detail/CVE-2020-6534
[ 82 ] CVE-2020-6535
https://nvd.nist.gov/vuln/detail/CVE-2020-6535
[ 83 ] CVE-2020-6540
https://nvd.nist.gov/vuln/detail/CVE-2020-6540
[ 84 ] CVE-2020-6541
https://nvd.nist.gov/vuln/detail/CVE-2020-6541
[ 85 ] CVE-2020-6542
https://nvd.nist.gov/vuln/detail/CVE-2020-6542
[ 86 ] CVE-2020-6543
https://nvd.nist.gov/vuln/detail/CVE-2020-6543
[ 87 ] CVE-2020-6544
https://nvd.nist.gov/vuln/detail/CVE-2020-6544
[ 88 ] CVE-2020-6545
https://nvd.nist.gov/vuln/detail/CVE-2020-6545
[ 89 ] CVE-2020-6548
https://nvd.nist.gov/vuln/detail/CVE-2020-6548
[ 90 ] CVE-2020-6549
https://nvd.nist.gov/vuln/detail/CVE-2020-6549
[ 91 ] CVE-2020-6550
https://nvd.nist.gov/vuln/detail/CVE-2020-6550
[ 92 ] CVE-2020-6551
https://nvd.nist.gov/vuln/detail/CVE-2020-6551
[ 93 ] CVE-2020-6555
https://nvd.nist.gov/vuln/detail/CVE-2020-6555
[ 94 ] CVE-2020-6557
https://nvd.nist.gov/vuln/detail/CVE-2020-6557
[ 95 ] CVE-2020-6559
https://nvd.nist.gov/vuln/detail/CVE-2020-6559
[ 96 ] CVE-2020-6561
https://nvd.nist.gov/vuln/detail/CVE-2020-6561
[ 97 ] CVE-2020-6562
https://nvd.nist.gov/vuln/detail/CVE-2020-6562
[ 98 ] CVE-2020-6569
https://nvd.nist.gov/vuln/detail/CVE-2020-6569
[ 99 ] CVE-2020-6570
https://nvd.nist.gov/vuln/detail/CVE-2020-6570
[ 100 ] CVE-2020-6571
https://nvd.nist.gov/vuln/detail/CVE-2020-6571
[ 101 ] CVE-2020-6573
https://nvd.nist.gov/vuln/detail/CVE-2020-6573
[ 102 ] CVE-2020-6575
https://nvd.nist.gov/vuln/detail/CVE-2020-6575
[ 103 ] CVE-2020-6576
https://nvd.nist.gov/vuln/detail/CVE-2020-6576
Availability
===========
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/202101-30
Concerns?
========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
======
Copyright 2021 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5