summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMichael BrĂ¼ning <michael.bruning@qt.io>2020-03-24 10:16:30 +0100
committerMichael BrĂ¼ning <michael.bruning@qt.io>2020-03-24 11:09:34 +0100
commit35aa6c30f0e766b8825519e04242b7a4c93b6e0e (patch)
tree9addeadd6e09bff2d14bdbd3dbc79610e2e3e244
parent98af37969ec9cfd4eaa28884ea6d21dfbe008764 (diff)
Update Chromiumv5.14.2
Pulls in the following changes: ab79f5394af [Backport] CVE-2020-6426: Inappropriate implementation in V8. c110d4f93df [Backport] CVE-2020-6422: Use after free in WebGL. 8f4cef2a9d9 [Backport] CVE-2020-6427: Use after free in audio. 72d0936150f [Backport] CVE-2020-6428: Use after free in audio. 2a9a1c057d8 [Backport] CVE-2020-6429: Use after free in audio. 9aabebeb69b [Backport] CVE-2020-6449: Use after free in audio. 6c9be50c2d9 [Backport] CVE-2019-20503: Out of bounds read in usersctplib Task-number: QTBUG-81909 Change-Id: I15d5a786db945202f8577e894e9f0e1fb6bf6086 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
-rw-r--r--dist/changes-5.14.215
m---------src/3rdparty0
2 files changed, 11 insertions, 4 deletions
diff --git a/dist/changes-5.14.2 b/dist/changes-5.14.2
index 17c784815..3cf48a4f4 100644
--- a/dist/changes-5.14.2
+++ b/dist/changes-5.14.2
@@ -54,6 +54,7 @@ Chromium
* CVE-2019-19925 - Multiple vulnerabilities in SQLite
* CVE-2019-19926 - Inappropriate implementation in SQLite
* CVE-2019-18197 - Multiple vulnerabilities in XML
+ * CVE-2019-20503 - Out of bounds read in usersctplib
* CVE-2020-6381 - Integer overflow in Javascript
* CVE-2020-6383 - Type confusion in V8
* CVE-2020-6384 - Use after free in WebAudio
@@ -70,19 +71,25 @@ Chromium
* CVE-2020-6396 - Inappropriate implementation in Skia
* CVE-2020-6398 - Uninitialized use in PDFium
* CVE-2020-6399 - Insufficient policy enforcement in AppCache
+ * CVE-2020-6400 - Inappropriate implementation in CORS
+ * CVE-2020-6401
* CVE-2020-6404 - Inappropriate implementation in Blink
* CVE-2020-6405 - Out of bounds read in SQLite
* CVE-2020-6406 - Use after free in audio
+ * CVE-2020-6407 - Out of bounds memory access in streams
* CVE-2020-6410 - Insufficient policy enforcement in navigation
+ * CVE-2020-6411
* CVE-2020-6412 - Insufficient validation of untrusted input in Omnibox
* CVE-2020-6413 - Inappropriate implementation in Blink
* CVE-2020-6415
- * CVE-2020-6400 - Inappropriate implementation in CORS
- * CVE-2020-6401
- * CVE-2020-6407 - Out of bounds memory access in streams
- * CVE-2020-6411
* CVE-2020-6418 - Type confusion in V8
* CVE-2020-6420 - Insufficient policy enforcement in media
+ * CVE-2020-6422 - Use after free in WebGL.
+ * CVE-2020-6426 - Inappropriate implementation in V8.
+ * CVE-2020-6427 - Use after free in audio.
+ * CVE-2020-6428 - Use after free in audio.
+ * CVE-2020-6429 - Use after free in audio.
+ * CVE-2020-6449 - Use after free in audio.
* Security bug 925035
* Security bug 1016038
* Security bug 1016506
diff --git a/src/3rdparty b/src/3rdparty
-Subproject f7ffd2f7dffd911e37f6a638bb410bd71da2349
+Subproject 6c9be50c2d901e66119679155fb3c7c9200448d