diff options
author | Michael BrĂ¼ning <michael.bruning@qt.io> | 2022-11-02 20:25:36 +0100 |
---|---|---|
committer | Michael BrĂ¼ning <michael.bruning@qt.io> | 2022-11-08 05:06:53 +0000 |
commit | fbb626cef95c0b39c098904ea066a4d3f3e3efac (patch) | |
tree | 4e78323436a2d2ccdd1e9422cfbca85172746401 | |
parent | 871133f05e09133e42a952cc16d73a51ffe9f50e (diff) |
Update Chromium
Sumbodule src/3rdparty :
> [Backport] CVE-2022-3723: Type Confusion in V8
> [Backport] CVE-2022-3653: Heap buffer overflow in Vulkan
> [Backport] CVE-2022-3654: Use after free in Layout
> [Backport] CVE-2022-3652: Type Confusion in V8
> [Backport] CVE-2022-3445: Use after free in Skia
> [Backport] CVE-2022-3450: Use after free in Peer Connection
> [Backport] CVE-2022-3446 and CVE-2022-35737
> Reland two changes for establishing gpu channel
> FIXUP: Stop using C++20 initialization
> FIXUP: Legalize the bloody code
> [Backport] CVE-2022-3308: Insufficient policy enforcement in Developer Tools (2/2)
> [Backport] CVE-2022-3308: Insufficient policy enforcement in Developer Tools (1/2)
> [Backport] Security bug 1360936
> [Backport] CVE-2022-3313: Incorrect security UI in Full Screen
> [Backport] CVE-2022-3307: Use after free in Media.
> [Backport] CVE-2022-3315: Type confusion in Blink
> [Backport] CVE-2022-3201: Insufficient validation of untrusted input in Developer Tools (2/2)
> [Backport] CVE-2022-3201: Insufficient validation of untrusted input in Developer Tools (1/2)
> [Backport] CVE-2022-3304: Use after free in CSS
> [Backport] CVE-2022-3373: Out of bounds write in V8
> [Backport] Security bug 1356308
> [Backport] CVE-2022-3370: Use after free in Custom Elements
> [Backport] Security bug 1348283
> [Backport] Security bugs 1346938 and 1338114
> [Backport] CVE-2022-3200: Heap buffer overflow in Internals
> Make user agent helpers buildable without unwanted dependencies
> Adapt DevToolsFileHelper for WebEngine
> [Backport] CVE-2022-3199: Use after free in Frames.
> [Backport] CVE-2022-3198: Use after free in PDF
> [Backport] CVE-2022-3197: Use after free in PDF
> [Backport] CVE-2022-3196: Use after free in PDF
> [Backport] Security bug 962815
> [Backport] Security bug 1352549
> [Backport] CVE-2022-3056: Insufficient policy enforcement in Content Security Policy.
> [Backport] CVE-2022-3057: Inappropriate implementation in iframe Sandbox
> [Backport] CVE-2022-3053: Inappropriate implementation in Pointer Lock
> [Backport] CVE-2022-3055: Use after free in Passwords
> Disable less privileged app container
> Fix debug builds on arm32
> [Backport] CVE-2022-3040: Use after free in Layout
> [Backport] CVE-2022-3041: Use after free in WebSQL
> [Backport] CVE-2022-3038: Use after free in Network Service
> Merge branch 'upstream-master' into 102-based
> (origin/upstream-master) BASELINE: Update Chromium to 102.0.5005.177
> FIXUP: Trim down some dependencies of push messaging
> Fixup partial application of macOS OpenGL pixel format selection patch
Fixes: QTBUG-108104
Fixes: QTBUG-108105
Task-number: QTBUG-108106
Change-Id: I4f0e4e267288904443f648b544606aa85dcaa16b
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
(cherry picked from commit 00fa0def74e94139019ee7baa73b1099cd53f072)
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
-rw-r--r-- | CHROMIUM_VERSION | 2 | ||||
m--------- | src/3rdparty | 0 | ||||
-rw-r--r-- | src/core/web_engine_context.cpp | 2 |
3 files changed, 2 insertions, 2 deletions
diff --git a/CHROMIUM_VERSION b/CHROMIUM_VERSION index 57dd9c61f..7a0c0d115 100644 --- a/CHROMIUM_VERSION +++ b/CHROMIUM_VERSION @@ -1,3 +1,3 @@ Based on Chromium version: 102.0.5005.177 -Patched with security patches up to Chromium version: 104.0.5112.102 +Patched with security patches up to Chromium version: 107.0.5304.88 diff --git a/src/3rdparty b/src/3rdparty -Subproject 1dc53de694e05a192d4757835f66e0797b7d29b +Subproject 9457651ead9b7034edb37532c2f33a558b1700b diff --git a/src/core/web_engine_context.cpp b/src/core/web_engine_context.cpp index d27798d4f..94ff5f7b2 100644 --- a/src/core/web_engine_context.cpp +++ b/src/core/web_engine_context.cpp @@ -891,7 +891,7 @@ const char *qWebEngineChromiumVersion() noexcept } const char *qWebEngineChromiumSecurityPatchVersion() noexcept { - return "104.0.5112.102"; // FIXME: Remember to update + return "107.0.5304.88"; // FIXME: Remember to update } QT_END_NAMESPACE |