diff options
Diffstat (limited to 'dist')
| -rw-r--r-- | dist/changes-5.12.10 | 91 | ||||
| -rw-r--r-- | dist/changes-5.12.5 | 80 | ||||
| -rw-r--r-- | dist/changes-5.13.1 | 91 | ||||
| -rw-r--r-- | dist/changes-5.13.2 | 81 | ||||
| -rw-r--r-- | dist/changes-5.14.0 | 88 | ||||
| -rw-r--r-- | dist/changes-5.14.1 | 81 | ||||
| -rw-r--r-- | dist/changes-5.14.2 | 107 | ||||
| -rw-r--r-- | dist/changes-5.15.0 | 91 | ||||
| -rw-r--r-- | dist/changes-5.15.1 | 138 | ||||
| -rw-r--r-- | dist/changes-5.15.2 | 86 |
10 files changed, 934 insertions, 0 deletions
diff --git a/dist/changes-5.12.10 b/dist/changes-5.12.10 new file mode 100644 index 000000000..3f706d6b1 --- /dev/null +++ b/dist/changes-5.12.10 @@ -0,0 +1,91 @@ +Qt 5.12.10 is a bug-fix release. It maintains both forward and backward +compatibility (source and binary) with Qt 5.12.9. + +For more details, refer to the online documentation included in this +distribution. The documentation is also available online: + + https://doc.qt.io/qt-5.12/index.html + +The Qt version 5.12 series is binary compatible with the 5.11.x series. +Applications compiled for 5.11 will continue to run with 5.12. + +Some of the changes listed in this file include issue tracking numbers +corresponding to tasks in the Qt Bug Tracker: + + https://bugreports.qt.io/ + +Each of these identifiers can be entered in the bug tracker to obtain more +information about a particular change. + +**************************************************************************** +* Library * +**************************************************************************** + +General +------- + + - [QTBUG-75391] Fix pasting Unicode characters copied from WebEngine on macOS + - [QTBUG-83710] Fix input of keys requiring AltGr on Windows + - [QTBUG-84337] Fixed GPU switching with CoreProfile on macOS (for e.g. AirPlay) + - [QTBUG-86018] Fixed build with Bison 3.7 + - Fixed build with the linux-clang 10 spec + +Chromium +-------- + + - Security fixes from Chromium up to version 86.0.4240.111, including: + + - CVE-2020-6459 + - CVE-2020-6462: Use after free in task scheduling + - CVE-2020-6470 + - CVE-2020-6474 + - CVE-2020-6481 + - CVE-2020-6489 + - CVE-2020-6490 + - CVE-2020-6511: Side-channel information leakage in CSP + - CVE-2020-6512: Type Confusion in V8 + - CVE-2020-6513: Heap buffer overflow in PDFium + - CVE-2020-6514: Inappropriate implementation in WebRTC + - CVE-2020-6518: Use after free in developer tools + - CVE-2020-6523: Out of bounds write in Skia + - CVE-2020-6524: Heap buffer overflow in WebAudio + - CVE-2020-6529: Inappropriate implementation in WebRTC + - CVE-2020-6532: Use after free in SCTP + - CVE-2020-6535: Insufficient data validation in WebUI + - CVE-2020-6534: Heap buffer overflow in WebRTC + - CVE-2020-6540: Heap buffer overflow in Skia + - CVE-2020-6541: Use after free in WebUSB + - CVE-2020-6542: Use after free in ANGLE + - CVE-2020-6543: Use after free in task scheduling + - CVE-2020-6544: Use after free in media + - CVE-2020-6545: Use after free in audio + - CVE-2020-6548: Heap buffer overflow in Skia + - CVE-2020-6549: Use after free in media + - CVE-2020-6559: Use after free in presentation API + - CVE-2020-6561: Inappropriate implementation in Content Security Policy + - CVE-2020-6562: Insufficient policy enforcement in Blink + - CVE-2020-6569: Integer overflow in WebUSB + - CVE-2020-6571: Incorrect security UI in Omnibox + - CVE-2020-6573: Use after free in video + - CVE-2020-15962: Insufficient policy enforcement in serial + - CVE-2020-15964: Insufficient data validation in media + - CVE-2020-15965: Out of bounds write in V8 + - CVE-2020-15968: Use after free in Blink + - CVE-2020-15969: Use after free in WebRTC. + - CVE-2020-15999: Heap buffer overflow in freetype + - CVE-2020-16001: Use after free in media. + - CVE-2020-16002: Use after free in PDFium. + - CVE-2020-16003: Use after free in printing. + - Security Bug 1051439 + - Security bug 1052492 + - Security bug 1054229 + - Security Bug 1057369 + - Security Bug 1058515 + - Security bug 1065122 + - Security bug 1065731 + - Security bugs 1087629 and 1029569 + - Security issue 1098860 + - Security issue 1102137 + - Security bug 1102408 + - Security bug 1111149 + diff --git a/dist/changes-5.12.5 b/dist/changes-5.12.5 new file mode 100644 index 000000000..15f0bcde6 --- /dev/null +++ b/dist/changes-5.12.5 @@ -0,0 +1,80 @@ +Qt 5.12.5 is a bug-fix release. It maintains both forward and backward +compatibility (source and binary) with Qt 5.12.0 through 5.12.4. + +For more details, refer to the online documentation included in this +distribution. The documentation is also available online: + +https://doc.qt.io/qt-5/index.html + +The Qt version 5.12 series is binary compatible with the 5.11.x series. +Applications compiled for 5.11 will continue to run with 5.12. + +Some of the changes listed in this file include issue tracking numbers +corresponding to tasks in the Qt Bug Tracker: + +https://bugreports.qt.io/ + +Each of these identifiers can be entered in the bug tracker to obtain more +information about a particular change. + +**************************************************************************** +* Qt 5.12.5 Changes * +**************************************************************************** + +General +------- + + - [QTBUG-62106] Fixed possible crash after rapid tapping. + - [QTBUG-75884] Fixed crash on setHttpUserAgent. + - [QTBUG-76249] Fixed user-agent on some new windows. + - [QTBUG-76268] Fixed tab key send on minimize. + - [QTBUG-76347] Fixed duplicate events being send from tablets. + - [QTBUG-76828] Clear shared context on exit. + - [QTBUG-76958] Fixed possible crash when loading in background. + +Chromium +-------- + + - Security fixes from Chromium up to version 76.0.3809.87, including: + + - CVE-2019-5829 + - CVE-2019-5831 + - CVE-2019-5832 + - CVE-2019-5837 + - CVE-2019-5839 + - CVE-2019-5842 + - CVE-2019-5851 + - CVE-2019-5852 + - CVE-2019-5854 + - CVE-2019-5855 + - CVE-2019-5856 + - CVE-2019-5857 + - CVE-2019-5860 + - CVE-2019-5861 + - CVE-2019-5862 + - CVE-2019-5865 + - Critical security issue 977057 + - Security bug 934161 + - Security bug 939644 + - Security bug 948172 + - Security bug 948228 + - Security bug 948944 + - Security bug 950005 + - Security bug 952849 + - Security bug 956625 + - Security bug 958457 + - Security bug 958689 + - Security bug 959193 + - Security bug 959518 + - Security bug 958717 + - Security bug 960785 + - Security bug 961674 + - Security bug 961597 + - Security bug 962083 + - Security bug 964002 + - Security bug 973893 + - Security bug 974627 + - Security bug 976050 + - Security bug 981602 + - Security bug 983850 + - Security bug 983938 diff --git a/dist/changes-5.13.1 b/dist/changes-5.13.1 new file mode 100644 index 000000000..9e3a49558 --- /dev/null +++ b/dist/changes-5.13.1 @@ -0,0 +1,91 @@ +Qt 5.13.1 is a bug-fix release. It maintains both forward and backward +compatibility (source and binary) with Qt 5.13.0. + +For more details, refer to the online documentation included in this +distribution. The documentation is also available online: + +https://doc.qt.io/qt-5/index.html + +The Qt version 5.13 series is binary compatible with the 5.12.x series. +Applications compiled for 5.12 will continue to run with 5.13. + +Some of the changes listed in this file include issue tracking numbers +corresponding to tasks in the Qt Bug Tracker: + +https://bugreports.qt.io/ + +Each of these identifiers can be entered in the bug tracker to obtain more +information about a particular change. + +**************************************************************************** +* Qt 5.13.1 Changes * +**************************************************************************** + +General +------- + + - [QTBUG-62106] Fixed possible crash after rapid tapping. + - [QTBUG-76226] Fixed PDF viewer on URLs with percent-encoded characters. + - [QTBUG-76249] Fixed user-agent on some new windows. + - [QTBUG-76958] Fixed possible crash when loading in background. + + +Chromium +-------- + + - Security fixes from Chromium up to version 76.0.3809.87, including: + + - CVE-2019-5829 + - CVE-2019-5831 + - CVE-2019-5832 + - CVE-2019-5836 + - CVE-2019-5837 + - CVE-2019-5839 + - CVE-2019-5842 + - CVE-2019-5851 + - CVE-2019-5852 + - CVE-2019-5854 + - CVE-2019-5855 + - CVE-2019-5856 + - CVE-2019-5857 + - CVE-2019-5860 + - CVE-2019-5861 + - CVE-2019-5862 + - CVE-2019-5865 + - Critical security issue 977057 + - Security issue 934161 + - Security issue 939644 + - Security issue 948172 + - Security issue 948228 + - Security issue 948944 + - Security issue 950005 + - Security issue 952849 + - Security issue 954762 + - Security issue 956625 + - Security issue 958717 + - Security issue 958457 + - Security issue 958689 + - Security issue 959192 + - Security issue 959193 + - Security issue 959518 + - Security issue 960785 + - Security issue 961597 + - Security issue 961674 + - Security issue 962083 + - Security issue 962572 + - Security issue 964002 + - Security issue 964795 + - Security issue 964928 + - Security issue 973893 + - Security issue 974627 + - Security issue 976050 + - Security issue 981602 + - Security issue 983850 + - Security issue 983938 + + +Qt WebEngine Core +----------------- + + - [QTBUG-60203] QWebEngineUrlRequestInterceptor can now set referer header. + diff --git a/dist/changes-5.13.2 b/dist/changes-5.13.2 new file mode 100644 index 000000000..aeac5b000 --- /dev/null +++ b/dist/changes-5.13.2 @@ -0,0 +1,81 @@ +Qt 5.13.2 is a bug-fix release. It maintains both forward and backward +compatibility (source and binary) with Qt 5.13.0 through 5.13.1. + +For more details, refer to the online documentation included in this +distribution. The documentation is also available online: + +https://doc.qt.io/qt-5/index.html + +The Qt version 5.13 series is binary compatible with the 5.12.x series. +Applications compiled for 5.12 will continue to run with 5.13. + +Some of the changes listed in this file include issue tracking numbers +corresponding to tasks in the Qt Bug Tracker: + +https://bugreports.qt.io/ + +Each of these identifiers can be entered in the bug tracker to obtain more +information about a particular change. + +**************************************************************************** +* Qt 5.13.2 Changes * +**************************************************************************** + +General +------- + + - [QTBUG-76329] Fixes extensions and PDF viewer when building with GCC 5. + - [QTBUG-77072, QTBUG-78084] Fixed flashing when closing combo box on + macOS. + - [QTBUG-77827] Fixed unbundling of libjpeg on Linux. + - [QTBUG-77977] Fixed invalid URL on profile change. + - [QTBUG-78016] Fixed crash with desktop sharing. + - [QTBUG-78206] Fixed accessibility events for combo boxes. + - [QTBUG-78316] Fixed XMLHttpRequest status with custom schemes. + + +Chromium +-------- + + - Security fixes from Chromium up to version 77.0.3865.120, including: + + - CVE-2019-5869 + - CVE-2019-5870 + - CVE-2019-5872 + - CVE-2019-5875 + - CVE-2019-5876 + - CVE-2019-13659 + - CVE-2019-13660 + - CVE-2019-13663 + - CVE-2019-13664 + - CVE-2019-13665 + - CVE-2019-13673 + - CVE-2019-13674 + - CVE-2019-13675 + - CVE-2019-13678/CVE-2019-13681 + - CVE-2019-13687 + - CVE-2019-13688 + - CVE-2019-13691 + - CVE-2019-13692 + - CVE-2019-13693 + - CVE-2019-13694 + - CVE-2019-13695 + - CVE-2019-13697 + - Security issue 946351 + - Security issue 946978 + - Security issue 957160 + - Security issue 960354 + - Security issue 964938 + - Security issue 971904 + - Security issue 973628 + - Security issue 974354 + - Security issue 979373 + - Security issue 981459 + - Security issue 981597 + - Security issue 986727 + - Security issue 990234 + +Qt WebEngine Widgets +-------------------- + + - [QTBUG-77209] Fixed QWebEnginePage visibility state. diff --git a/dist/changes-5.14.0 b/dist/changes-5.14.0 new file mode 100644 index 000000000..b7df882ad --- /dev/null +++ b/dist/changes-5.14.0 @@ -0,0 +1,88 @@ +Qt 5.14 introduces many new features and improvements as well as bugfixes +over the 5.13.x series. For more details, refer to the online documentation +included in this distribution. The documentation is also available online: + +https://doc.qt.io/qt-5/index.html + +The Qt version 5.14 series is binary compatible with the 5.13.x series. +Applications compiled for 5.13 will continue to run with 5.14. + +Some of the changes listed in this file include issue tracking numbers +corresponding to tasks in the Qt Bug Tracker: + +https://bugreports.qt.io/ + +Each of these identifiers can be entered in the bug tracker to obtain more +information about a particular change. + +**************************************************************************** +* General * +**************************************************************************** + +Chromium Snapshot +----------------- + + - Updated the Chromium version to 77.0.3865.129 + - Applied security fixes from Chrome up to version 78.0.3904.108 + +General +------- + + - [QTBUG-71885] Qt WebEngine will now use the Viz Display Compositor by + default when multithreaded OpenGL is available. Can be turned off using + the command line flag --disable-viz-display-compositor. + - [QTBUG-68448] WebRTC devices now have persistent IDs. + - [QTBUG-76173] Support qrc protocol in UrlPattern. + - [QTBUG-78280] Fixed permissions preventing Flash from showing. + - [QTBUG-79319] Fixed loading script as modules over custom schemes. + - [QTBUG-80352] Updated paths to look for Chrome's Widevine plugin. + +Platforms +--------- + + - [QTBUG-78911] Fixed building with newer system ICU. Minimum is now 64. + - [QTBUG-79347] Fixed support for prefers-color-scheme CSS query. + - [QTBUG-80055] Re-enabled X11 WebRTC support for desktop sharing. + - [QTBUG-77072,QTBUG-78084] Fixed flashing when closing popup on macOS. + + +**************************************************************************** +* Libraries * +**************************************************************************** + +QtWebEngineCore +---------------- + + - [QTBUG-75651] Added the QWebEngineUrlScheme::CorsEnabled flag for enabling + cross-origin resource sharing with custom schemes. + + +QtWebEngine + QtWebEngineWidgets +-------------------------------- + + - [QTBUG-55079,QTBUG-74166] Added lifecycle API to WebEngineView and + QWebEnginePage that can be used to reduce CPU and memory consumption + of non-visible views. + - [QTBUG-56978] Added functions and property to get the suggested download + file name. + - [QTBUG-56978] Added functions and property to change the download + directory and file name in QWebEngineDownloadItem and + QQuickWebEngineDownloadItem and deprecate the path() and setPath(). + - [QTBUG-74490] Redirects now have a separate navigation type. + + +Qt WebEngine (QML) +------------------ + + - [QTBUG-50420] Introduced findTextFinished signal and FindTextResult + type to provide extra information about the result of a text search. + + +Qt WebEngineWidgets +------------------- + + - QWebEngineCertificateError: + * [QTBUG-51176] New method to get the peer's chain of digital certificates. + * [QTBUG-55110] New methods for asynchronous decision on certificate error + during load. + - [QTBUG-78998] Store favicon URL when serializing QWebEngineHistory. diff --git a/dist/changes-5.14.1 b/dist/changes-5.14.1 new file mode 100644 index 000000000..c9395e81f --- /dev/null +++ b/dist/changes-5.14.1 @@ -0,0 +1,81 @@ +Qt 5.14.1 is a bug-fix release. It maintains both forward and backward +compatibility (source and binary) with Qt 5.14.0. + +For more details, refer to the online documentation included in this +distribution. The documentation is also available online: + +https://doc.qt.io/qt-5/index.html + +The Qt version 5.14 series is binary compatible with the 5.13.x series. +Applications compiled for 5.13 will continue to run with 5.14. + +Some of the changes listed in this file include issue tracking numbers +corresponding to tasks in the Qt Bug Tracker: + +https://bugreports.qt.io/ + +Each of these identifiers can be entered in the bug tracker to obtain more +information about a particular change. + +**************************************************************************** +* Qt 5.14.1 Changes * +**************************************************************************** + +Important changes +----------------- + + - [QTBUG-51170] Sandbox is now enabled by default on Windows like on + other platforms. If it causes any trouble it can be disabled with + --no-sandbox on the command line or in QTWEBENGINE_CHROMIUM_FLAGS. + +General +------- + + - [QTBUG-74602] Fixed builds with -no-gui + - [QTBUG-76564] Now supports accept attribute in file input + - [QTBUG-77442] Added macOS entitlements to QtWebEngineProcess.app + - [QTBUG-80089] Fixed touch flinging in multithreaded OpenGL mode + - [QTBUG-80566] Fixed setDownloadDirectory, so order compared to + setDownloadFilename doesn't matter + - [QTBUG-80893] Fixed crash when handling QEvent::TouchCancel + - Fixed clang-cl build + - Fixed youtube in linux ltcg builds + + +Chromium +-------- + + - Security fixes from Chromium up to version 79.0.3945.117, including: + + * CVE-2019-13701 + * CVE-2019-13727 + * CVE-2019-13728 + * CVE-2019-13730 + * CVE-2019-13732 + * CVE-2019-13734 + * CVE-2019-13735 + * CVE-2019-13736 + * CVE-2019-13737 + * CVE-2019-13738 + * CVE-2019-13739 + * CVE-2019-13741 + * CVE-2019-13745 + * CVE-2019-13746 + * CVE-2019-13747 + * CVE-2019-13754 + * CVE-2019-13755 + * CVE-2019-13757 + * CVE-2019-13758 + * CVE-2019-13761 + * CVE-2019-13762 + * CVE-2019-13764 + * CVE-2020-6377 + * Security bug 889276 + * Security bug 974375 + * Security bug 1016703 + * Security bug 1017020 + * Security bug 1017961 + * Security bug 1025089 + * Security bug 1027905 + * Security bug 1028191 + * Security bug 1033260 diff --git a/dist/changes-5.14.2 b/dist/changes-5.14.2 new file mode 100644 index 000000000..3cf48a4f4 --- /dev/null +++ b/dist/changes-5.14.2 @@ -0,0 +1,107 @@ +Qt 5.14.2 is a bug-fix release. It maintains both forward and backward +compatibility (source and binary) with Qt 5.14.0 through 5.14.1. + +For more details, refer to the online documentation included in this +distribution. The documentation is also available online: + +https://doc.qt.io/qt-5/index.html + +The Qt version 5.14 series is binary compatible with the 5.13.x series. +Applications compiled for 5.13 will continue to run with 5.14. + +Some of the changes listed in this file include issue tracking numbers +corresponding to tasks in the Qt Bug Tracker: + +https://bugreports.qt.io/ + +Each of these identifiers can be entered in the bug tracker to obtain more +information about a particular change. + +**************************************************************************** +* Qt 5.14.2 Changes * +**************************************************************************** + +General +------- + + - [QTBUG-78284] Fixed conversion of tabpanel aria role + - [QTBUG-81206] Fixed overriding shortcuts in password input fields on Windows + - [QTBUG-80234] Fixed media playback issue on custom urls by supporting + HTTP ranges headers + - [QTBUG-81521] Update navigation actions when load finishes in a subframe + - [QTBUG-82109] Fixed name filters of GTK file picker + - [QTBUG-78284] Fixed widget accessibility on macOS + - [QTBUG-78284] Fixed quick accessibility on macOS + - [QTBUG-81783] Fixed event.key for Ctrl key combinations on Windows + - [QTBUG-81574] Clear previous page text selection on new navigation unconditionally + - [QTBUG-78284] Fixed VoiceOver navigation on web pages on macOS + - [QTBUG-81539] Update accessibility focus on FocusIn events for Quick + - [QTBUG-82715] Support build with system ninja >= 1.10.0 + - Fixed deadlocks on WebEngineContext destruction + - Suppress error message on ACCESSIBILITY_EVENTS permission type + - Example 'quicknanobrowser' improvements + +Chromium +-------- + + - Fixed build with gcc 5 + - Fixed -no-webengine-spellchecker build + + - Security fixes from Chromium up to version 80.0.3987.132, including: + + * CVE-2019-19880 + * CVE-2019-19923 - Out of bounds memory access in SQLite + * CVE-2019-19925 - Multiple vulnerabilities in SQLite + * CVE-2019-19926 - Inappropriate implementation in SQLite + * CVE-2019-18197 - Multiple vulnerabilities in XML + * CVE-2019-20503 - Out of bounds read in usersctplib + * CVE-2020-6381 - Integer overflow in Javascript + * CVE-2020-6383 - Type confusion in V8 + * CVE-2020-6384 - Use after free in WebAudio + * CVE-2020-6385 - Insufficient policy enforcement in storage + * CVE-2020-6387 - Out of bounds write in WebRTC + * CVE-2020-6388 - Out of bounds memory access in WebAudio + * CVE-2020-6389 - Out of bounds write in WebRTC + * CVE-2020-6390 - Out of bounds memory access in streams + * CVE-2020-6391 - Insufficient validation of untrusted input in Blink + * CVE-2020-6392 - Insufficient policy enforcement in extensions + * CVE-2020-6393 - Insufficient policy enforcement in Blink + * CVE-2020-6394 - Insufficient policy enforcement in Blink + * CVE-2020-6395 - Out of bounds read in JavaScript + * CVE-2020-6396 - Inappropriate implementation in Skia + * CVE-2020-6398 - Uninitialized use in PDFium + * CVE-2020-6399 - Insufficient policy enforcement in AppCache + * CVE-2020-6400 - Inappropriate implementation in CORS + * CVE-2020-6401 + * CVE-2020-6404 - Inappropriate implementation in Blink + * CVE-2020-6405 - Out of bounds read in SQLite + * CVE-2020-6406 - Use after free in audio + * CVE-2020-6407 - Out of bounds memory access in streams + * CVE-2020-6410 - Insufficient policy enforcement in navigation + * CVE-2020-6411 + * CVE-2020-6412 - Insufficient validation of untrusted input in Omnibox + * CVE-2020-6413 - Inappropriate implementation in Blink + * CVE-2020-6415 + * CVE-2020-6418 - Type confusion in V8 + * CVE-2020-6420 - Insufficient policy enforcement in media + * CVE-2020-6422 - Use after free in WebGL. + * CVE-2020-6426 - Inappropriate implementation in V8. + * CVE-2020-6427 - Use after free in audio. + * CVE-2020-6428 - Use after free in audio. + * CVE-2020-6429 - Use after free in audio. + * CVE-2020-6449 - Use after free in audio. + * Security bug 925035 + * Security bug 1016038 + * Security bug 1016506 + * Security bug 1018629 + * Security bug 1020031 + * Security bug 1025442 + * Security bug 1026293 + * Security bug 1029865 + * Security bug 1031909 + * Security bug 1033461 + * Security bug 1035723 + * Security bug 1040700 + * Security bug 1044570 + * Security bug 1047097 + diff --git a/dist/changes-5.15.0 b/dist/changes-5.15.0 new file mode 100644 index 000000000..630a70852 --- /dev/null +++ b/dist/changes-5.15.0 @@ -0,0 +1,91 @@ +Qt 5.15 introduces many new features and improvements as well as bugfixes +over the 5.14.x series. For more details, refer to the online documentation +included in this distribution. The documentation is also available online: + +https://doc.qt.io/qt-5/index.html + +The Qt version 5.15 series is binary compatible with the 5.14.x series. +Applications compiled for 5.14 will continue to run with 5.15. + +Some of the changes listed in this file include issue tracking numbers +corresponding to tasks in the Qt Bug Tracker: + +https://bugreports.qt.io/ + +Each of these identifiers can be entered in the bug tracker to obtain more +information about a particular change. + + +**************************************************************************** +* General * +**************************************************************************** + +Behavior Changes +---------------- + + - XSS Auditing has been removed, and the XSSAuditingEnabled setting no + longer has any effect. + - [QTBUG-79864] The viz display compositor is now used by default on all + platforms, but can be disabled with --disable-viz-display-compositor. + - The network layer integration has been rewritten to use Chromium's network + service, and now runs in a separate sandboxed process by default. + - [QTBUG-83656] CTRL+mouse wheel page zoom fixed, and now works by default. + + +Chromium Snapshot +----------------- + + - Updated the Chromium version to 80.0.3987.163 + - Applied security fixes from Chrome up to version 81.0.4044.138 + + +General +------- + + - Fixed hardware accelerated video decoding on Windows and macOS. + - Updated where to look for Google Chrome's CDM plugin. + - [QTBUG-82390] Disabled picture-in-picture to avoid non-functional button + showing up. + - Command-line specified PAC files can now be loaded from QRC. + - [QTBUG-82012] Placeholder for missing PPAPI plugins added. + + +Libraries +--------- + + - Added a renderProcessPid() getter to QWebEnginePage and WebEngineView + which allows reading the process ID of the underlying render process. + - [QTBUG-83338] Avoid decoding HTML in default JavaScript message handlers. + + +**************************************************************************** +* Qt PDF * +**************************************************************************** + +General +------- + + - The qt-labs/qtpdf module was using an out-of-date version of pdfium. + Development will now continue in the qtwebengine repository in order to + reuse Qt WebEngine's pdfium build system integration. + - QtPdf is still in Tech Preview. + - It's now possible to build QtPDF for iOS (even though Qt WebEngine does not). + - Added a Qt Quick API (import QtQuick.Pdf): + * Added an image plugin: Image { source: "my.pdf"; currentFrame: 2 } is + enough to view the third page in a PDF file. + * High-level API for full-featured viewers: PdfScrollablePageView shows + one page at a time; PdfMultiPageView allows flicking vertically from + page to page. These are implemented in QML and packaged with the module. + - Low-level QtQuick API: + * PdfDocument provides API for the document and its metadata. + * PdfSearchModel can find a text string and provides information about + the locations where it is found on each page, which can be listed in + a ListView and visualized by using a Repeater to instantiate + QtQuick.Shapes for the bounding boxes. + * PdfSelection allows selecting text and copying to the clipboard; + visualization of the selected region is done via QtQuick.Shapes. + * PdfLinkModel provides information about the links in the document; + visual feedback and clicking can be handled with QtQuick.Shapes + and TapHandler, respectively. + * PdfNavigationStack is a model for implementing forward/back navigation. + diff --git a/dist/changes-5.15.1 b/dist/changes-5.15.1 new file mode 100644 index 000000000..263f04ec3 --- /dev/null +++ b/dist/changes-5.15.1 @@ -0,0 +1,138 @@ +Qt 5.15.1 is a bug-fix release. It maintains both forward and backward +compatibility (source and binary) with Qt 5.15.0. + +For more details, refer to the online documentation included in this +distribution. The documentation is also available online: + +https://doc.qt.io/qt-5/index.html + +The Qt version 5.15 series is binary compatible with the 5.14.x series. +Applications compiled for 5.14 will continue to run with 5.15. + +Some of the changes listed in this file include issue tracking numbers +corresponding to tasks in the Qt Bug Tracker: + +https://bugreports.qt.io/ + +Each of these identifiers can be entered in the bug tracker to obtain more +information about a particular change. + +**************************************************************************** +* Qt 5.15.1 Changes * +**************************************************************************** + +General +------- + - [QTBUG-54720] FIDO U2F and WebAuth are now enabled + - [QTBUG-62957] Fix unwanted creation of databases-incognito files in the + home directory when using an incognito profile + - [QTBUG-70437] Fix scrollbar when releasing mouse button outside of window + on Windows + - [QTBUG-72497] The use of QUIC can now be enforced via a command line flag + - [QTBUG-75262, QTBUG-81693] Fixed HW acceleration and WebGL on macOS + - [QTBUG-75391] Fix copy and paste of non-ascii characters from HTML on + macOS + - [QTBUG-78559] Add basic parser for QTWEBENGINE_CHROMIUM_FLAGS to correctly + parse multiple arguments passed in the same flag, + e.g. js-flags + - [QTBUG-83294] The pointer lock feature is now working again + - [QTBUG-83476] Feature Permissions can now be set and cleared before the + first navigation + - [QTBUG-83710] Fix AltGr on Windows + - [QTBUG-83729] Fix regession of completion in the developer tools + "Console" tab not working properly + - [QTBUG-83732] Fix setting WebEngineView.audioMuted before first page load + - [QTBUG-83785] Fix upside down render passes with the software scenegraph + - [QTBUG-84340] Re-enable PDF viewer after regression in 5.15.0 + - [QTBUG-84355] Fix crash when closing the WebContents + - [QTBUG-84660] Fix double click on Flash content + - [QTBUG-85116] Automatically reject feature permission requests in incognito + mode + - [QTBUG-85117] Fix regression causing client certificates to not work + - [QTBUG-85118] Fix regression of QWebEnginePage::recentlyAudibleChanged + signal + - [QTBUG-85309] Enable screen sharing on wayland by supporting PipeWire + - [QTBUG-85363] Fix wrong application name in utility process to list it + correctly in e.g. PulseAudio + - [QTBUG-85526] Fix regression with cookie filters not working + - [QTBUG-85626] Fix regression with crashes on media playback / D-BUS + - [QTBUG-85890] Support combining audio and video permission requests in the + getDisplayMedia API + - [QTBUG-85817] Fix regression causing crashes on resize + - [QTBUG-86018] Fix building with bison 3.7 on newer Linux + - [QTBUG-86092] Fix H264 support in WebRTC on Windows when using MSVC + - Enable hardware accelerated video decoding with ANGLE + +Chromium +-------- + + - Security fixes from Chrome up to version 85.0.4183.83, including: + + * CVE-2020-6467 + * CVE-2020-6468 + * CVE-2020-6470 + * CVE-2020-6471 + * CVE-2020-6472 + * CVE-2020-6473 + * CVE-2020-6474 + * CVE-2020-6475 + * CVE-2020-6476 + * CVE-2020-6480 + * CVE-2020-6481 + * CVE-2020-6482 + * CVE-2020-6483 + * CVE-2020-6486 + * CVE-2020-6487 + * CVE-2020-6489 + * CVE-2020-6490 + * CVE-2020-6493: Use after free in WebAuthentication + * CVE-2020-6506: Insufficient policy enforcement in WebView + * CVE-2020-6510: Heap buffer overflow in background fetch + * CVE-2020-6511: Side-channel information leakage in CSP + * CVE-2020-6512: Type Confusion in V8 + * CVE-2020-6513: Heap buffer overflow in PDFium + * CVE-2020-6514: Inappropriate implementation in WebRTC + * CVE-2020-6518: Use after free in developer tools + * CVE-2020-6523: Out of bounds write in Skia + * CVE-2020-6524: Heap buffer overflow in WebAudio + * CVE-2020-6526: Inappropriate implementation in iframe sandbox + * CVE-2020-6529: Inappropriate implementation in WebRTC + * CVE-2020-6530: Out of bounds memory access in developer tools + * CVE-2020-6531: Side-channel information leakage in scroll to text + * CVE-2020-6532: Use after free in SCTP + * CVE-2020-6533: Type Confusion in V8. + * CVE-2020-6534: Heap buffer overflow in WebRTC + * CVE-2020-6535: Insufficient data validation in WebUI + * CVE-2020-6540: Heap buffer overflow in Skia + * CVE-2020-6541: Use after free in WebUSB + * CVE-2020-6542: Use after free in ANGLE + * CVE-2020-6543: Use after free in task scheduling + * CVE-2020-6544: Use after free in media + * CVE-2020-6545: Use after free in audio + * CVE-2020-6548: Heap buffer overflow in Skia + * CVE-2020-6549: Use after free in media + * CVE-2020-6550: Use after free in IndexedDB + * CVE-2020-6551: Use after free in WebXR + * CVE-2020-6555: Out of bounds read in WebGL + * CVE-2020-6559: Use after free in presentation API + * Security bug 1025302 + * Security bug 1029569 + * Security Bug 1048619 + * Security Bug 1051439 + * Security bug 1052492 + * Security bug 1054229 + * Security Bug 1056161 + * Security Bug 1057369 + * Security Bug 1058515 + * Security Bug 1061933 + * Security bug 1065122 + * Security bug 1065731 + * Security Bug 1070012 + * Security bug 1075907 + * Security bug 1087158 + * Security bug 1087629 + * Security bug 1090543 + * Security bug 1098860 + * Security bug 1102137 + * Security bug 1102408 + * Security bug 1108639 diff --git a/dist/changes-5.15.2 b/dist/changes-5.15.2 new file mode 100644 index 000000000..792b9afd6 --- /dev/null +++ b/dist/changes-5.15.2 @@ -0,0 +1,86 @@ +Qt 5.15.2 is a bug-fix release. It maintains both forward and backward +compatibility (source and binary) with Qt 5.15.1. + +For more details, refer to the online documentation included in this +distribution. The documentation is also available online: + + https://doc.qt.io/qt-5.15/index.html + +The Qt version 5.15 series is binary compatible with the 5.14.x series. +Applications compiled for 5.14 will continue to run with 5.15. + +Some of the changes listed in this file include issue tracking numbers +corresponding to tasks in the Qt Bug Tracker: + + https://bugreports.qt.io/ + +Each of these identifiers can be entered in the bug tracker to obtain more +information about a particular change. + +**************************************************************************** +* Library * +**************************************************************************** + +General +------- + - [QTBUG-84632] Warn about QtWebengineProcess launching from network share + on Windows. + - [QTBUG-85363] Handle non-ASCII names for PulseAudio + - [QTBUG-85494] Fix regression crash when not handling QQuickWebEngineNewViewRequest + - [QTBUG-85817] Fix crashes on resize + - [QTBUG-86672] Fix remapped menu key being mapped back to menu key + - [QTBUG-86945] Fix crash when opening a PDF in debug build on windows. + - [QTBUG-87129] Mention node.js build-time dependency + - The QtWebEngineProcess now has a version number + - The old compositor has been removed and can no longer be restored using + command line argument. + +Chromium +-------- + + - The Chromium version has been updated to 83.0.4103.122 + - Security fixes from Chromium up to version 86.0.4240.183, including: + - CVE-2020-6540: Heap buffer overflow in Skia + - CVE-2020-6557: Inappropriate implementation in networking + - CVE-2020-6561: Inappropriate implementation in Content Security Policy + - CVE-2020-6562: Insufficient policy enforcement in Blink + - CVE-2020-6569: Integer overflow in WebUSB + - CVE-2020-6570: Side-channel information leakage in WebRTC + - CVE-2020-6573: Use after free in video + - CVE-2020-6571: Incorrect security UI in Omnibox + - CVE-2020-6575: Race in Mojo + - CVE-2020-6576: Use after free in offscreen canvas + - CVE-2020-15959: Insufficient policy enforcement in networking + - CVE-2020-15960: Out of bounds read in storage + - CVE-2020-15961: Insufficient policy enforcement in extensions + - CVE-2020-15962: Insufficient policy enforcement in serial + - CVE-2020-15963 + - CVE-2020-15964: Insufficient data validation in media + - CVE-2020-15965: Out of bounds write in V8 + - CVE-2020-15966 + - CVE-2020-15968: Use after free in Blink + - CVE-2020-15969: Use after free in WebRTC. + - CVE-2020-15972: Use after free in audio. + - CVE-2020—15973: Insufficient policy enforcement in extensions + - CVE-2020-15974: Integer overflow in Blink + - CVE-2020-15976: Use after free in WebXR + - CVE-2020-15977: Insufficient data validation in dialogs. + - CVE-2020-15978: Insufficient data validation in navigation + - CVE-2020-15979: Inappropriate implementation in V8. + - CVE-2020-15985: Inappropriate implementation in Blink. + - CVE-2020-15987: Use after free in WebRTC + - CVE-2020-15989: Uninitialized Use in PDFium + - CVE-2020-15992: Insufficient policy enforcement in networking + - CVE-2020-15999: Heap buffer overflow in freetype + - CVE-2020-16001: Use after free in media. + - CVE-2020-16002: Use after free in PDFium + - CVE-2020-16003: Use after free in printing + - CVE-2020-16005: Insufficient policy enforcement in ANGLE + - CVE-2020-16008: Stack buffer overflow in WebRTC + - CVE-2020-16009: Inappropriate implementation in V8 + - CVE-2020-16011: Heap buffer overflow in UI on Windows. + - Security bug 1106091 + - Security bug 1107824 + - Security bug 1111149 + - Security bug 1125199 + - Security bug 1137608 |