| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Submodule src/3rdparty 0d984c7f..caba2fcb:
> Bump V8_PATCH_LEVEL
> [Backport] Security bug 1306507
> [Backport] Security bug 1304659
> [Backport] Security bug 1269999
> [Backport] Roll libxml from a46e85f6 to dea91c97
> [Backport] Roll libxml from bfd2f430 to a46e85f6
> [Backport] Roll libxml to bfd2f430
> [Backport] Roll libxml to 7279d236
> [Backport] Roll libxml to f93ca3e1
> [Backport] Security bug 1292905
> [Backport] CVE-2022-1314: Type Confusion in V8
> [Backport] CVE-2022-1310: Use after free in regular expressions
> [Backport] CVE-2022-1305: Use after free in storage
> [Backport] CVE-2022-1125
> [Backport] Security bug 1280852
> [Backport] Secuirity Bug 1296876
> [Backport] CVE-2022-0978: Use after free in ANGLE
> [Backport] CVE-2022-1493: Use after free in Dev Tools
> [Backport] CVE-2022-1138: Inappropriate implementation in Web Cursor.
> Quick fix for regression in service workers by reverting backports
> [Backport] CVE-2022-0797: Out of bounds memory access in Mojo
Pick-to: 5.15
Task-number: QTBUG-103034
Task-number: QTBUG-103038
Task-number: QTBUG-103040
Change-Id: I04e973cb5d9996f8d3590a8fa9a6c47a7b867b87
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pulls in following patches:
* 019a6b9282e Fix arm64 Skia build for macOS
* 368eaa630ba Fixes for universal build
* 08b4e141cc1 Fix clang set-but-unused-variable warning
* 2082566249c [Backport] On arm64 hosts, set host_cpu to 'arm64', not
'arm'.
* f47f334c8ba Fix undefined symbol for universal link
* 23e13d55d84 Add crossbuild support for x64/x86 on macos-arm64
* 8a5738c744e Fix mac toolchain python linker script call
* d3119947e27 Fix python calls
* if1850dc7af Fix cross-compilation arm64->x86_64
* 0d984c7f044 Fix missing dependency for gpu sources
Change-Id: Ib6ac1224b2e5e043c8351905066c7c041e308413
Reviewed-by: Tor Arne Vestbø <tor.arne.vestbo@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Submodule src/3rdparty ab3a3447a..d13d0924c:
> [Backport] CVE-2022-0971
> [Backport] CVE-2022-1096
> [Backport] sandbox: build if glibc 2.34+ dynamic stack size is enabled
Task-number: QTBUG-102144
Change-Id: I88c5a4b18640e1579c67c874f21c627caabdf991
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
Reviewed-by: Tarja Sundqvist <tarja.sundqvist@qt.io>
(cherry picked from commit 4f570bd7add21725d66ac8396dcf21917c3a603f)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Submodule src/3rdparty: 48a205f9..ab3a3447:
> [Backport] CVE-2022-0108: Inappropriate implementation in Navigation
> [Backport] Dependency for CVE-2022-0108
> Bump V8_PATCH_LEVEL
> [Backport] CVE-2022-0111 and CVE-2022-0117 (2/2)
> [Backport] CVE-2022-0111 and CVE-2022-0117 (1/2)
> [Backport] Dependency for CVE-2022-0111 and CVE-2022-0117
> [Backport] CVE-2022-0310 and CVE-0311: Heap buffer overflow in Task Manager
> [Backport] CVE-2022-23852
> [Backport] Security bug 1289394
> [Backport] CVE-2022-0608: Integer overflow in Mojo
> [Backport] Security bug 1270014
> [Backport] Security bug 1261415
> [Backport] CVE-2022-0291: Inappropriate implementation in Storage
> [Backport] CVE-2022-0293: Use after free in Web packaging
> [Backport] CVE-2022-0607: Use after free in GPU
> [Backport] CVE-2022-0610: Inappropriate implementation in Gamepad API
> [Backport] CVE-2022-0606: Use after free in ANGLE
> [Backport] Security bug 1292537
> [Backport] CVE-2022-0609: Use after free in Animation
> [Backport] Security bug 1265570
> [Backport] CVE-2022-0116: Inappropriate implementation in Compositing
> [Backport] Dependency for CVE-2022-0116
> [Backport] CVE-2022-0102: Type Confusion in V8
> [Backport] Security bug 1256885
> [Backport] CVE-2022-0460: Use after free in Window Dialog
> [Backport] CVE-2022-0459: Use after free in Screen Capture
> [Backport] CVE-2022-0461: Policy bypass in COOP
> [Backport] Security bug 1280743
> [Backport] Security bug 1274113
> [Backport] CVE-2022-0456: Use after free in Web Search
> [Backport] CVE-2022-0298: Use after free in Scheduling
> [Backport] Security bug 1276331
> [Backport] CVE-2022-0305: Inappropriate implementation in Service Worker API
> [Backport] CVE-2022-0306: Heap buffer overflow in PDFium
> [Backport] CVE-2022-0289: Use after free in Safe browsing
> [Backport] CVE-2022-0100: Heap buffer overflow in Media streams API
> [Backport] CVE-2022-0113: Inappropriate implementation in Blink
> [Backport] Security bug 1258603
> [Backport] Security bug 1259557
> [Backport] CVE-2022-0103: Use after free in SwiftShader
> [Backport] CVE-2022-0109: Inappropriate implementation in Autofill (2/2)
> [Backport] CVE-2022-0109: Inappropriate implementation in Autofill (1/2)
> [Backport] CVE-2022-0104: Heap buffer overflow in ANGLE
> [Backport] Security bug 1268448
> Replace base::ranges::set_union with std::set_union to fix MSVC2017 build
Task-number: QTBUG-99721
Task-number: QTBUG-101053
Change-Id: I7a834174f05381b1445ee4b222a4e7e67f13472c
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
| |
Submodule src/3rdparty 0ad281437..48a205f9e:
> Do not overwrite signal handlers in the browser process.
> [Backport] Copy 'name_' member during StyleRuleProperty::Copy
Change-Id: Ifd4b0c0d130d024e6b97f6898180d9b39cf19814
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Submodule src/3rdparty b77d64307..0ad281437:
> [Backport] CVE-2021-4102: Use after free in V8
> [Backport] CVE-2021-4101: Heap buffer overflow in Swiftshader.
> [Backport] CVE-2021-4099: Use after free in Swiftshader
> [Backport] CVE-2021-4098: Insufficient data validation in Mojo
> Try to fix build on Apple Monterey
> [Backport] Handle long SIGSTKSZ in glibc > 2.33
> [Backport] abseil-cpp: Fixes build with latest glibc
Fixes: QTBUG-99403
Change-Id: I24fe2b4cc0834200296c345fb29ffe5d1d4b1bb0
Reviewed-by: Tor Arne Vestbø <tor.arne.vestbo@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Submodule src/3rdparty bfc2de04..b77d6430:
> Bump V8_PATCH_LEVEL
> [Backport] CVE-2021-4078: Type confusion in V8
> [Backport] CVE-2021-4079: Out of bounds write in WebRTC
> [Backport] Security bug 1259899
> [Backport] CVE-2021-4062: Heap buffer overflow in BFCache
> [Backport] CVE-2021-4059: Insufficient data validation in loader
> [Backport] CVE-2021-4058: Heap buffer overflow in ANGLE (2/2)
> [Backport] CVE-2021-4058: Heap buffer overflow in ANGLE (1/2)
> [Backport] CVE-2021-4057: Use after free in file API
> Use wglSetPixelFormat directly only if in software mode
> Compile with GCC 11 -std=c++20
Task-number: QTBUG-98854
Change-Id: I7279387c9c7afece1eb51abb2f68d2e65f4dd31f
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Submodule src/3rdparty 8c0a9b44..bfc2de04:
> [Backport] CVE-2021-37996 : Insufficient validation of untrusted
input in Downloads
> [Backport] CVE-2021-38001 : Type Confusion in V8
> [Backport] Security bug 1252858
> [Backport] CVE-2021-37989 : Inappropriate implementation in Blink
> [Backport] Dependency for CVE-2021-37989
> [Backport] CVE-2021-38022: Inappropriate implementation in
WebAuthentication
> [Backport] CVE-2021-38012: Type Confusion in V8
> [Backport] CVE-2021-38010: Inappropriate implementation in service
workers
> [Backport] CVE-2021-38021: Inappropriate implementation in referrer
> [Backport] CVE-2021-38005: Use after free in loader (3/3)
> [Backport] CVE-2021-38005: Use after free in loader (2/3)
> [Backport] CVE-2021-38005: Use after free in loader (1/3)
> [Backport] CVE-2021-38019: Insufficient policy enforcement in CORS
> [Backport] CVE-2021-38007: Type Confusion in V8
> [Backport] CVE-2021-38017: Insufficient policy enforcement in iframe
sandbox
> [Backport] CVE-2021-38009: Inappropriate implementation in cache
> [Backport] Dependency for CVE-2021-38009
> [Backport] CVE-2021-38015: Inappropriate implementation in input
> [Backport] CVE-2021-38018: Inappropriate implementation in
navigation
> Revert "Stop orphan child processes from staying alive on Windows"
> Fix stack overflow on gpu channel recreate with an error
> [Backport] Security bug 1245870
> [Backport] CVE-2021-37993 : Use after free in PDF Accessibility
> [Backport] CVE-2021-37984 : Heap buffer overflow in PDFium
> [Backport] CVE-2021-37992 : Out of bounds read in WebAudio
> [Backport] CVE-2021-37987 : Use after free in Network APIs
> [Backport] CVE-2021-38003 : Inappropriate implementation in V8
> [Backport] CVE-2021-3541 libxml2: Exponential entity expansion
attack bypasses all existing protection mechanisms
> [Backport] CVE-2021-3517: libxml2: Heap-based buffer overflow in
xmlEncodeEntitiesInternal() in entities.c
Task-number: QTBUG-98854
Fixes: QTBUG-98855
Fixes: QTBUG-98400
Fixes: QTBUG-98401
Change-Id: Idb07729bf45ed59eb8163186925095e1a1e30318
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Submodule src/3rdparty 9f71911e3..8c0a9b445:
> Revert "[Backport] Security bug 1239116"
> [Backport] Linux sandbox: update syscalls numbers on 32-bit platforms
> [Backport] sandbox: linux: allow clock_nanosleep & gettime64
> [Backport] Linux sandbox: update syscall numbers for all platforms.
> Revert "[Backport] CVE-2021-37976 : Information leak in core"
> [Backport] Ease HarfBuzz API change with feature detection
> Bump V8_PATCH_LEVEL
> CVE-2021-37972 : Out of bounds read in libjpeg-turbo
> Add switch for static and dynamic crt
> [Backport] Security bug 1248665
> [Backport] CVE-2021-37975 : Use after free in V8
> [Backport] CVE-2021-37980 : Inappropriate implementation in Sandbox
> [Backport] CVE-2021-37979 : Heap buffer overflow in WebRTC (2/2)
> [Backport] CVE-2021-37979 : Heap buffer overflow in WebRTC (1/2)
> [Backport] CVE-2021-37978 : Heap buffer overflow in Blink
> [Backport] CVE-2021-37976 : Information leak in core
> [Backport] CVE-2021-30616: Use after free in Media.
> [Backport] Dependency for CVE-2021-30616
> [Backport] CVE-2021-37962 : Use after free in Performance Manager (2/2)
> [Backport] CVE-2021-37962 : Use after free in Performance Manager (1/2)
> [Backport] CVE-2021-37973 : Use after free in Portals
> [Backport] CVE-2021-37971 : Incorrect security UI in Web Browser UI.
> [Backport] CVE-2021-37968 : Inappropriate implementation in Background Fetch API
> [Backport] CVE-2021-37967 : Inappropriate implementation in Background Fetch API
> [Backport] Linux sandbox: return ENOSYS for clone3
> [Backport] Linux sandbox: fix fstatat() crash
> [Backport] Reland "Reland "Linux sandbox syscall broker: use struct kernel_stat""
> [Backport] Security bug 1238178 (2/2)
> [Backport] Security bug 1238178 (1/2)
> [Backport] CVE-2021-30633: Use after free in Indexed DB API (2/2)
> [Backport] CVE-2021-30633: Use after free in Indexed DB API (1/2)
> [Backport] CVE-2021-30630: Inappropriate implementation in Blink
> [Backport] CVE-2021-30629: Use after free in Permissions
> [Backport] CVE-2021-30628: Stack buffer overflow in ANGLE
> [Backport] CVE-2021-30627: Type Confusion in Blink layout
> [Backport] CVE-2021-30626: Out of bounds memory access in ANGLE
> [Backport] CVE-2021-30625: Use after free in Selection API
> [Backport] Security bug 1239116
> [Backport] Security bug 1206289
> [Backport] CVE-2021-30613: Use after free in Base internals
> [Backport] Security bug 1227228
> [Backport] CVE-2021-30618: Inappropriate implementation in DevTools
Task-number: QTBUG-96908
Change-Id: Ib473ba7dc4ac799288d69812d59e229118793d41
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
(cherry picked from commit f0a1cb8da24518c03858b85378f9ad82b0603a1a)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
|
|
|
|
|
|
|
|
|
|
|
| |
Submodule src/3rdparty c8087cb6..9f71911e:
> [Backport] CVE-2021-30560: Use after free in Blink XSLT
Task-number: QTBUG-94103
Change-Id: I3e43653b6b3370d71b09b52a781a3b1d6c82293e
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
(cherry picked from commit 2acbba86362ac3a1c2d8c20390dc263875f8f09c)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Submodule src/3rdparty 24fe4f70..c8087cb6:
> [Backport] CVE-2021-30566: Stack buffer overflow in Printing
> [Backport] CVE-2021-30585: Use after free in sensor handling
> Bump V8_PATCH_LEVEL
> [Backport] Security bug 1228036
> [Backport] CVE-2021-30604: Use after free in ANGLE
> [Backport] CVE-2021-30603: Race in WebAudio
> [Backport] CVE-2021-30602: Use after free in WebRTC
> [Backport] CVE-2021-30599: Type Confusion in V8
> [Backport] CVE-2021-30598: Type Confusion in V8
> [Backport] Security bug 1227933
> [Backport] Security bug 1205059
> [Backport] Security bug 1184294
> [Backport] Security bug 1198385
> [Backport] CVE-2021-30588: Type Confusion in V8
> [Backport] CVE-2021-30587: Inappropriate implementation in Compositing on Windows
> [Backport] CVE-2021-30573: Use after free in GPU
> [Backport] CVE-2021-30569, security bugs 1198216 and 1204814
> [Backport] CVE-2021-30568: Heap buffer overflow in WebGL
> [Backport] CVE-2021-30541: Use after free in V8
> [Backport] Security bugs 1197786 and 1194330
Task-number: QTBUG-94103
Task-number: QTBUG-95581
Change-Id: I1900426d64727fc065d438a0e4b3b9e916d537c0
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
(cherry picked from commit 1b9897bbe11c6ed6b27fe45b6faa20f300149b99)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Submodule src/3rdparty 5db4492a..24fe4f70:
> [Backport] Security bug 1194689
> [Backport] CVE-2021-30563: Type Confusion in V8
> [Backport] Security bug 1211215
> [Backport] Security bug 1209558
> [Backport] CVE-2021-30553: Use after free in Network service
> [Backport] CVE-2021-30548: Use after free in Loader
> [Backport] CVE-2021-30547: Out of bounds write in ANGLE
> [Backport] CVE-2021-30556: Use after free in WebAudio
> [Backport] CVE-2021-30559: Out of bounds write in ANGLE
> [Backport] CVE-2021-30533: Insufficient policy enforcement in PopupBlocker
> [Backport] Security bug 1202534
> [Backport] CVE-2021-30536: Out of bounds read in V8
Task-number: QTBUG-94103
Change-Id: I500b3258a90ea4f5d932777b9f217b6da1b8778c
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Submodule src/3rdparty 7948becb..5db4492a:
> [Backport] CVE-2021-30522: Use after free in WebAudio
> [Backport] CVE-2021-30554 Use after free in WebGL
> [Backport] CVE-2021-30551: Type Confusion in V8
> [Backport] CVE-2021-30544: Use after free in BFCache
> [Backport] CVE-2021-30535: Double free in ICU
> [Backport] CVE-2021-30534: Insufficient policy enforcement in iFrameSandbox
> [Backport] CVE-2021-30530: Out of bounds memory access in WebAudio
> [Backport] CVE-2021-30523: Use after free in WebRTC
Task-number: QTBUG-94103
Change-Id: Ib1d77dae4c4b0f98f3eaf99442159374b8003fe7
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
|
| |
Submodule src/3rdparty eaffb82d..7948becb:
> Generate mojo bindings before compiling extension API registration
Change-Id: Ie01368c9a082142801f0d0f8672ed7461631cfa1
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Submodule src/3rdparty dc35950b..eaffb82d:
> [Backport] Security bug 1201938
> [Backport] Security bug 1201340
> [Backport] Security bug 1195331
> [Backport] Security bug 1204071
> [Backport] CVE-2021-30518: Heap buffer overflow in Reader Mode
> [Backport] CVE-2021-30516: Heap buffer overflow in History.
> [Backport] CVE-2021-30515: Use after free in File API
> [Backport] CVE-2021-30513: Type Confusion in V8
> [Backport] CVE-2021-30512: Use after free in Notifications
> [Backport] CVE-2021-30510: Race in Aura
> [Backport] CVE-2021-30508: Heap buffer overflow in Media Feeds
> Workaround revoked certificate check on Linux
Fixes: QTBUG-92895
Change-Id: Ib83f18a256822a2a6feb5dcdd1df7e933a2dd271
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
| |
Submodule src/3rdparty 1d3b13e9..dc35950b:
> FIXUP: third_party perfetto: add missing include for clang, asan and no_pch
> Bump V8_PATCH_LEVEL
> Fix build with GCC 11
Fixes: QTBUG-93744
Change-Id: If79bfb844f03052eab4d11018f07357b383626a7
Reviewed-by: Kirill Burtsev <kirill.burtsev@qt.io>
|
|
|
|
|
|
|
|
|
|
|
| |
Pulls in the following changes:
Submodule src/3rdparty 6c7b4ffb..1d3b13e9
> 1d3b13e9634 Make clang to inline load/store atomic calls for YieldSortKey struct
> f6730fe81a0 Enable XkbKeyboardLayoutEngine::SetCurrentLayoutByName for Qt
Fixes: QTBUG-92971
Change-Id: I0c0cddfe4d3e25fd6d3f7e0764b302c300303172
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Submodule src/3rdparty 3f594ea1..6c7b4ffb:
> FIXUP: Avoid crashing on new window in cross-origin isolated content
> [Backport] Security bug 1198309
> [Backport] CVE-2021-21231: Insufficient data validation in V8
> [Backport] CVE-2021-21230: Type Confusion in V8
> [Backport] CVE-2021-21233: Heap buffer overflow in ANGLE
> [Backport] CVE-2021-21227: Insufficient data validation in V8
> Avoid crashing on new window in cross-origin isolated content
> Fix build with system ICU 69
Change-Id: Iab339abb1a34ce93e03f64608c6b5c5719f36fce
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Submodule src/3rdparty dd45b1a1..3f594ea1:
> [Backport] Security bug 1155297 (3/3)
> [Backport] Security bug 1155297 (2/3)
> [Backport] Security bug 1155297 (1/3)
> [Backport] Security bug 1192552
> [Backport] CVE-2021-21225: Out of bounds memory access in V8 (2/2)
> [Backport] CVE-2021-21225: Out of bounds memory access in V8 (1/2)
> [Backport] CVE-2021-21224: Type Confusion in V8
> [Backport] CVE-2021-21223: Integer overflow in Mojo
> [Backport] CVE-2021-21222: Heap buffer overflow in V8
Task-number: QTBUG-92895
Change-Id: I9c5c3aa451d8a4cab018e23a6407fd0e1f7a58de
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Submodule src/3rdparty c38ae3ec..dd45b1a1:
> [Backport] CVE-2021-21209: Inappropriate implementation in storage (5/5)
> [Backport] CVE-2021-21209: Inappropriate implementation in storage (4/5)
> [Backport] CVE-2021-21209: Inappropriate implementation in storage (3/5)
> [Backport] CVE-2021-21209: Inappropriate implementation in storage (2/5)
> [Backport] CVE-2021-21209: Inappropriate implementation in storage (1/5)
> [Backport] Security bug 1184441
> [Backport] Security bug 1162424
Task-number: QTBUG-92895
Change-Id: I04217fe2026d0087e4b7bd9bc6d5e8fcb5e25ebd
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Submodule src/3rdparty 6764c29f..c38ae3ec:
> [Backport] Security bug 1190525
> [Backport] Security bug 1161759
> [Backport] Security bug 1175503
> [Backport] Security bugs 1175522 and 1181276
> [Backport] CVE-2021-21219: Uninitialized Use in PDFium
> [Backport] CVE-2021-21217 and CVE-2021-21218: Uninitialized Use in PDFium
> [Backport] CVE-2021-21214: Use after free in Network API
> [Backport] CVE-2021-21213: Use after free in WebMIDI
> [Backport] CVE-2021-21207: Use after free in IndexedDB
> [Backport] CVE-2021-21221: Insufficient validation of untrusted input in Mojo
> [Backport] CVE-2021-21204: Use after free in Blink.
> [Backport] CVE-2021-21203: Use after free in Blink
> [Backport] CVE-2021-21202: Use after free in extensions.
> [Backport] CVE-2021-21201: Use after free in permissions
Task-number: QTBUG-92895
Change-Id: I7e6f3d443366bb291cab027510f76788c14fc023
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
| |
Stop using SiteForCookies::RepresentativeUrl() if it is used to provide
first party url because it returns a truncated URL and our API is expected
to return the full url of the first party.
Fixes: QTBUG-90231
Change-Id: I628f7f31bfbeaf3de976ae9af1a8fa6408b661c5
Reviewed-by: Kirill Burtsev <kirill.burtsev@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Submodule src/3rdparty d13920f2..048f5e99:
> [Backport] CVE-2021-21220: Insufficient validation of untrusted input in V8 for x86_64
> [Backport] CVE-2021-21206: Use after free in Blink
> Fix build with no extensions on mac
Task-number: QTBUG-92080
Change-Id: I0265d3992ac3ec7fe0f55405daf58d1fc2789b12
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Submodule update src/3rdparty 8d49f9a2..d13920f2:
> [Backport] Security bug 1185482
> [Backport] Security bug 1161847
> [Backport] Security bug 1161379
> [Backport] CVE-2021-21198: Out of bounds read in IPC
> [Backport] CVE-2021-21195: Use after free in V8
Task-number: QTBUG-92080
Change-Id: I638a0fa0285d46736cfbf5406874702bd3600580
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Submodule src/3rdparty 6ec3297a..9d237e39:
> Fixup for: [Backport] Security bug 1062941
> [Backport] CVE-2021-21193: Use after free in Blink
> [Backport] CVE-2021-21191: Use after free in WebRTC
> [Backport] Security bug 1161048
> [Backport] Security bug 1155710
> [Backport] Security bug 1062941
> [Backport] Security bug 1142712 (2/2)
> [Backport] Security bug 1142712 (1/2)
> [Backport] Security bug 1146813 (2/2)
> [Backport] Security bug 1146813 (1/2)
> [Backport] CVE-2021-21166: Object lifecycle issue in audio
> [Backport] CVE-2021-21187: Insufficient data validation in URL formatting
> [Backport] CVE-2021-21183 and CVE-2021-21184: Inappropriate implementation in performance APIs
> [Backport] CVE-2020-27844: Heap buffer overflow in OpenJPEG
> Fix crashes when webrtc is not compiled in
Task-number: QTBUG-92080
Change-Id: Ifaac3e24a5f0cacb8ba783f453ae30c8ae5e9abf
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Submodule src/3rdparty 302379ca..79f989b8:
> Build fix for "[Backport] CVE-2021-21160..." with gcc
> [Backport] CVE-2021-21160: Heap buffer overflow in WebAudio
> [Backport] CVE-2021-21173: Side-channel information leakage in Network Internals.
> [Backport] CVE-2021-21190: Uninitialized Use in PDFium
> [Backport] CVE-2021-21188: Use after free in Blink.
> [Backport] CVE-2021-21178: Inappropriate implementation in Compositing
> [Backport] CVE-2021-21175: Inappropriate implementation in Site isolation
> [Backport] CVE-2021-21174: Inappropriate implementation in Referrer.
> [Backport] CVE-2021-21172: Insufficient policy enforcement in File System API
> [Backport] CVE-2021-21171: Incorrect security UI in TabStrip and Navigation
> [Backport] CVE-2021-21169: Out of bounds memory access in V8 (2/2)
> [Backport] CVE-2021-21169: Out of bounds memory access in V8 (1/2)
> [Backport] CVE-2021-21168: Insufficient policy enforcement in appcache
> [Backport] CVE-2021-21165: Object lifecycle issue in audio
> [Backport] CVE-2021-21162: Use after free in WebRTC
> [Backport] CVE-2021-21179: Use after free in Network Internals
> [Backport] Security bug 1175975
> [Backport] Security bug 1167277
> [Backport] Security bug 1180871
> Fix WebRtcLoggingController for QtWebEngine
Task-number: QTBUG-92080
Change-Id: I8578ea4a3fe13b9e5a3e6ed01f8fe9d3053353fc
Reviewed-by: Kirill Burtsev <kirill.burtsev@qt.io>
|
|
|
|
|
|
|
|
|
|
|
| |
Submodule src/3rdparty 7c8217b3..302379ca:
> Fix multiple include dirs
> Revert "Use devtools app for Qt"
> Prepare net-internals for QtWebEngine usage
Task-number: QTBUG-91799
Change-Id: I527fd06a1f3f142cafb098d93ee3bfc0026984f9
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
|
|
|
|
| |
Submodule src/3rdparty d9d9e606..7c8217b3:
> [Backport] Remove mouse wheel handler DCHECK
> PDF viewer: Restore createBrowserApi() function
> [Backport] CVE-2021-21138: Use after free in DevTools
Change-Id: I1190e71d109c98285a57365f8ed1315b50895da1
Reviewed-by: Szabolcs David <davidsz@inf.u-szeged.hu>
Reviewed-by: Kirill Burtsev <kirill.burtsev@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Submodule src/3rdparty 4cb55651..d77379c5:
> [Backport] CVE-2021-21153: Stack overflow in GPU Process
> [Backport] CVE-2021-21152: Heap buffer overflow in Media
> [Backport] CVE-2021-21157: Use after free in Web Sockets
> [Backport] CVE-2021-21156: Heap buffer overflow in V8
> [Backport] Security bug 1171954
> [Backport] CVE-2021-21149: Stack overflow in Data Transfer
> [Backport] Dependency for CVE-2021-21150: Use after free in Downloads [1/1]
> [Backport] CVE-2021-21150: Use after free in Downloads
> FIXUP: [Backport] CVE-2021-21149: Stack overflow in Data Transfer
> FIXUP: [Backport] CVE-2021-21149: Stack overflow in Data Transfer
Task-number: QTBUG-90575
Pick-to: 5.15
Change-Id: I37640b05028616fae93e1bb301d92968ef24b0b1
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
| |
Change-Id: I653dee03adcad422d1210fda48bdd5b701382b00
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Submodule src/3rdparty a38752bf..391a8eef6:
> Fix memory thresholds over 20GiB
> [Backport] Security bug 1162198
> [Backport] Security bug 1161654
> [Backport] CVE-2021-21140: Uninitialized Use in USB [1/2]
> [Backport] CVE-2021-21140: Uninitialized Use in USB [2/2]
> [Backport] CVE-2021-21132: Inappropriate implementation in DevTools
> [Backport] Security bug 1135594
> Make nss certificates disableable for QtPdf
> [Backport] Security bug 1144646
> [Backport] WebRTC bug 12105
> [Backport] Security bug 1127774
> [Backport] Dependendy for security bug 937131 (1/1)
> [Backport] Security bug 937131
> [Backport] CVE-2021-21122: Use after free in Blink
Task-number: QTBUG-90575
Change-Id: I6761314f7b2da13854362c39fbb80ab0db138fb2
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
| |
Submodule src/3rdparty 1711a9c9..a38752bf:
> [Backport] CVE-2021-21147: Inappropriate implementation in Skia
> [Backport] CVE-2021-21146: Use after free in Navigation
> [Backport] CVE-2021-21145: Use after free in Fonts
> [Backport] CVE-2021-21148: Heap buffer overflow in V8
Change-Id: I4955f682de0e741a0bf279218fb3ce2efa9f8aac
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
|
|
|
|
| |
Also add third party python dependencies of tracing to the snapshot.
Pulls in the following changes:
a7c1c17e0b9 [Revert] Do not bundle the tracing UI resources
1711a9c9bf4 Enable build of tracing UI
Change-Id: I0a6abfeb04cb66ae33b26b6353edad2aecf39365
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The corresponding WebUI is chrome://webrtc-logs
It only makes sense with the hangout services extension. It seems to be
only useable with meet.google.com. The behavior is same for Chrome.
Uploading logs to Google is disabled in the Chromium patch. It is an
extension API functionality. The WebUI only lists the previously
generated logs.
Pulls in the following changes:
1dda5314b02 Enable webrtcLoggingPrivate extension API for hangout extension
7d71aca116d FIXUP: Enable webrtcLoggingPrivate extension API for hangout extension
Change-Id: I455fce7c8081e71967e55ab1f889df6ef91ed253
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Submodule src/3rdparty 19c6bab8..471e102b:
> [Backport] CVE-2021-21123: Insufficient data validation in File System API (3/3)
> [Backport] CVE-2021-21123: Insufficient data validation in File System API (2/3)
> [Backport] CVE-2021-21123(1/3), CVE-2021-21125, CVE-2021-21129,CVE-2021-21130, CVE-2021-21131, CVE-2021-21141
> [Backport] CVE-2021-21137: Inappropriate implementation in DevTools
> [Backport] CVE-2021-21135: Inappropriate implementation in Performance API
Change-Id: Icb814f643421b814a0065c859942d9c6000695eb
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
Reviewed-by: Kirill Burtsev <kirill.burtsev@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Submodule src/3rdparty f9845463..19c6bab8:
> [Backport] Security bug 1097499
> [Backport] CVE-2021-21128: Heap buffer overflow in Blink
> [Backport] CVE-2021-21127: Insufficient policy enforcement in extensions
> [Backport] CVE-2021-21126: Insufficient policy enforcement in extensions
> [Backport] CVE-2020-16044: Use after free in WebRTC [3/3]
> [Backport] CVE-2020-16044: Use after free in WebRTC [2/3]
> [Backport] CVE-2020-16044: Use after free in WebRTC [1/3]
> [Backport] CVE-2021-21121: Use after free in Omnibox
> [Backport] CVE-2021-21120: Use after free in WebSQL
> [Backport] CVE-2021-21119: Use after free in Media
> FIXUP: Fix build with msvc2019 16.8.0
> FIXUP: Make GpuSwitchingManager::RemoveObserver() thread safe
Change-Id: Ib77701fa61c9e05d1c29485edb12da5c016982ad
Reviewed-by: Kirill Burtsev <kirill.burtsev@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pulls in the following changes:
* f9845463789 FIXUP: Fixes for jumbo build
* 50a83c68629 [Backport] CVE-2021-21118 (3/3)
* d964369bee6 [Backport] CVE-2021-21118 (2/3)
* 85b0d34712c [Backport] CVE-2021-21118 (1/3)
Change-Id: I06d55d9f27cb99815174aef44cb959af189f6dfd
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Register browser interface binders for PDF viewer. Copied back this
logic from the guest view implementation (from dev) to enable usage
of chrome.resourcesPrivate API in the PDF viewer of 5.15.
- Implement template replacements for extensions. Replace i18n
placeholders in the PDF viewer HTML to prevent syntax issues and
support localization.
Task-number: QTBUG-90035
Change-Id: Ief5fc536435e5c183dc987462d89311dfa429970
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
| |
[ChangeLog] Enable hangout services extension and implement its
WebRTC desktop capture extension API dependency.
Fixes: QTBUG-85731
Task-number: QTBUG-51185
Task-number: QTBUG-61676
Change-Id: I7a659c2b0039243ac8d8c58685716ffc55265e3b
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
| |
Change-Id: Ic4ffd98e02f986dbaf986405360e727c813e696e
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Load with client or server http error results in successful navigation,
which leads to 'true' loadFinished result, and subsequent chromium's error
page load and display with second set of loadStarted/loadFinished signals.
This effectively ignores QWebEngineSettings::ErrorPageEnabled. Fixing it
requires submodule change to ask embedder if error pages should also be
suppressed for http errors.
Also update chromium for required change, which pulls in the following changes:
* e71010069b4 Fix embedded builds with printing enabled
* f5a93d251cc Allow the embedder to suppress an error page for http errors
Change-Id: I731678575439a6dad90dfb89e79b0083c63b49c2
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pulls in the following changes:
* dfe93385f41 [Revert] Don't use harfbuzz-subset
* 9087c921839 Add user script data mojo interface and traits
* 25db271c9b5 Add WebEnginePageRenderFrame mojo interface
Change-Id: I3bf77b63acb3dab3113f70105d3dd304d2d34b95
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pulls in the following changes:
* f830b86ef77 [Backport] mac: make find_sdk.py work when the sdk goes to 11
* 9236b21c883 Fix build with system ICU 68
* 138a7203f16 Fix build with msvc2019 16.8.0
* 1ca6cb93ca8 Add qt static dependencies: qtfreetype, qtharfbuzz
* 29b90d82710 Add qt static dependencies: qtlibpng
* da115b70738 Add qt static dependencies: qtlibjpeg
* bb90182aa90 Add qt static dependencies: qtzlib
Change-Id: Ib986dde7db99c7d6663d12f933ddbb4acc4e79e1
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Including security issue under active exploit.
Submodule src/3rdparty 55b3d183..fb6ab5e4:
> [Backport] Security bug 1137608
> [Backport] CVE-2020-16011: Heap buffer overflow in UI on Windows.
> [Backport] CVE-2020-16009: Inappropriate implementation in V8
> [Backport] CVE-2020-16008: Stack buffer overflow in WebRTC
> [Backport] CVE-2020-16005: Insufficient policy enforcement in ANGLE
> Fix assert when running tests build with -no-webengine-webrtc
Change-Id: Ic9ee45fbd78c999881454e5e0e3091489f637aae
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pulls in the changes:
2cad1d38b57 [Backport] CVE-2020-6540: Heap buffer overflow in Skia
e1f5ffc2a12 [Backport] CVE-2020-6569: Integer overflow in WebUSB
75b417b86b4 [Backport] CVE-2020-6570: Side-channel information leakage in WebRTC
0785cd83782 [Backport] CVE-2020-6573: Use after free in video
3ddb1e9639a [Backport] CVE-2020-6575: Race in Mojo
e967bb155a0 [Backport] CVE-2020-6576: Use after free in offscreen canvas
40cebfb3051 [Backport] CVE-2020-15959: Insufficient policy enforcement in networking
405e7526583 [Backport] CVE-2020-15965: Out of bounds write in V8
295feb590b1 [Backport] CVE-2020-15963 and CVE-2020-15966
43812fd40d4 [Backport] CVE-2020-15961: Insufficient policy enforcement in extensions
08a25bf9dd2 Only upgrade to WebSocket when WebSocket was requested
2f75c909270 [Backport] CVE-2020-15962: Insufficient policy enforcement in serial
06afd03d826 [Backport] CVE-2020-15960: Out of bounds read in storage
9e5518f06ad [Backport] Security bug 1111149
b627f77e859 [Backport] CVE-2020-15964: Insufficient data validation in media
bc35c7711ad Fix assert when checking if RendererAppContainer feature is enabled
06b27f95d60 [Backport] CVE-2020-6571: Incorrect security UI in Omnibox
8227b9613d1 CVE-2020-15999: Heap buffer overflow in freetype
cc1e87a0d71 [Backport] CVE-2020-15978 Insufficient data validation in navigation
308da5d58b4 [Backport] CVE-2020-15969: Use after free in WebRTC.
9f5fde5b649 [Backport] CVE-2020-15968: Use after free in Blink
97b92535b31 [Backport] CVE-2020-15972: Use after free in audio.
873abc1112c [Backport] CVE-2020-15979: Inappropriate implementation in V8.
c0343ceec47 [Backport] CVE-2020-15976: Use after free in WebXR
e874d48f9e6 [Backport] CVE-2020-15992 Insufficient policy enforcement in networking
956ce06c56c [Backport] CVE-2020-15974: Integer overflow in Blink
4662223422d [Backport] Security bug 1125199
74e26aab318 [Backport] Security bug 1107824
33e9e655166 [Backport] CVE-2020-15977: Insufficient data validation in dialogs.
f6db4999b0e [Backport] CVE-2020—15973: Insufficient policy enforcement in extensions (1/2)
466da17a0cd [Backport] CVE-2020—15973: Insufficient policy enforcement in extensions (2/2)
027c3d7bae7 [Backport] CVE-2020-15989: Uninitialized Use in PDFium
14e9b6f6d3a [Backport] CVE-2020-16003: Use after free in printing
8527c994fe3 [Backport] CVE-2020-16002: Use after free in PDFium
4f461642a79 [Backport] CVE-2020-16001: Use after free in media.
99877493b32 Fixup: [Backport] CVE-2020-16001: Use after free in media
489d6e637e5 [Backport] CVE-2020-15987: Use after free in WebRTC (1/2)
6ef8f4ed829 [Backport] CVE-2020-15987: Use after free in WebRTC (2/2)
9d173d02d5e [Backport] Security bug 1106091
327474aed0e [Backport] CVE-2020-6557: Inappropriate implementation in networking
55b3d183921 [Backport] CVE-2020-15985: Inappropriate implementation in Blink.
Task-number: QTBUG-87967
Change-Id: Ibca52ab97ac407679e4bac5c6b7dc2285f8bcd37
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pulls in the following changes:
8776c7b2c15 [Backport] Security bug 1052492
22d88d240bc [Backport] CVE-2020-6533: Type Confusion in V8.
3c832d33641 [Backport] CVE-2020-6532: Use after free in SCTP
388b838dbb3 [Backport] CVE-2020-6541: Use after free in WebUSB
27fa668c5ee [Backport] Security bug 1102408
d3a76ebde8e [Backport] CVE-2020-6542: Use after free in ANGLE
4694a85f33e [Backport] CVE-2020-6543: Use after free in task scheduling
583f976f9a7 [Backport] CVE-2020-6544: Use after free in media
fa97385b501 [Backport] CVE-2020-6548: Heap buffer overflow in Skia
32655453cd7 [Backport] CVE-2020-6549: Use after free in media
ddcf711e69e [Backport] CVE-2020-6550: Use after free in IndexedDB
6a0f49a17b0 [Backport] CVE-2020-6551: Use after free in WebXR
b385b7bbbe4 [Backport] CVE-2020-6545: Use after free in audio
fe23e656183 [Backport] CVE-2020-6559: Use after free in presentation API
4466538c610 [Backport] Security issue 1102137
c3d07802d40 [Backport] Security issue 1108639
b1c7638148b [Backport] Security issue 1098860
011af517d81 [Backport] CVE-2020-6555: Out of bounds read in WebGL
273005ea959 [Backport] Security bugs 1087629 and 1029569
bdb438eff33 [Backport] Dependency for CVE-2020-6561 (1/2)
c223f423808 [Backport] Dependency for CVE-2020-6561 (2/2)
607bff335b1 [Backport] CVE-2020-6561: Inappropriate implementation in Content Security Policy
ed4b6792e13 [Backport] CVE-2020-6562: Insufficient policy enforcement in Blink
c5637fa9071 [Revert] [build] Remove jumbo build configs
Task-number: QTBUG-86342
Change-Id: I7ad617e1c617ef405a608e05cdafbfae5ad412fa
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pulls in the changes:
b1c7f4dd221 [Backport] CVE-2020-6510: Heap buffer overflow in background fetch
9a1f5aa55bf [Backport] CVE-2020-6511: Side-channel information leakage in CSP (1/2)
65a41d539be [Backport] CVE-2020-6511: Side-channel information leakage in CSP (2/2)
c7659e61424 [Backport] CVE-2020-6512: Type Confusion in V8 (1/2)
c3dda9b1ba0 [Backport] CVE-2020-6512: Type Confusion in V8 (2/2)
b6707b23089 [Backport] CVE-2020-6512: Type Confusion in V8 (3/3)
0ea2066f022 [Backport] CVE-2020-6514: Inappropriate implementation in WebRTC
9c0fcb08ccc [Backport] CVE-2020-6518: Use after free in developer tools
cf40f91b1a1 [Backport] CVE-2020-6523: Out of bounds write in Skia
ed4112559e3 [Backport] CVE-2020-6513: Heap buffer overflow in PDFium
6f57596692e [Backport] CVE-2020-6524: Heap buffer overflow in WebAudio
33ea34381ce [Backport] CVE-2020-6526: Inappropriate implementation in iframe sandbox
49583b1502a [Backport] CVE-2020-6529: Inappropriate implementation in WebRTC
d4576fb0757 [Backport] CVE-2020-6535: Insufficient data validation in WebUI
0998aa1143f [Backport] Security bug 1090543
98883838595 [Backport] CVE-2020-6530: Out of bounds memory access in developer tools
1be41cad096 [Backport] CVE-2020-6531: Side-channel information leakage in scroll to text
71896380867 [Backport] Security bug 1065731
3f13f72f337 [Backport] Security bug 1065122
c8109013cc7 [Backport] CVE-2020-6534: Heap buffer overflow in WebRTC
Change-Id: Idd5bf0023c013bf94ebae552b27932a14ddb86d2
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
| |
Change-Id: I63ed851426b18623d549ceaf87f1b6eeec527966
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
|
|
|
|
|
|
|
|
|
|
| |
Submodule src/3rdparty 4e0b66a6..62bc4758:
> [Backport] Security issue 1098860
> [Backport] Security issue 1108639
> [Backport] Security issue 1102137
> [Backport] CVE-2020-6559: Use after free in presentation API
Change-Id: Ifa6ba52fa2d760b20e3b36abb10adaca0fc79cf8
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
| |
* e31cc67a44d Fix neon support in libpng
Change-Id: Ib06498f303106d113cc3b4c5b70d20685c9e6b9f
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|