| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
|
|
|
|
|
|
| |
Sumbmodule src/3rdparty 24df9c9b..9457651e:
> [Backport] CVE-2022-3723: Type Confusion in V8
Task-number: QTBUG-108106
Change-Id: Ic6ae78e84df7198e5729f1377b60d774e1b1e5fa
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
| |
Fix usage of badcode vs code.
This commit amends 82357352b49fdcba80727feec441053f676b5af2.
Fixes: QTBUG-107502
Pick-to: 6.4
Change-Id: I50be8b37a81f33ef8e8dff3985d00f562542031a
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
| |
According to qt docs this variable should have
same effect like setting Qt::AA_UseSoftwareOpenGL on
application, therefore read that in case of detecting
the software mode.
Pick-to: 6.4 6.4.0 6.3
Task-number: QTBUG-106095
Change-Id: I00fa8f0607ca44533c445434d1a35a1524bab679
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
| |
The module filename can be different depending on
windows platform for example "openglsw32.dll", "openglsw32.DLL",
"openglsw32". Make check more relaxed.
Fixes: QTBUG-106095
Pick-to: 6.4 6.4.0 6.3 5.15
Change-Id: I0abd5f61df2a44b395c8a81511e4d3bc807e1537
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Submodule src/3rdparty 8496e134..620599a6:
* 2nd fixup for [Backport] CVE-2022-2605
* Fixup for [Backport] CVE-2022-2605: Out of bounds read in Dawn (1/3)
* [Backport] CVE-2022-2854: Use after free in SwiftShader
* [Backport] CVE-2022-2860: Insufficient policy enforcement in Cookies
* [Backport] CVE-2022-2855: Use after free in ANGLE
* [Backport] CVE-2022-2857: Use after free in Blink
* [Backport] CVE-2022-2853: Heap buffer overflow in Downloads
* Disable accelerated_2d_canvas for Intel drivers on Windows
* [Backport] CVE-2022-2605: Out of bounds read in Dawn (3/3)
* [Backport] CVE-2022-2605: Out of bounds read in Dawn (2/3)
* [Backport] CVE-2022-2605: Out of bounds read in Dawn (1/3)
* Native spellchecker: Fix it when enabled
* Fix build without spellcheck
* [Backport] Security bug 1264288
* [Backport] Security bug 1333970
* [Backport] Security bug 1343889
Pick-to: 6.4
Fixes: QTBUG-104640
Task-number: QTBUG-1053266
Change-Id: I9fec122a689bcdf0afdec482b7a60cb5f811543d
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
| |
Pick-to: 6.4
Change-Id: I7ef0ad616f2ea0fae482253335e95998aa2d360e
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
| |
Pick-to: 6.4
Change-Id: I217c87657f544a2e868de7291353ff1143e20902
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
| |
Pick-to: 6.4
Change-Id: I53e04a247a25149d9f29135484c0528c706de7d8
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
|
|
|
|
| |
Replace the current license disclaimer in files by
a SPDX-License-Identifier.
License files are organized under LICENSES directory.
Pick-to: 6.4
Task-number: QTBUG-67283
Change-Id: I869ffda1080e283f231eb0dc4477b260f2054d99
Reviewed-by: Jörg Bornemann <joerg.bornemann@qt.io>
|
|
|
|
|
|
|
|
|
| |
Disable chromium's uses of zoom for device scale factors.
Pick-to: 6.4 6.3
Fixes: QTBUG-101769
Change-Id: I9f2ae7122b59f5fbf8ffcaf8a92940792f4860c9
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
|
|
|
|
|
|
|
| |
Pick-to: 6.4 6.3 6.3.1
Task-number: QTBUG-104057
Change-Id: I4d6335acf646e574c6f7df6747a0ed3198f206d1
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
|
|
|
|
| |
QSG hasn't parsed and set the backend yet, so we do need to duplicate
the logic it will use later to make a proper detection.
Pick-to: 6.3
Fixes: QTBUG-103372
Change-Id: I542ef9f52dd2725d3ff6e17f9142786e43425ebd
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
|
|
|
| |
Add documentation file in doc dir, and add a related header as a
documented header file.
Pick-to: 6.3
Fixes: QTBUG-102743
Change-Id: Ibcbc39affe1915b0606e879a9ec5a1189f2d5aea
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
|
|
|
| |
Otherwise it will look like we are still vulnerable to
the critical CVEs
Change-Id: I205e4b5cb72021f56621772d36a27f9fa5dc340c
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
(cherry picked from commit 00e4a2ac3f694b5ec1999af3518f1c550b662057)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
|
|
|
|
|
| |
Change-Id: I607604f85a111a69da77ca949dddf3399b9721b3
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
|
|
|
|
|
| |
Change-Id: I40039658762b8788a0be57bd186efab71f3e4448
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Clean up the glType detection and do not set extra gl
related command parameters in case command line arguments
have already '--disable-gpu'.
Pick-to: 6.3
Task-number: QTBUG-100713
Change-Id: I5662a8c8fc64b38d483ed8349265f29f7ae0c5e4
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
After a14f2d59141e in qtbase library returned by GetModuleFileName
can be "opengl32sw.dll" or as in ci "opengl32sw.DLL" as
file extension is filled now by the winapi function.
Make comparison case insensitive.
Fixes: QTBUG-101084
Change-Id: I0816bbef21be40a786246ae9d43f031c5487a4f9
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
(cherry picked from commit 1a50992c2bb56825ab085b8d8343e1effc8a3e8d)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Submodule src/3rdparty 2aad1f40..7dba564e:
> Revert "[Backport] CVE-2022-0297: Use after free in Vulkan"
> [Backport] CVE-2022-0297: Use after free in Vulkan
> [Backport] Security bug 1292537
> [Backport] Security bug 1289394
> [Backport] Security bug 1289384
> [Backport] CVE-2022-0610: Inappropriate implementation in Gamepad API
> [Backport] CVE-2022-0609: Use after free in Animation
> [Backport] CVE-2022-0608: Integer overflow in Mojo
> [Backport] CVE-2022-0607: Use after free in GPU
> [Backport] CVE-2022-0606: Use after free in ANGLE
> [Backport] CVE-2022-0303: Race in GPU Watchdog
> [Backport] CVE-2021-4056: Type Confusion in loader
> [Backport] CVE-2022-0466: Inappropriate implementation in Extensions Platform (4/4)
> [Backport] CVE-2022-0466: Inappropriate implementation in Extensions Platform (3/4)
> [Backport] CVE-2022-0466: Inappropriate implementation in Extensions Platform (2/4)
> [Backport] CVE-2022-0466: Inappropriate implementation in Extensions Platform (1/4)
> [Backport] CVE-2021-4066: Integer underflow in ANGLE
> [Backport] Security bug 1268448
> [Backport] Security bug 1265570
> [Backport] Security bug 1252562
> [Backport] Security bug 1274113
> [Backport] CVE-2022-0470: Out of bounds memory access in V8
> [Backport] CVE-2022-0457: Type Confusion in V8
> [Backport] CVE-2022-0456: Use after free in Web Search
> [Backport] CVE-2022-0453: Use after free in Reader Mode
> [Backport] CVE-2022-0464: Use after free in Accessibility
> [Backport] Security bug 1261415
> [Backport] CVE-2021-4053: Use after free in UI
> [Backport] Security bug 1271747
> [Backport] CVE-2022-0468: Use after free in Payments (2/2)
> [Backport] CVE-2022-0468: Use after free in Payments (1/2)
> [Backport] CVE-2022-0461: Policy bypass in COOP
> [Backport] CVE-2022-0460: Use after free in Window Dialog
> [Backport] CVE-2022-0459: Use after free in Screen Capture
> [Backport] CVE-2022-0306: Heap buffer overflow in PDFium
> FIXUP: Keep the close button when "undocked", as we can dock differently
> Fix more windows build errors on build without jumbo
> FIXUP: Add missing include for Supplement
Change-Id: I82671c60c00c940c4943a0df4234ac7286e9c0dd
Pick-to: 6.3
Task-number: QTBUG-101051
Task-number: QTBUG-99099
Task-number: QTBUG-99720
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If there is no QTWEBENGINE_CHROMIUM_FLAGS env export we pass all args to
Chromium as "command line". However passing "-type=1" to qt application
with webenigne ends will crash since this arg is used for
sub-process type handling.
Prevent any accidental user args which can affect chromium switches
and from now on pass only args explicitly stated after "--webEngineArgs" option.
[ChangeLog] Command line arguments meant for webengine has to be now
stated after "--webEngineArgs" option.
Fixes: QTBUG-68820
Change-Id: I57b3921d2250f75d445ee7173566dadc41e4ca93
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
|
|
|
|
|
|
|
|
|
| |
Log context before initialization as it can fail/crash and
we do not see what failed.
Pick-to: 6.3 6.2
Change-Id: Ib47906c25bf8fb55c6c043ba5fadce9b354a87fc
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
|
|
|
|
|
|
|
|
|
| |
We used to have this, but it got dropped at some point in an adaptions.
Pick-to: 6.3 6.2 6.2.3 5.15
Fixes: QTBUG-99263
Change-Id: I3bf86a1b42edca0cd792723c85d7dcb7877fea37
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
|
| |
Correct the debug output and remove references to dead code like ANGLE.
Pick-to: 6.3
Change-Id: I261ecf23a200c4328ea79514f7f75fce991960f5
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
| |
Change-Id: I9fb8998a3a7762b0aea70993ca231f0bbf4f7761
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
| |
Change-Id: I1849c130ca75615802744275f6e4212a755c39b4
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
| |
Change-Id: Ie0236697615fd67e4f53df3dca013ce39628cc29
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It seems accessing accessibility from qt post routines ends
badly since caches are gone already.
Add closingDown() function to web context, which is similar to
QCoreApplication::closingDown(), however return true on
post routine.
Guard delete accessibility calls.
Note the widget part is not necessary, but added for completeness,
since only qml can release profiles due to garbage collection.
Fixes: QTBUG-90904
Pick-to: 6.2 6.2.2 5.15
Change-Id: Ic0e7115cd17eb58f3d58f70fefbc197dfb7a6493
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
|
|
|
|
|
|
|
|
| |
This should enable use of system DoH settings on macOS and Windows
Task-number: QTBUG-98284
Change-Id: Iab019e46341f55146224df6830bc7902db85ff40
Reviewed-by: Kirill Burtsev <kirill.burtsev@qt.io>
|
|
|
|
|
|
|
|
|
|
| |
The network-service isn't sandboxed anyway, so there is no added
security by the process separation.
Pick-to: 6.2 5.15
Fixes: QTBUG-84105
Change-Id: Ie3fbda26f0cf8f31166b37a8537b7e1b6d11b560
Reviewed-by: Kirill Burtsev <kirill.burtsev@qt.io>
|
|
|
|
|
|
|
|
|
|
| |
QtBase should be disabling it now, if not supported.
Pick-to: 6.2
Change-Id: I79bae11764d3cbaba1ae1e0987bf0a472eee3325
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Reviewed-by: Tor Arne Vestbø <tor.arne.vestbo@qt.io>
|
|
|
|
|
|
|
|
| |
Unfortunately it requires manual updating, unless we agree on a separate
place to store it.
Change-Id: Ib150afec05005b05b254ef5aeb143f5187ea969d
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
By mistake opengl was marked as required library, but
should be just optional.
Fix compilation issues.
This should enable build on yet another coin node.
Pick-to: 6.2
Change-Id: Id87404928e6b042d902fcfe0a7fed99a6806456f
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
| |
Pick-to: 6.2
Change-Id: I120f4e4e167d621efb6c13f5d16cc13134540352
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It is bound to disappear from Chromium sooner or later, and is more
secure turned off.
[ChangeLog] Page content may no longer navigate to data-urls, if this
is needed we recommend using custom-url schemes instead or force old
behavior using
--enable-features=AllowContentInitiatedDataUrlNavigations,
though the feature switch may be removed in any later update.
Pick-to: 6.2
Change-Id: I9398f54bcb49dce90afa049b2a2f4acf6f9810f7
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
|
|
|
|
|
|
|
|
| |
Assuming they work now.
Pick-to: 6.2
Change-Id: I98623dbee34cd2749999c43a596decceecd1fd5b
Reviewed-by: Kirill Burtsev <kirill.burtsev@qt.io>
|
|
|
|
|
|
| |
Pick-to: 6.2
Change-Id: I8402b044d8e12d75e144a00984b856f3de10bffd
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Make default profile otr, this prevents accessing
data cache which could be created by older other
version of Chromium. Allow to register a protocol
handler on ort profile.
[ChangeLog][QtWebEngineCore] Default profile is off-the-record
Off-the-record profile can have registered protocol handlers.
Task-number: QTBUG-66068
Pick-to: 6.2
Change-Id: Ief202de5c6734d293cb64d83ad447b1eba19e9a4
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
| |
Pick-to: 6.2
Fixes: QTBUG-88105
Change-Id: Ib694736996d6abb6b43f0cf7a5ba010bef76fe33
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
| |
Pick-to: 6.2
Change-Id: Ia855e60e74f79a5750e68f2b97ccba1e747a3ef6
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
| |
This is followup change for QtWebEngineQuick rename.
[ChangeLog][QtWebEngineQuick] Use namespace QtWebEngineQuick
QtWebEngine::initialize() is now QtWebEnigneQuick::initialize()
Pick-to: 6.2
Change-Id: I90acab04ff0240b399a863c88eff915efa360f6f
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
| |
Fix cmake for windows builds and add QtWebEngineSandbox target.
Task-number: QTBUG-91760
Change-Id: If962a81ddfb509d104ad8ffbfbf34f1150ae82ce
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
| |
It can be separate from Qt version.
Change-Id: I28e0ef0d715e3cdf89880931dfa519736100e2fc
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
|
|
|
|
|
| |
Change-Id: Ie66e95dbb9fbcafe961bb98d5c277f8c32d66b96
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
|\
| |
| |
| | |
Change-Id: I0dd7c64669f4b130047a4a3836f62f7ee5b5f8d9
|
| |
| |
| |
| |
| | |
Change-Id: I438cbbfe52617ac0fff3a954ea35a9b48fd14625
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When destroying WebEngineProile we send notifications like
content::BrowserContext::NotifyWillBeDestroyed, this works well
with global profile where there is no more render process around,
moreover we still pump ui messages before we destroy profile. However,
with user profiles we destruct BorwserContext and there can be still
RenderProcessHost using it. Flush messages before running
BrowserContext destructor.
Change-Id: I4d8cda2bc1e2ae3dc0781bf3570a36db7d07223a
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|\|
| |
| |
| | |
Change-Id: Idee0142b0e33fdf8ca663f1ef1bcd8b932985043
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The corresponding WebUI is chrome://webrtc-logs
It only makes sense with the hangout services extension. It seems to be
only useable with meet.google.com. The behavior is same for Chrome.
Uploading logs to Google is disabled in the Chromium patch. It is an
extension API functionality. The WebUI only lists the previously
generated logs.
Pulls in the following changes:
1dda5314b02 Enable webrtcLoggingPrivate extension API for hangout extension
7d71aca116d FIXUP: Enable webrtcLoggingPrivate extension API for hangout extension
Change-Id: I455fce7c8081e71967e55ab1f889df6ef91ed253
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|\|
| |
| |
| |
| |
| | |
Including update to 87-based
Change-Id: I36b6054e00de97ab055d0bc800cff08d0408fac6
|
| |
| |
| |
| |
| | |
Change-Id: Ic4ffd98e02f986dbaf986405360e727c813e696e
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
|