| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
| |
Chromium gl bindings headers get mixed with qt opengl headers.
This results in GLDEBUGPROC missing definition errors.
Fixes compilation for apalis-imx6 on zeus.
Task-number: QTBUG-88219
Change-Id: I0a18ceff3336ab457c2d9f35ef17c28c01bbe035
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Including security issue under active exploit.
Submodule src/3rdparty 55b3d183..fb6ab5e4:
> [Backport] Security bug 1137608
> [Backport] CVE-2020-16011: Heap buffer overflow in UI on Windows.
> [Backport] CVE-2020-16009: Inappropriate implementation in V8
> [Backport] CVE-2020-16008: Stack buffer overflow in WebRTC
> [Backport] CVE-2020-16005: Insufficient policy enforcement in ANGLE
> Fix assert when running tests build with -no-webengine-webrtc
Change-Id: Ic9ee45fbd78c999881454e5e0e3091489f637aae
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Desktop audio capture requires loopback device. If creation of the
loopback device fails, it aborts the screen capture too.
Chromium does not support audio loopback on Linux and macOS:
https://crbug.com/223639
This is still the case in Chrome 88.
The fix is based on: https://codereview.chromium.org/24153018
Change-Id: Ifb13bce3b79193203c0bf52e1f2a1b3936e017c7
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pulls in the changes:
2cad1d38b57 [Backport] CVE-2020-6540: Heap buffer overflow in Skia
e1f5ffc2a12 [Backport] CVE-2020-6569: Integer overflow in WebUSB
75b417b86b4 [Backport] CVE-2020-6570: Side-channel information leakage in WebRTC
0785cd83782 [Backport] CVE-2020-6573: Use after free in video
3ddb1e9639a [Backport] CVE-2020-6575: Race in Mojo
e967bb155a0 [Backport] CVE-2020-6576: Use after free in offscreen canvas
40cebfb3051 [Backport] CVE-2020-15959: Insufficient policy enforcement in networking
405e7526583 [Backport] CVE-2020-15965: Out of bounds write in V8
295feb590b1 [Backport] CVE-2020-15963 and CVE-2020-15966
43812fd40d4 [Backport] CVE-2020-15961: Insufficient policy enforcement in extensions
08a25bf9dd2 Only upgrade to WebSocket when WebSocket was requested
2f75c909270 [Backport] CVE-2020-15962: Insufficient policy enforcement in serial
06afd03d826 [Backport] CVE-2020-15960: Out of bounds read in storage
9e5518f06ad [Backport] Security bug 1111149
b627f77e859 [Backport] CVE-2020-15964: Insufficient data validation in media
bc35c7711ad Fix assert when checking if RendererAppContainer feature is enabled
06b27f95d60 [Backport] CVE-2020-6571: Incorrect security UI in Omnibox
8227b9613d1 CVE-2020-15999: Heap buffer overflow in freetype
cc1e87a0d71 [Backport] CVE-2020-15978 Insufficient data validation in navigation
308da5d58b4 [Backport] CVE-2020-15969: Use after free in WebRTC.
9f5fde5b649 [Backport] CVE-2020-15968: Use after free in Blink
97b92535b31 [Backport] CVE-2020-15972: Use after free in audio.
873abc1112c [Backport] CVE-2020-15979: Inappropriate implementation in V8.
c0343ceec47 [Backport] CVE-2020-15976: Use after free in WebXR
e874d48f9e6 [Backport] CVE-2020-15992 Insufficient policy enforcement in networking
956ce06c56c [Backport] CVE-2020-15974: Integer overflow in Blink
4662223422d [Backport] Security bug 1125199
74e26aab318 [Backport] Security bug 1107824
33e9e655166 [Backport] CVE-2020-15977: Insufficient data validation in dialogs.
f6db4999b0e [Backport] CVE-2020—15973: Insufficient policy enforcement in extensions (1/2)
466da17a0cd [Backport] CVE-2020—15973: Insufficient policy enforcement in extensions (2/2)
027c3d7bae7 [Backport] CVE-2020-15989: Uninitialized Use in PDFium
14e9b6f6d3a [Backport] CVE-2020-16003: Use after free in printing
8527c994fe3 [Backport] CVE-2020-16002: Use after free in PDFium
4f461642a79 [Backport] CVE-2020-16001: Use after free in media.
99877493b32 Fixup: [Backport] CVE-2020-16001: Use after free in media
489d6e637e5 [Backport] CVE-2020-15987: Use after free in WebRTC (1/2)
6ef8f4ed829 [Backport] CVE-2020-15987: Use after free in WebRTC (2/2)
9d173d02d5e [Backport] Security bug 1106091
327474aed0e [Backport] CVE-2020-6557: Inappropriate implementation in networking
55b3d183921 [Backport] CVE-2020-15985: Inappropriate implementation in Blink.
Task-number: QTBUG-87967
Change-Id: Ibca52ab97ac407679e4bac5c6b7dc2285f8bcd37
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
| |
Uses percentage encoded utf8.
Task-number: QTBUG-85363
Change-Id: Idabe6ff9a66897792732b9ebb648f54a84e86bb8
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
|
|
|
|
|
|
|
|
| |
Add error message when trying to launch QtWebEngineProcess
from network share if sandbox is enabled.
Task-number: QTBUG-84632
Change-Id: Ia7d5df38accf60eafe8fb4d43dab3db4d2d51287
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
| |
Do not look up fallback values before they are needed.
Change-Id: I8bb21e261e8d218c658ac2a08e3cdc30b2cea47d
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
| |
Task-number: QTBUG-87129
Change-Id: Id98aa1e8c839c06022fbc633c0b64c7681205349
Reviewed-by: Florian Bruhin <qt-project.org@the-compiler.org>
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
|
|
|
|
|
|
|
| |
Fix typo which surprisingly gives no errors with archiver,
however generated archives are bogus (at lest with lld)
Change-Id: Iea1e22c66eb99a720b398c5903b56938b309905f
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
| |
If the PDF is not loaded before it jumps to the image then it fails
to jump to the specified page and ends up showing the first one.
Change-Id: I6061431e1fd9b743afaca3df0aec03dc6a1144bf
Reviewed-by: Shawn Rutledge <shawn.rutledge@qt.io>
(cherry picked from commit e2e249b8bb399ef7bcf6fe3be0b4f2fc9fa18182)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
|
|
|
|
|
|
|
|
|
| |
Chromium will recreate the original mapping based on the native keycode,
breaking any remapping.
Fixes: QTBUG-86672
Change-Id: I4b7e6f7434049cdf7250bee1ef759a9df4d4987c
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
|
|
|
|
|
|
|
| |
The QIcon::pixmap function does internal scaling messing up our
intermediate structures.
Change-Id: I727efd58a4cc948fa3e4b23539d97e8ca755d060
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pulls in the following changes:
8776c7b2c15 [Backport] Security bug 1052492
22d88d240bc [Backport] CVE-2020-6533: Type Confusion in V8.
3c832d33641 [Backport] CVE-2020-6532: Use after free in SCTP
388b838dbb3 [Backport] CVE-2020-6541: Use after free in WebUSB
27fa668c5ee [Backport] Security bug 1102408
d3a76ebde8e [Backport] CVE-2020-6542: Use after free in ANGLE
4694a85f33e [Backport] CVE-2020-6543: Use after free in task scheduling
583f976f9a7 [Backport] CVE-2020-6544: Use after free in media
fa97385b501 [Backport] CVE-2020-6548: Heap buffer overflow in Skia
32655453cd7 [Backport] CVE-2020-6549: Use after free in media
ddcf711e69e [Backport] CVE-2020-6550: Use after free in IndexedDB
6a0f49a17b0 [Backport] CVE-2020-6551: Use after free in WebXR
b385b7bbbe4 [Backport] CVE-2020-6545: Use after free in audio
fe23e656183 [Backport] CVE-2020-6559: Use after free in presentation API
4466538c610 [Backport] Security issue 1102137
c3d07802d40 [Backport] Security issue 1108639
b1c7638148b [Backport] Security issue 1098860
011af517d81 [Backport] CVE-2020-6555: Out of bounds read in WebGL
273005ea959 [Backport] Security bugs 1087629 and 1029569
bdb438eff33 [Backport] Dependency for CVE-2020-6561 (1/2)
c223f423808 [Backport] Dependency for CVE-2020-6561 (2/2)
607bff335b1 [Backport] CVE-2020-6561: Inappropriate implementation in Content Security Policy
ed4b6792e13 [Backport] CVE-2020-6562: Insufficient policy enforcement in Blink
c5637fa9071 [Revert] [build] Remove jumbo build configs
Task-number: QTBUG-86342
Change-Id: I7ad617e1c617ef405a608e05cdafbfae5ad412fa
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Amends commit 99a668c324. Task 'swapBuffersOnVizThread' is supposed to
be scheduled only when m_middleBuffer is ready after swap on gpu thread.
Checking for m_taskRunner is not enough to verify this. Call to
updatePaintNode may come from SG backend on expose event, thus breaking
expected sequence of buffers swaps.
Task-number: QTBUG-85817
Fixes: QTBUG-86599
Change-Id: Ia97a7a24b5672a2979b514d3cb4879e7630941eb
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
|
|
|
|
|
|
|
| |
Add the missing implementation of
ContentRendererClient::IsOriginIsolatedPepperPlugin().
Change-Id: Ic4157da6b373450e620ff46faedad213a69adfec
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
| |
Change-Id: I81111633fb0050f75e49c8bee0354436ecec533a
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
(cherry picked from commit 17cab42bf68ee70f641718a144f864eb04042aa4)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
|
|
|
|
|
|
|
|
| |
Widget API already ignores these cases.
This would cause a crash for fatal certificate errors after 83-based.
Change-Id: I3e80bb12f023f22e330218a5b20f3e267bb237dc
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Can be reproduced with quicknanobrowser by
1. Open devtools
2. Switch to OTR mode
During the switch to OTR mode, the inspected WebContentsAdapter is
destroyed and recreated. DevToolsFrontendQt is supposed to call
devToolsFrontendDestroyed on the old WebContentsAdapter, but it
accesses this adapter through QQuickWebEngineViewPrivate's
webContentsAdapter() which has already been changed to the new value,
so devToolsFrontendDestroyed is actually called on the wrong object.
Fix by remembering the WebContentsAdapter pointer in the
DevToolsFrontendQt constructor.
Change-Id: I17004ebb1a392399ef3e189c433d3f4b3f05bfd3
Reviewed-by: Tamas Zakor <ztamas@inf.u-szeged.hu>
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
| |
And update another error that is now better in its other description.
Change-Id: I1b35db2196d05bb35d4c2e1e702fadb430e784c1
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pulls in the changes:
b1c7f4dd221 [Backport] CVE-2020-6510: Heap buffer overflow in background fetch
9a1f5aa55bf [Backport] CVE-2020-6511: Side-channel information leakage in CSP (1/2)
65a41d539be [Backport] CVE-2020-6511: Side-channel information leakage in CSP (2/2)
c7659e61424 [Backport] CVE-2020-6512: Type Confusion in V8 (1/2)
c3dda9b1ba0 [Backport] CVE-2020-6512: Type Confusion in V8 (2/2)
b6707b23089 [Backport] CVE-2020-6512: Type Confusion in V8 (3/3)
0ea2066f022 [Backport] CVE-2020-6514: Inappropriate implementation in WebRTC
9c0fcb08ccc [Backport] CVE-2020-6518: Use after free in developer tools
cf40f91b1a1 [Backport] CVE-2020-6523: Out of bounds write in Skia
ed4112559e3 [Backport] CVE-2020-6513: Heap buffer overflow in PDFium
6f57596692e [Backport] CVE-2020-6524: Heap buffer overflow in WebAudio
33ea34381ce [Backport] CVE-2020-6526: Inappropriate implementation in iframe sandbox
49583b1502a [Backport] CVE-2020-6529: Inappropriate implementation in WebRTC
d4576fb0757 [Backport] CVE-2020-6535: Insufficient data validation in WebUI
0998aa1143f [Backport] Security bug 1090543
98883838595 [Backport] CVE-2020-6530: Out of bounds memory access in developer tools
1be41cad096 [Backport] CVE-2020-6531: Side-channel information leakage in scroll to text
71896380867 [Backport] Security bug 1065731
3f13f72f337 [Backport] Security bug 1065122
c8109013cc7 [Backport] CVE-2020-6534: Heap buffer overflow in WebRTC
Change-Id: Idd5bf0023c013bf94ebae552b27932a14ddb86d2
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
| |
Most of the includes were included twice
Change-Id: Ie2967e9d8ef4799c28a856ade7318d24bac391c6
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
| |
Change-Id: I63ed851426b18623d549ceaf87f1b6eeec527966
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
|
|
|
|
| |
Change-Id: Ie422b327025da084bc8038c7a0aadee2db801f29
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
|
|
|
|
|
|
| |
Change-Id: I1b056a61e2b56b19441f559e97f785c87df61a0c
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
(cherry picked from commit b00af13974b2c72ae4d397fbdf5925181e7cc1bf)
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
|\
| |
| |
| | |
Change-Id: Ieb546ccd35db06e8ad6358b11e3139a839c9b4cf
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Submodule src/3rdparty 4e0b66a6..62bc4758:
> [Backport] Security issue 1098860
> [Backport] Security issue 1108639
> [Backport] Security issue 1102137
> [Backport] CVE-2020-6559: Use after free in presentation API
Change-Id: Ifa6ba52fa2d760b20e3b36abb10adaca0fc79cf8
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Otherwise unchanged intercepted request leads to second call
in the same interceptor but on ui thread after io thread.
Ammends a05bb73747.
Fixes: QTBUG-86267
Change-Id: I4e7c662d24a58be5445f5c8b6d0bf3751f40cc05
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |
| |
| |
| |
| |
| |
| | |
* e31cc67a44d Fix neon support in libpng
Change-Id: Ib06498f303106d113cc3b4c5b70d20685c9e6b9f
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This supposed to be covered by ff50fbf but got lost in
following patchsets and static ios build did not complain
about it.
Change-Id: Ie4e34dc12d942442824ba1f0e3483bed682b3157
Reviewed-by: Shawn Rutledge <shawn.rutledge@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Suppress duplicated progress values coming from chromium.
Verify this behavior reliably (and not only 0 and 100 value) by loading html
with subresources with minor delay through test http server.
Change-Id: Id034dda9012212d54d12fc95d5939ba301577c1c
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The ScopedGLContextChecker, which deactivates the current
QOpenGLContext when executing Chromium tasks, is currently enabled
only if QOpenGLContext::supportsThreadedOpenGL() is false. But the gpu
thread can nowadays be disabled also with an environment variable and
ScopedGLContextChecker needs to take this into account.
Change-Id: I012524538b49b033ed053dbc41ed4350db916542
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
(cherry picked from commit 5988cec1a1b59aa163042a419c4c2e978bb814bb)
|
|/
|
|
|
|
|
|
|
|
|
|
| |
This is the case when the WebEngineNewViewRequest.openIn()
is not called on newViewRequested().
For example, when opening the view source from context
menu in quick minimal example.
Fixes: QTBUG-85494
Change-Id: I7c1ae53684361de459b2f268e471904e632821b0
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
| |
At least turns our support off on html5test.com
Change-Id: Ic82800b0efb70bb5589f7544b851ebcd64000105
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
|
|
|
|
|
|
|
|
|
| |
Was enabled for all platforms except windows using MSVC, but
compiles just fine for us.
Fixes: QTBUG-86092
Change-Id: Ib15d94c36b8a411dd5eab01843db1a3666ac370f
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
|
|
|
| |
Submodule src/3rdparty c153fafb..4e0b66a6:
> Remove blocking of proper fixes
> Fix bison 3.7
Fixes: QTBUG-85835
Change-Id: If3b77c7db6203ccd0137ea381c927bd09cede505
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
|
|
|
|
|
|
|
| |
Also violates modern Qt code style
Change-Id: Ibb12b6db18bbd2669377abe1d25034ed69a86389
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
|
|
|
|
|
|
|
|
|
| |
This pulls in the following changes:
c153fafb306 Fix invalid dbus bus name error in MPRIS
Fixes: QTBUG-85626
Change-Id: I7913a1caede7041632b1c070152f54a848c063ab
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The buffer pointers m_middleBuffer and m_frontBuffer are swapped in
updatePaintNode on the condition that m_middleBuffer is non-null and
it's serviceId non-zero. But neither m_middleBuffer nor it's serviceId
is immediately cleared, leaving the possibility that a subsequent call
to updatePaintNode could swap the buffer pointers again if this call
occurs before m_middleBuffer is cleared in swapBuffersOnVizThread. The
m_taskRunner pointer is however cleared immediately and therefore the
subsequent call to updatePaintNode will trigger a segmentation fault.
Since m_taskRunner precisely tracks the condition when we should or
should not swap, change the swap condition to simply require that
m_taskRunner is non-null.
Fixes: QTBUG-85817
Change-Id: Iad89bb0f4de7c0c151d5c5bd63ac74ab6cdd9087
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pulls in the changes:
6b7ceb6afd9 Fix debug-info in MSVC developer-builds
563e0a1cd4f [Backport] CVE-2020-6542: Use after free in ANGLE
c16701ae892 [Backport] CVE-2020-6543: Use after free in task scheduling
10efe0032f2 [Backport] CVE-2020-6544: Use after free in media
69a85eaabf2 [Backport] CVE-2020-6548: Heap buffer overflow in Skia
d2f5e4d3a25 [Backport] CVE-2020-6549: Use after free in media
0eed9609606 [Backport] CVE-2020-6550: Use after free in IndexedDB
f7859651865 [Backport] CVE-2020-6551: Use after free in WebXR
3cebf422618 [Backport] CVE-2020-6555: Out of bounds read in WebGL
30a0c954b97 [Backport] CVE-2020-6545: Use after free in audio
Task-number: QTBUG-85606
Change-Id: I1f591d722380fbcfb91565b90a6f4cbb7227b266
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
|
| |
It appears we are no longer presented with pages using these, so match
Chrome and Chromium 80 defaults.
Change-Id: Ie270c2bee9b81f898c7dab9e6d4dad02636c17cc
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
|
|
| |
We were missing the combined test after Chromium introduced the new
enums.
Fixes: QTBUG-85890
Change-Id: Id7bb7f05635c64c271e12a12f2409eedc22a9605
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Submodule src/3rdparty 8a0c6063..84f63010:
> [Backport] CVE-2020-6540: Heap buffer overflow in Skia
> Fix webrtc build with GCC 10
> FIXUP: [Backport] CVE-2020-6493: Use after free in WebAuthentication
> [Backport] Handle invalid type mixing in CSS clamp()
> [Backport] CVE-2020-6493: Use after free in WebAuthentication
> [Backport] Security bug 1087158
Change-Id: I1289579cbe81cd4bee9cf49103dc384f81913888
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
|
| |
We only need the QSslCertificate which is always available.
Task-number: QTBUG-85117
Change-Id: I32e2034060e610ac049d8e3b2a03660e9bf7e7a4
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pulls in the changes:
cc32214f8dc [Backport] Security bugs 1087629 and 1029569
1cf3807d934 [Backport] Security bug 1052492
a5e8bd5e8c9 [Backport] CVE-2020-6533: Type Confusion in V8.
da24a7f8bcb [Backport] CVE-2020-6532: Use after free in SCTP
e402452015f [Backport] CVE-2020-6541: Use after free in WebUSB
8a0c6063c5b [Backport] Security bug 1102408
Task-number: QTBUG-85606
Change-Id: I7a17702c7290e135bcdc3074c27e8fc89a6ac4c9
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Submodule src/3rdparty 0a4240a9..4a996760:
> Fix building FIDO with gcc5
> [Backport] CVE-2020-6512: Type Confusion in V8 (3/3)
Fixes: QTBUG-85117
Task-number: QTBUG-54720
Change-Id: I074831454b469c17a71f2ca75a075ee48157970d
Reviewed-by: Tamas Zakor <ztamas@inf.u-szeged.hu>
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
|
|
|
|
|
|
| |
It is just a file path. Fixes qmake linking when chromium changes.
Change-Id: Ib2f0976a6dc3c90c415b69e1876706bc2397d134
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pulls in the changes:
7e405525e92 [Backport] CVE-2020-6530: Out of bounds memory access in developer tools
99fe8bdb44a [Backport] CVE-2020-6531: Side-channel information leakage in scroll to text
52367e8e753 [Backport] Security bug 1065731
d61a4348c47 Fix WebAuth build
9222c8b73ab [Backport] Security bug 1054229
c3d5696193a [Backport] Security bug 1065122
9b27a193c63 [Backport] Dependency for CVE-2020-6534
0b8e0d451a3 [Backport] CVE-2020-6534: Heap buffer overflow in WebRTC
0a4240a9c42 FIXUP: Fix WebAuth build
Task-number: QTBUG-85606
Change-Id: I2995f9c3ea4b63fc8af1699a377c2d74359c67a8
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
| |
Fixes: QTBUG-85661
Change-Id: I7cd8ed534d94d6be06f77b9b2d1779905655e772
Reviewed-by: Kirill Burtsev <kirill.burtsev@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When doing builds we use rsp files also for archives.
For static builds this would require to install rsp file.
Since static builds are possible only for qtpdf with small amount
of archives simply do not use rsp files for archives.
Cleanup linker parameters so prl files do not point object
rsp files (do not use LIBS_PRIVATE in that case).
Task-number: QTBUG-85616
Change-Id: I165610e418f162c16fcfa7056af3344b80f60c05
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
| |
Change-Id: Ib06a0a1ec3372d483008cc0ac0ec211ec8316e0e
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|