From 35aa6c30f0e766b8825519e04242b7a4c93b6e0e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20Br=C3=BCning?= <michael.bruning@qt.io>
Date: Tue, 24 Mar 2020 10:16:30 +0100
Subject: Update Chromium

Pulls in the following changes:

ab79f5394af [Backport] CVE-2020-6426: Inappropriate implementation in V8.
c110d4f93df [Backport] CVE-2020-6422: Use after free in WebGL.
8f4cef2a9d9 [Backport] CVE-2020-6427: Use after free in audio.
72d0936150f [Backport] CVE-2020-6428: Use after free in audio.
2a9a1c057d8 [Backport] CVE-2020-6429: Use after free in audio.
9aabebeb69b [Backport] CVE-2020-6449: Use after free in audio.
6c9be50c2d9 [Backport] CVE-2019-20503: Out of bounds read in usersctplib

Task-number: QTBUG-81909
Change-Id: I15d5a786db945202f8577e894e9f0e1fb6bf6086
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
---
 dist/changes-5.14.2 | 15 +++++++++++----
 src/3rdparty        |  2 +-
 2 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/dist/changes-5.14.2 b/dist/changes-5.14.2
index 17c784815..3cf48a4f4 100644
--- a/dist/changes-5.14.2
+++ b/dist/changes-5.14.2
@@ -54,6 +54,7 @@ Chromium
     * CVE-2019-19925 - Multiple vulnerabilities in SQLite
     * CVE-2019-19926 - Inappropriate implementation in SQLite
     * CVE-2019-18197 - Multiple vulnerabilities in XML
+    * CVE-2019-20503 - Out of bounds read in usersctplib
     * CVE-2020-6381 - Integer overflow in Javascript
     * CVE-2020-6383 - Type confusion in V8
     * CVE-2020-6384 - Use after free in WebAudio
@@ -70,19 +71,25 @@ Chromium
     * CVE-2020-6396 - Inappropriate implementation in Skia
     * CVE-2020-6398 - Uninitialized use in PDFium
     * CVE-2020-6399 - Insufficient policy enforcement in AppCache
+    * CVE-2020-6400 - Inappropriate implementation in CORS
+    * CVE-2020-6401
     * CVE-2020-6404 - Inappropriate implementation in Blink
     * CVE-2020-6405 - Out of bounds read in SQLite
     * CVE-2020-6406 - Use after free in audio
+    * CVE-2020-6407 - Out of bounds memory access in streams
     * CVE-2020-6410 - Insufficient policy enforcement in navigation
+    * CVE-2020-6411
     * CVE-2020-6412 - Insufficient validation of untrusted input in Omnibox
     * CVE-2020-6413 - Inappropriate implementation in Blink
     * CVE-2020-6415
-    * CVE-2020-6400 - Inappropriate implementation in CORS
-    * CVE-2020-6401
-    * CVE-2020-6407 - Out of bounds memory access in streams
-    * CVE-2020-6411
     * CVE-2020-6418 - Type confusion in V8
     * CVE-2020-6420 - Insufficient policy enforcement in media
+    * CVE-2020-6422 - Use after free in WebGL.
+    * CVE-2020-6426 - Inappropriate implementation in V8.
+    * CVE-2020-6427 - Use after free in audio.
+    * CVE-2020-6428 - Use after free in audio.
+    * CVE-2020-6429 - Use after free in audio.
+    * CVE-2020-6449 - Use after free in audio.
     * Security bug 925035
     * Security bug 1016038
     * Security bug 1016506
diff --git a/src/3rdparty b/src/3rdparty
index f7ffd2f7d..6c9be50c2 160000
--- a/src/3rdparty
+++ b/src/3rdparty
@@ -1 +1 @@
-Subproject commit f7ffd2f7dffd911e37f6a638bb410bd71da23491
+Subproject commit 6c9be50c2d901e66119679155fb3c7c9200448d1
-- 
cgit v1.2.3