From 56ba5c9789700433b469ee9a3057eaeabad64d54 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michael=20Br=C3=BCning?= Date: Wed, 1 Dec 2021 19:34:05 +0100 Subject: Update Chromium Submodule src/3rdparty 8c0a9b44..bfc2de04: > [Backport] CVE-2021-37996 : Insufficient validation of untrusted input in Downloads > [Backport] CVE-2021-38001 : Type Confusion in V8 > [Backport] Security bug 1252858 > [Backport] CVE-2021-37989 : Inappropriate implementation in Blink > [Backport] Dependency for CVE-2021-37989 > [Backport] CVE-2021-38022: Inappropriate implementation in WebAuthentication > [Backport] CVE-2021-38012: Type Confusion in V8 > [Backport] CVE-2021-38010: Inappropriate implementation in service workers > [Backport] CVE-2021-38021: Inappropriate implementation in referrer > [Backport] CVE-2021-38005: Use after free in loader (3/3) > [Backport] CVE-2021-38005: Use after free in loader (2/3) > [Backport] CVE-2021-38005: Use after free in loader (1/3) > [Backport] CVE-2021-38019: Insufficient policy enforcement in CORS > [Backport] CVE-2021-38007: Type Confusion in V8 > [Backport] CVE-2021-38017: Insufficient policy enforcement in iframe sandbox > [Backport] CVE-2021-38009: Inappropriate implementation in cache > [Backport] Dependency for CVE-2021-38009 > [Backport] CVE-2021-38015: Inappropriate implementation in input > [Backport] CVE-2021-38018: Inappropriate implementation in navigation > Revert "Stop orphan child processes from staying alive on Windows" > Fix stack overflow on gpu channel recreate with an error > [Backport] Security bug 1245870 > [Backport] CVE-2021-37993 : Use after free in PDF Accessibility > [Backport] CVE-2021-37984 : Heap buffer overflow in PDFium > [Backport] CVE-2021-37992 : Out of bounds read in WebAudio > [Backport] CVE-2021-37987 : Use after free in Network APIs > [Backport] CVE-2021-38003 : Inappropriate implementation in V8 > [Backport] CVE-2021-3541 libxml2: Exponential entity expansion attack bypasses all existing protection mechanisms > [Backport] CVE-2021-3517: libxml2: Heap-based buffer overflow in xmlEncodeEntitiesInternal() in entities.c Task-number: QTBUG-98854 Fixes: QTBUG-98855 Fixes: QTBUG-98400 Fixes: QTBUG-98401 Change-Id: Idb07729bf45ed59eb8163186925095e1a1e30318 Reviewed-by: Michal Klocek --- CHROMIUM_VERSION | 2 +- src/3rdparty | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/CHROMIUM_VERSION b/CHROMIUM_VERSION index 55d7ab8ca..334d6dcb4 100644 --- a/CHROMIUM_VERSION +++ b/CHROMIUM_VERSION @@ -1,2 +1,2 @@ Based on Chromium version: 87.0.4280.144 -Patched with security patches up to Chromium version: 94.0.4606.61 +Patched with security patches up to Chromium version: 96.0.4664.45 diff --git a/src/3rdparty b/src/3rdparty index 8c0a9b445..bfc2de040 160000 --- a/src/3rdparty +++ b/src/3rdparty @@ -1 +1 @@ -Subproject commit 8c0a9b4459f5200a24ab9e687a3fb32e975382e5 +Subproject commit bfc2de04055f445a30806545f343abd3d3c972f8 -- cgit v1.2.3