From ee3252238c200d84461d5da71bb413b798c117f3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20Br=C3=BCning?= <michael.bruning@qt.io>
Date: Tue, 23 Nov 2021 11:58:33 +0100
Subject: Update Chromium

Submodule src/3rdparty 6ae16282af..39aa0ea99a:

  > CVE-2021-38022: Inappropriate implementation in WebAuthentication
  > CVE-2021-38015: Inappropriate implementation in input
  > CVE-2021-38019: Insufficient policy enforcement in CORS
  > CVE-2021-38009: Inappropriate implementation in cache
  > Dependency for CVE-2021-38009
  > CVE-2021-38010: Inappropriate implementation in service workers
  > CVE-2021-38005: Use after free in loader (3/3)
  > CVE-2021-38005: Use after free in loader (2/3)
  > CVE-2021-38005: Use after free in loader (1/3)
  > CVE-2021-38007: Type Confusion in V8
  > CVE-2021-38017: Insufficient policy enforcement in iframe sandbox
  > CVE-2021-38012: Type Confusion in V8
  > Fixup for CVE-2021-38018: Inappropriate implementation in navigation
  > CVE-2021-38018: Inappropriate implementation in navigation
  > CVE-2021-38021: Inappropriate implementation in referrer
  > CVE-2021-3541 libxml2: Exponential entity expansion attack bypasses all existing protection mechanisms
  > CVE-2021-3517: libxml2: Heap-based buffer overflow in xmlEncodeEntitiesInternal() in entities.c
  > CVE-2021-38001 : Type Confusion in V8
  > Security bug 1252858
  > CVE-2021-38003 : Inappropriate implementation in V8
  > CVE-2021-37996 : Insufficient validation of untrusted input in Downloads
  > CVE-2021-37989 : Inappropriate implementation in Blink
  > CVE-2021-37987 : Use after free in Network APIs
  > Security bug 1245870
  > CVE-2021-37992 : Out of bounds read in WebAudio
  > CVE-2021-37993 : Use after free in PDF Accessibility
  > Security bug 1241912
  > CVE-2021-37984 : Heap buffer overflow in PDFium
  > Fix build with Win10 21H1 SDK and Win11 SDK

Change-Id: Ie208cc60c8c65c37ddf0d727fe7e1e315e538255
Task-number: QTBUG-98400
Task-number: QTBUG-98401
Task-number: QTBUG-98523
Fixes: QTBUG-98522
Pick-to: 6.2 6.2.2
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
---
 src/3rdparty | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/3rdparty b/src/3rdparty
index 6ae16282a..39aa0ea99 160000
--- a/src/3rdparty
+++ b/src/3rdparty
@@ -1 +1 @@
-Subproject commit 6ae16282af47ef14f698d93559dbb0a095f0475d
+Subproject commit 39aa0ea99a30c9c15fb3640fe9a2638982548c0b
-- 
cgit v1.2.3