- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202101-30 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Qt WebEngine: Multiple vulnerabilities Date: January 26, 2021 Bugs: #734600, #754852 ID: 202101-30 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been found in Qt WebEngine, the worst of which could result in the arbitrary execution of code. Background ========= Library for rendering dynamic web content in Qt5 C++ and QML applications. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-qt/qtwebengine < 5.15.2 >= 5.15.2 Description ========== Multiple vulnerabilities have been discovered in Qt WebEngine. Please review the CVE identifiers referenced below for details. Impact ===== Please review the referenced CVE identifiers for details. Workaround ========= There is no known workaround at this time. Resolution ========= All Qt WebEngine users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">Þv-qt/qtwebengine-5.15.2" References ========= [ 1 ] CVE-2020-15959 https://nvd.nist.gov/vuln/detail/CVE-2020-15959 [ 2 ] CVE-2020-15959 https://nvd.nist.gov/vuln/detail/CVE-2020-15959 [ 3 ] CVE-2020-15960 https://nvd.nist.gov/vuln/detail/CVE-2020-15960 [ 4 ] CVE-2020-15960 https://nvd.nist.gov/vuln/detail/CVE-2020-15960 [ 5 ] CVE-2020-15961 https://nvd.nist.gov/vuln/detail/CVE-2020-15961 [ 6 ] CVE-2020-15961 https://nvd.nist.gov/vuln/detail/CVE-2020-15961 [ 7 ] CVE-2020-15962 https://nvd.nist.gov/vuln/detail/CVE-2020-15962 [ 8 ] CVE-2020-15962 https://nvd.nist.gov/vuln/detail/CVE-2020-15962 [ 9 ] CVE-2020-15963 https://nvd.nist.gov/vuln/detail/CVE-2020-15963 [ 10 ] CVE-2020-15963 https://nvd.nist.gov/vuln/detail/CVE-2020-15963 [ 11 ] CVE-2020-15964 https://nvd.nist.gov/vuln/detail/CVE-2020-15964 [ 12 ] CVE-2020-15964 https://nvd.nist.gov/vuln/detail/CVE-2020-15964 [ 13 ] CVE-2020-15965 https://nvd.nist.gov/vuln/detail/CVE-2020-15965 [ 14 ] CVE-2020-15965 https://nvd.nist.gov/vuln/detail/CVE-2020-15965 [ 15 ] CVE-2020-15966 https://nvd.nist.gov/vuln/detail/CVE-2020-15966 [ 16 ] CVE-2020-15966 https://nvd.nist.gov/vuln/detail/CVE-2020-15966 [ 17 ] CVE-2020-15968 https://nvd.nist.gov/vuln/detail/CVE-2020-15968 [ 18 ] CVE-2020-15968 https://nvd.nist.gov/vuln/detail/CVE-2020-15968 [ 19 ] CVE-2020-15969 https://nvd.nist.gov/vuln/detail/CVE-2020-15969 [ 20 ] CVE-2020-15969 https://nvd.nist.gov/vuln/detail/CVE-2020-15969 [ 21 ] CVE-2020-15972 https://nvd.nist.gov/vuln/detail/CVE-2020-15972 [ 22 ] CVE-2020-15972 https://nvd.nist.gov/vuln/detail/CVE-2020-15972 [ 23 ] CVE-2020-15974 https://nvd.nist.gov/vuln/detail/CVE-2020-15974 [ 24 ] CVE-2020-15974 https://nvd.nist.gov/vuln/detail/CVE-2020-15974 [ 25 ] CVE-2020-15976 https://nvd.nist.gov/vuln/detail/CVE-2020-15976 [ 26 ] CVE-2020-15976 https://nvd.nist.gov/vuln/detail/CVE-2020-15976 [ 27 ] CVE-2020-15977 https://nvd.nist.gov/vuln/detail/CVE-2020-15977 [ 28 ] CVE-2020-15977 https://nvd.nist.gov/vuln/detail/CVE-2020-15977 [ 29 ] CVE-2020-15978 https://nvd.nist.gov/vuln/detail/CVE-2020-15978 [ 30 ] CVE-2020-15978 https://nvd.nist.gov/vuln/detail/CVE-2020-15978 [ 31 ] CVE-2020-15979 https://nvd.nist.gov/vuln/detail/CVE-2020-15979 [ 32 ] CVE-2020-15979 https://nvd.nist.gov/vuln/detail/CVE-2020-15979 [ 33 ] CVE-2020-15985 https://nvd.nist.gov/vuln/detail/CVE-2020-15985 [ 34 ] CVE-2020-15985 https://nvd.nist.gov/vuln/detail/CVE-2020-15985 [ 35 ] CVE-2020-15987 https://nvd.nist.gov/vuln/detail/CVE-2020-15987 [ 36 ] CVE-2020-15987 https://nvd.nist.gov/vuln/detail/CVE-2020-15987 [ 37 ] CVE-2020-15989 https://nvd.nist.gov/vuln/detail/CVE-2020-15989 [ 38 ] CVE-2020-15989 https://nvd.nist.gov/vuln/detail/CVE-2020-15989 [ 39 ] CVE-2020-15992 https://nvd.nist.gov/vuln/detail/CVE-2020-15992 [ 40 ] CVE-2020-15992 https://nvd.nist.gov/vuln/detail/CVE-2020-15992 [ 41 ] CVE-2020-16001 https://nvd.nist.gov/vuln/detail/CVE-2020-16001 [ 42 ] CVE-2020-16001 https://nvd.nist.gov/vuln/detail/CVE-2020-16001 [ 43 ] CVE-2020-16002 https://nvd.nist.gov/vuln/detail/CVE-2020-16002 [ 44 ] CVE-2020-16002 https://nvd.nist.gov/vuln/detail/CVE-2020-16002 [ 45 ] CVE-2020-16003 https://nvd.nist.gov/vuln/detail/CVE-2020-16003 [ 46 ] CVE-2020-16003 https://nvd.nist.gov/vuln/detail/CVE-2020-16003 [ 47 ] CVE-2020-6467 https://nvd.nist.gov/vuln/detail/CVE-2020-6467 [ 48 ] CVE-2020-6467 https://nvd.nist.gov/vuln/detail/CVE-2020-6467 [ 49 ] CVE-2020-6470 https://nvd.nist.gov/vuln/detail/CVE-2020-6470 [ 50 ] CVE-2020-6470 https://nvd.nist.gov/vuln/detail/CVE-2020-6470 [ 51 ] CVE-2020-6471 https://nvd.nist.gov/vuln/detail/CVE-2020-6471 [ 52 ] CVE-2020-6471 https://nvd.nist.gov/vuln/detail/CVE-2020-6471 [ 53 ] CVE-2020-6472 https://nvd.nist.gov/vuln/detail/CVE-2020-6472 [ 54 ] CVE-2020-6473 https://nvd.nist.gov/vuln/detail/CVE-2020-6473 [ 55 ] CVE-2020-6474 https://nvd.nist.gov/vuln/detail/CVE-2020-6474 [ 56 ] CVE-2020-6475 https://nvd.nist.gov/vuln/detail/CVE-2020-6475 [ 57 ] CVE-2020-6476 https://nvd.nist.gov/vuln/detail/CVE-2020-6476 [ 58 ] CVE-2020-6480 https://nvd.nist.gov/vuln/detail/CVE-2020-6480 [ 59 ] CVE-2020-6481 https://nvd.nist.gov/vuln/detail/CVE-2020-6481 [ 60 ] CVE-2020-6482 https://nvd.nist.gov/vuln/detail/CVE-2020-6482 [ 61 ] CVE-2020-6483 https://nvd.nist.gov/vuln/detail/CVE-2020-6483 [ 62 ] CVE-2020-6486 https://nvd.nist.gov/vuln/detail/CVE-2020-6486 [ 63 ] CVE-2020-6487 https://nvd.nist.gov/vuln/detail/CVE-2020-6487 [ 64 ] CVE-2020-6489 https://nvd.nist.gov/vuln/detail/CVE-2020-6489 [ 65 ] CVE-2020-6490 https://nvd.nist.gov/vuln/detail/CVE-2020-6490 [ 66 ] CVE-2020-6506 https://nvd.nist.gov/vuln/detail/CVE-2020-6506 [ 67 ] CVE-2020-6510 https://nvd.nist.gov/vuln/detail/CVE-2020-6510 [ 68 ] CVE-2020-6511 https://nvd.nist.gov/vuln/detail/CVE-2020-6511 [ 69 ] CVE-2020-6512 https://nvd.nist.gov/vuln/detail/CVE-2020-6512 [ 70 ] CVE-2020-6513 https://nvd.nist.gov/vuln/detail/CVE-2020-6513 [ 71 ] CVE-2020-6514 https://nvd.nist.gov/vuln/detail/CVE-2020-6514 [ 72 ] CVE-2020-6518 https://nvd.nist.gov/vuln/detail/CVE-2020-6518 [ 73 ] CVE-2020-6523 https://nvd.nist.gov/vuln/detail/CVE-2020-6523 [ 74 ] CVE-2020-6524 https://nvd.nist.gov/vuln/detail/CVE-2020-6524 [ 75 ] CVE-2020-6526 https://nvd.nist.gov/vuln/detail/CVE-2020-6526 [ 76 ] CVE-2020-6529 https://nvd.nist.gov/vuln/detail/CVE-2020-6529 [ 77 ] CVE-2020-6530 https://nvd.nist.gov/vuln/detail/CVE-2020-6530 [ 78 ] CVE-2020-6531 https://nvd.nist.gov/vuln/detail/CVE-2020-6531 [ 79 ] CVE-2020-6532 https://nvd.nist.gov/vuln/detail/CVE-2020-6532 [ 80 ] CVE-2020-6533 https://nvd.nist.gov/vuln/detail/CVE-2020-6533 [ 81 ] CVE-2020-6534 https://nvd.nist.gov/vuln/detail/CVE-2020-6534 [ 82 ] CVE-2020-6535 https://nvd.nist.gov/vuln/detail/CVE-2020-6535 [ 83 ] CVE-2020-6540 https://nvd.nist.gov/vuln/detail/CVE-2020-6540 [ 84 ] CVE-2020-6541 https://nvd.nist.gov/vuln/detail/CVE-2020-6541 [ 85 ] CVE-2020-6542 https://nvd.nist.gov/vuln/detail/CVE-2020-6542 [ 86 ] CVE-2020-6543 https://nvd.nist.gov/vuln/detail/CVE-2020-6543 [ 87 ] CVE-2020-6544 https://nvd.nist.gov/vuln/detail/CVE-2020-6544 [ 88 ] CVE-2020-6545 https://nvd.nist.gov/vuln/detail/CVE-2020-6545 [ 89 ] CVE-2020-6548 https://nvd.nist.gov/vuln/detail/CVE-2020-6548 [ 90 ] CVE-2020-6549 https://nvd.nist.gov/vuln/detail/CVE-2020-6549 [ 91 ] CVE-2020-6550 https://nvd.nist.gov/vuln/detail/CVE-2020-6550 [ 92 ] CVE-2020-6551 https://nvd.nist.gov/vuln/detail/CVE-2020-6551 [ 93 ] CVE-2020-6555 https://nvd.nist.gov/vuln/detail/CVE-2020-6555 [ 94 ] CVE-2020-6557 https://nvd.nist.gov/vuln/detail/CVE-2020-6557 [ 95 ] CVE-2020-6559 https://nvd.nist.gov/vuln/detail/CVE-2020-6559 [ 96 ] CVE-2020-6561 https://nvd.nist.gov/vuln/detail/CVE-2020-6561 [ 97 ] CVE-2020-6562 https://nvd.nist.gov/vuln/detail/CVE-2020-6562 [ 98 ] CVE-2020-6569 https://nvd.nist.gov/vuln/detail/CVE-2020-6569 [ 99 ] CVE-2020-6570 https://nvd.nist.gov/vuln/detail/CVE-2020-6570 [ 100 ] CVE-2020-6571 https://nvd.nist.gov/vuln/detail/CVE-2020-6571 [ 101 ] CVE-2020-6573 https://nvd.nist.gov/vuln/detail/CVE-2020-6573 [ 102 ] CVE-2020-6575 https://nvd.nist.gov/vuln/detail/CVE-2020-6575 [ 103 ] CVE-2020-6576 https://nvd.nist.gov/vuln/detail/CVE-2020-6576 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202101-30 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2021 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5