{"affected":[{"ecosystem_specific":{"binaries":[{"libQt5Pdf5":"5.15.10-bp154.2.3.2","libQt5PdfWidgets5":"5.15.10-bp154.2.3.2","libqt5-qtpdf-devel":"5.15.10-bp154.2.3.2","libqt5-qtpdf-examples":"5.15.10-bp154.2.3.2","libqt5-qtpdf-imports":"5.15.10-bp154.2.3.2","libqt5-qtpdf-private-headers-devel":"5.15.10-bp154.2.3.2","libqt5-qtwebengine":"5.15.10-bp154.2.3.2","libqt5-qtwebengine-devel":"5.15.10-bp154.2.3.2","libqt5-qtwebengine-examples":"5.15.10-bp154.2.3.2","libqt5-qtwebengine-private-headers-devel":"5.15.10-bp154.2.3.2"}]},"package":{"ecosystem":"SUSE:Package Hub 15 SP4","name":"libqt5-qtwebengine","purl":"pkg:rpm/suse/libqt5-qtwebengine&distro=SUSE%20Package%20Hub%2015%20SP4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.15.10-bp154.2.3.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libQt5Pdf5":"5.15.10-bp154.2.3.2","libQt5PdfWidgets5":"5.15.10-bp154.2.3.2","libqt5-qtpdf-devel":"5.15.10-bp154.2.3.2","libqt5-qtpdf-examples":"5.15.10-bp154.2.3.2","libqt5-qtpdf-imports":"5.15.10-bp154.2.3.2","libqt5-qtpdf-private-headers-devel":"5.15.10-bp154.2.3.2","libqt5-qtwebengine":"5.15.10-bp154.2.3.2","libqt5-qtwebengine-devel":"5.15.10-bp154.2.3.2","libqt5-qtwebengine-examples":"5.15.10-bp154.2.3.2","libqt5-qtwebengine-private-headers-devel":"5.15.10-bp154.2.3.2"}]},"package":{"ecosystem":"openSUSE:Leap 15.4","name":"libqt5-qtwebengine","purl":"pkg:rpm/opensuse/libqt5-qtwebengine&distro=openSUSE%20Leap%2015.4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.15.10-bp154.2.3.2"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for libqt5-qtwebengine fixes the following issues:\n\nUpdate to version 5.15.10:\n\n* Fix top level build with no widget\n* Fix read-after-free on EGL extensions\n* Update Chromium\n* Add workaround for unstable gn on macOS in ci\n* Pass archiver to gn build\n* Fix navigation to non-local URLs\n* Add support for universal builds for qtwebengine and qtpdf\n*  Enable Apple Silicon support\n*  Fix cross compilation x86_64->arm64 on mac\n*  Bump version to 5.15.10\n*  CustomDialogs: Make custom input fields readable in dark mode\n*  CookieBrowser: Make alternating rows readable in dark mode\n\n* Update Chromium:\n  * Bump V8_PATCH_LEVEL\n  * Fix clang set-but-unused-variable warning\n  * Fix mac toolchain python linker script call\n  * Fix missing dependency for gpu sources\n  * Fix python calls\n  * Fix undefined symbol for universal link\n  * Quick fix for regression in service workers by reverting\n    backports\n  * [Backport] CVE-2022-0797: Out of bounds memory access\n    in Mojo\n  * [Backport] CVE-2022-1125\n  * [Backport] CVE-2022-1138: Inappropriate implementation\n    in Web Cursor.\n  * [Backport] CVE-2022-1305: Use after free in storage\n  * [Backport] CVE-2022-1310: Use after free in regular\n    expressions\n  * [Backport] CVE-2022-1314: Type Confusion in V8\n  * [Backport] CVE-2022-1493: Use after free in Dev Tools\n  * [Backport] On arm64 hosts, set host_cpu to 'arm64', not 'arm'\n  * [Backport] Security Bug 1296876\n  * [Backport] Security bug 1269999\n  * [Backport] Security bug 1280852\n  * [Backport] Security bug 1292905\n  * [Backport] Security bug 1304659\n  * [Backport] Security bug 1306507\n\n","id":"openSUSE-SU-2022:10049-1","modified":"2022-07-10T16:01:15Z","published":"2022-07-10T16:01:15Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WT2AEVSRASQUW7I7AGAMZLKVP3GE3BMY/"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-0797"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-1125"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-1138"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-1305"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-1310"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-1314"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-1493"}],"related":["CVE-2022-0797","CVE-2022-1125","CVE-2022-1138","CVE-2022-1305","CVE-2022-1310","CVE-2022-1314","CVE-2022-1493"],"summary":"Security update for libqt5-qtwebengine","upstream":["CVE-2022-0797","CVE-2022-1125","CVE-2022-1138","CVE-2022-1305","CVE-2022-1310","CVE-2022-1314","CVE-2022-1493"]}