summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Update Chromium5.12Michael Brüning2021-11-111-0/+0
| | | | | | | | | | | | | | | | | | | | | | | | | Submodule src/3rdparty 1b284e5b..b249cd9b: > [Backport] CVE-2021-30553: Use after free in Network service > [Backport] Security bug 1184294 > [Backport] CVE-2021-30569, security bugs 1198216, 1204814 and 1197786 > [Backport] CVE-2021-30560: Use after free in Blink XSLT > [Backport] Security bug 1252858 > [Backport] Security bug 1242257 > [Backport] CVE-2021-30627: Type Confusion in Blink layout > [Backport] CVE-2021-30618: Inappropriate implementation in DevTools > [Backport] CVE-2021-30603: Race in WebAudio > [Backport] CVE-2021-30585: Use after free in sensor handling > [Backport] CVE-2021-30559: Out of bounds write in ANGLE > [Backport] CVE-2021-30547: Out of bounds write in ANGLE > [Backport] Security bug 1202534 > [Backport] CVE-2021-30522: Use after free in WebAudio > Revert "[Backport] CVE-2021-21227: Insufficient data validation in V8" > Revert "[Backport] CVE-2021-30513: Type Confusion in V8." > Revert "[Backport] CVE-2021-21231: Insufficient data validation in V8" Change-Id: I61c36404e160864bf4daa730cef62aec747996c7 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Update Chromiumv5.12.11Michael Brüning2021-05-141-0/+0
| | | | | | | | | | | | | | | | Submodule src/3rdparty bda00397..1b284e5b: > Fix up [Backport] Security bug 1175503 > Fix up [Backport] CVE-2021-30513: Type Confusion in V8. > [Backport] Security bug 1190525 > [Backport] CVE-2021-30518: Heap buffer overflow in Reader Mode. > [Backport] CVE-2021-30513: Type Confusion in V8. > [Backport] CVE-2021-30515: Use after free in File API. > [Backport] Security bug 1175503 Task-number: QTBUG-93566 Change-Id: I41956c76cd2ff5f3b005f62a8ba406354d1063c5 Reviewed-by: Michal Klocek <michal.klocek@qt.io> Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
* Update ChromiumMichael Brüning2021-05-101-0/+0
| | | | | | | | | | | | | | | | | | | | | | | Submodule src/3rdparty 4e224e5a..bda00397: > [Backport] CVE-2021-21231: Insufficient data validation in V8 > [Backport] CVE-2021-21207: Use after free in IndexedDB > [Backport] CVE-2021-21230: Type Confusion in V8 > [Backport] CVE-2021-21227: Insufficient data validation in V8 > [Backport] Security bug 1192552 > [Backport] CVE-2021-21223: Integer overflow in Mojo > [Backport] Security bugs 1175522 and 1181276 > [Backport] CVE-2021-21203: Use after free in Blink > [Backport] CVE-2021-21204: Use after free in Blink. > [Backport] CVE-2021-21202: Use after free in extensions. > [Backport] CVE-2021-21214: Use after free in Network API > [Backport] CVE-2021-21221: Insufficient validation of untrusted input in Mojo > [Backport] CVE-2021-21206: Use after free in Blink > [Backport] CVE-2021-21220: Insufficient validation of untrusted input in V8 for x86_64 Task-number: QTBUG-93566 Change-Id: I9f67eb1df61710b44bdf670f669196afc47f7ac1 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Update ChromiumMichael Brüning2021-04-131-0/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Submodule src/3rdparty 72f67be0..4e224e5a: > Fixup [Backport] CVE-2021-21160: Heap buffer overflow in WebAudio > Fixup for [Backport] Security bug 1161048 > [Backport] CVE-2021-21156: Heap buffer overflow in V8 > [Backport] CVE-2021-21188: Use after free in Blink. > [Backport] Security bug 1161847 > [Backport] CVE-2021-21195: Use after free in V8 > [Backport] CVE-2021-21198: Out of bounds read in IPC > [Backport] Security bug 1185482 > [Backport] Security bug 1062941 > [Backport] CVE-2021-21175: Inappropriate implementation in Site isolation > [Backport] Security bug 1161048 > [Backport] CVE-2021-21193: Use after free in Blink > [Backport] CVE-2021-21190: Uninitialized Use in PDFium > [Backport] CVE-2021-21160: Heap buffer overflow in WebAudio > [Backport] CVE-2021-21165: Object lifecycle issue in audio > [Backport] Security bug 1180871 > [Backport] CVE-2021-21157: Use after free in Web Sockets > [Backport] CVE-2021-21148: Heap buffer overflow in V8 > [Backport] CVE-2021-21137: Inappropriate implementation in DevTools > [Backport] Security bug 1135594 > [Backport] CVE-2021-21153: Stack overflow in GPU Process > [Backport] CVE-2021-21138: Use after free in DevTools > [Backport] Security bug 1097499 > [Backport] Security bug 1144646 > [Backport] WebRTC bug 12105 > [Backport] CVE-2021-21119: Use after free in Media > [Backport] CVE-2021-21140: Uninitialized Use in USB [2/2] > [Backport] CVE-2021-21140: Uninitialized Use in USB [1/2] > [Backport] CVE-2021-21120: Use after free in WebSQL > [Backport] Security bug 1162198 > [Backport] CVE-2020-16044: Use after free in WebRTC [3/3] > [Backport] CVE-2020-16044: Use after free in WebRTC [2/3] > [Backport] CVE-2020-16044: Use after free in WebRTC [1/3] > [Backport] CVE-2021-21146: Use after free in Navigation > [Backport] Security bug 1152645 > [Backport] Security bug 1148309 > [Backport] CVE-2021-21114: Use after free in audio Task-number: QTBUG-91422 Task-number: QTBUG-92456 Change-Id: I43eb42057fd9123d7a870f294936633ac235333e Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Match render pass structures check to actual tree traversal loopKirill Burtsev2021-02-091-27/+42
| | | | | | | | | | | | | | | Mismatch in render tree on update may lead to crash when: * less scenegraph nodes are updated than created - hence crash on rendering since not all textures are replaced and old ones are deleted on previous run in scope of 'commit' method * more quads are processed than were on new tree create - hence crash on an attempt to setup non-existent node in DelegatedNodeTreeUpdater. Match logic of 'areRenderPassStructuresEqual' to main 'commit' method loop. Fixes: QTBUG-76181 Fixes: QTBUG-85802 Change-Id: Ib0c6dbec8100a068948a4ca8c385ba516ba5c504 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Update ChromiumMichael Brüning2020-12-091-0/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Pulls in the changes 95bf758e9e5 [Backport] CVE-2020-15968: Use after free in Blink 0f55630c2f4 [Backport] CVE-2020-15969: Use after free in WebRTC. 5a8e372fc7e [Backport] CVE-2020-6561: Inappropriate implementation in Content Security Policy 4e06eb9f1cc Fix bison 3.7 1357b9be19f [Backport] CVE-2020-15999: Heap buffer overflow in freetype 1456539bd05 [Backport] CVE-2020-16003: Use after free in printing. 6475589b7ed [Backport] CVE-2020-16001: Use after free in media. 92253f4cc04 [Backport] CVE-2020-16002: Use after free in PDFium. 5df1bd044c6 [Backport] CVE-2020-15979: Inappropriate implementation in V8 7138ac3ddcf [Backport] CVE-2020-15978 Insufficient data validation in navigation 5ede8738ccb [Backport] CVE-2020-15992 Insufficient policy enforcement in networking a8f95043550 [Backport] CVE-2020-15987: Use after free in WebRTC (1/2) e5adc243d57 [Backport] CVE-2020-15987: Use after free in WebRTC (2/2) 6411f535efd Fix potential leak after fix for CVE-2020-15987 e5c6b3de888 [Backport] CVE-2020-15989: Uninitialized Use in PDFium 811208e7b60 [Backport] Security bug 1125199 42a1a175af1 [Backport] CVE-2020-16008: Stack buffer overflow in WebRTC aef97e76545 [Backport] CVE-2020-16011: Heap buffer overflow in UI on Windows. ade0aef290c [Backport] Security bug 1137608 8e776e6e6f5 [Backport] CVE-2020-16014: Use after free in PPAPI 765a0ff57eb [Backport] CVE-2020-16022: Insufficient policy enforcement in networking 117abfcce74 [Backport] Dependency for CVE-2020-16024 05386001f90 [Backport] CVE-2020-16024: Heap buffer overflow in UI 275dca60b70 [Backport] CVE-2020-16028: Heap buffer overflow in WebRTC 053316ce37e [Backport] Security bug 1137603 cef4d6d73cd [Backport] Security bug 1142020 026b0132f6d Fix CVE-2020-16034 by disabling chrome://webrtc-internals 878d0697c48 [Backport] mac: make find_sdk.py work when the sdk goes to 11 4689c3d74c5 [Backport] CVE-2020-16040: Insufficient data validation in V8 a0c71808baf [Backport] CVE-2020-16016: Inappropriate implementation in base. 10cb7cc9b11 [Backport] Security bug 1123035 0fdd19c558e [Backport] CVE-2020-16027: Insufficient policy enforcement in developer tools. 2b0be93dc42 [Backport] Dependency for CVE-2020-16030 c1cc6046fbc [Backport] CVE-2020-16030: Insufficient data validation in Blink 72f67be024a [Backport] CVE-2020-16042: Uninitialized Use in V8 Updates test expectations for loading chrome://webrtc-internals in tst_qwebengineview. Fixes: QTBUG-87787 Task-number: QTBUG-89191 Change-Id: I7e04b3f225affa9912dce1b1dd13f0dc8dba754b Reviewed-by: Michal Klocek <michal.klocek@qt.io>
* Look for resources in macOS standard Resources dirKeith Kyzivat2020-11-051-0/+2
| | | | | | | | | | | | | | | When on macOS, with a frameworkless build, WebEngine resources are stored in a Resources directory named with a capital R. This is the standard directory name for resources on macOS, however Qt WebEngine was expecting to find resources in a directory named `resources` (no capitalized first letter). Task-number: QTBUG-72368 Change-Id: I2106a50a63c6d812dc6ad649645e3b6b9e0471e2 Reviewed-by: Michael Brüning <michael.bruning@qt.io> (cherry picked from commit 3a4e3c807c667491e133d04e3dcbadd0dad19826) Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
* Update ChromiumMichael Brüning2020-10-121-0/+0
| | | | | | | | | | | | | | | | | | | Pulls in the changes: b59af853f7b [Backport] CVE-2020-6559: Use after free in presentation API d7c2cf25399 [Backport] Security issue 1102137 82a0e2faa2a [Backport] CVE-2020-6562: Insufficient policy enforcement in Blink 46dbf8fb796 [Backport] CVE-2020-6569: Integer overflow in WebUSB 844c2922f46 [Backport] CVE-2020-6573: Use after free in video 872be05931a [Backport] CVE-2020-15962: Insufficient policy enforcement in serial b769634b87a [Backport] Security bug 1111149 a4599b61975 [Backport] CVE-2020-6571: Incorrect security UI in Omnibox c89a12ce788 [Backport] CVE-2020-15964: Insufficient data validation in media 30570c933fc [Backport] Security issue 1098860 d6e06841443 [Backport] CVE-2020-15965: Out of bounds write in V8 Task-number: QTBUG-85613 Change-Id: I5a013d1020a903775dec3682866269eb754b7d08 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Update ChromiumMichael Brüning2020-08-241-0/+0
| | | | | | | | | | | | | | | | | | | | | | Pulls in the changes: 01257ab4c14 [Backport] CVE-2020-6489 e425d1134b9 [Backport] CVE-2020-6532: Use after free in SCTP 39d164c7113 [Backport] Security bug 1102408 72e1b27f06f [Backport] CVE-2020-6541: Use after free in WebUSB bf12bcbd03c [Backport] Security bug 1065122 0561a33d0f5 [Backport] Security bug 1065731 ee1811a7e86 [Backport] CVE-2020-6540: Heap buffer overflow in Skia a09bfbb191d [Backport] CVE-2020-6542: Use after free in ANGLE 2f38d2ab5b7 [Backport] CVE-2020-6543: Use after free in task scheduling 5ff9249f692 [Backport] CVE-2020-6544: Use after free in media 78121f30724 [Backport] CVE-2020-6545: Use after free in audio cc48de17c5d [Backport] CVE-2020-6548: Heap buffer overflow in Skia e490120c6b6 [Backport] CVE-2020-6549: Use after free in media ca61def88f8 [Backport] CVE-2020-6462: Use after free in task scheduling Task-number: QTBUG-85613 Change-Id: I3b3242d35a444b696ae89f9be454c800dbd2eba4 Reviewed-by: Michal Klocek <michal.klocek@qt.io>
* Update ChromiumMichael Brüning2020-07-291-0/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Pulls in the changes: a2c0edd19d4 [Backport] CVE-2020-6511: Side-channel information leakage in CSP (1/2) b16fddc243a [Backport] CVE-2020-6511: Side-channel information leakage in CSP (2/2) 279102920a7 [Backport] CVE-2020-6513: Heap buffer overflow in PDFium 0521cd0d584 [Backport] CVE-2020-6514: Inappropriate implementation in WebRTC 53ab90f118d [Backport] CVE-2020-6523: Out of bounds write in Skia 618f960a12c [Backport] CVE-2020-6524: Heap buffer overflow in WebAudio 9c52e6b3360 [Backport] CVE-2020-6529: Inappropriate implementation in WebRTC 572a93d8f14 [Backport] CVE-2020-6535: Insufficient data validation in WebUI 2004c48a47e [Backport] Security bug 1054229 6a3ff8c66a9 [Backport] CVE-2020-6518: Use after free in developer tools d06276e6183 [Backport] CVE-2020-6512: Type Confusion in V8 (1/3) d8a0b1b22c1 [Backport] CVE-2020-6512: Type Confusion in V8 (2/3) 83793149bf5 [Backport] CVE-2020-6512: Type Confusion in V8 (3/3) b97c5f89481 [Backport] Dependency for CVE-2020-6534 (1/4) de381abe2ff [Backport] Dependency for CVE-2020-6534 (2/4) 8b2ba2a1e56 [Backport] Dependency for CVE-2020-6534 (3/4) 199df5c9049 [Backport] Dependency for CVE-2020-6534 (4/4) bc33e1bbfaf [Backport] CVE-2020-6534: Heap buffer overflow in WebRTC 58f5e3f57e5 [Backport] CVE-2020-6490 c3003924faf [Backport] Security bug 1052492 1e1f4b33fa0 Security bugs 1087629 and 1029569 Task-number: QTBUG-85613 Change-Id: Ib2d3ed71b4f21cf3fa02474ace735a3c9c6c5126 Reviewed-by: Michal Klocek <michal.klocek@qt.io>
* Fix AltGr on WindowsPeter Varga2020-07-071-1/+8
| | | | | | | Fixes: QTBUG-83710 Change-Id: Iaf5a33c0aeb53348d36cb7dda60602041299cd50 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io> (cherry picked from commit 53498cb73392a222a113ae257f24f91e6d912518)
* Update ChormiumMichal Klocek2020-07-071-0/+0
| | | | | | | | | | | | | | | | | | | Pulls in following changes: * 9b01ea0194d [Backport] CVE-2020-6459 * 5d89aa45a7e [Backport] CVE-2020-6470 * 73765c84da6 [Backport] CVE-2020-6474 * c66812623ff [Backport] CVE-2020-6481 * 86482726e15 [Backport] Security Bug 1058515 * 120e629cb56 [Backport] Security Bug 1057369 * 4bd9fab8c65 [Backport] Security Bug 1051439 * cf563cfdb42 Add missing headers for build with linux-clang 10 spec * 1417835f7de Fixup: Fix live editing * cf70b8331ce [macOS] Add CoreProfile to the valid configurations for GPU switching Task-number: QTBUG-84633 Change-Id: I16b148a6742c683dbc5eaab37bfbc4ddd3aebb0c Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* [macOS] Add utf-8 character set meta tag for HTML clipboard contentMichael Brüning2020-07-061-1/+8
| | | | | | | | | | | | | This prevents unicode characters from becoming garbled when pasting the clipboard content into an application that uses the HTML content instead of the text data. This mirrors the behavior of Chromium's clipboard adaptation for macOS Fixes: QTBUG-75391 Change-Id: I033819a2caf3410509e90c9bc38c9830d184149d Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io> (cherry picked from commit 7b5cb517da57f76437872a891c07fffd1779b6a4)
* Update ChromiumMichal Klocek2020-06-111-0/+0
| | | | | | | | | | | | | | | Pulls in security issues: * 1def46aafc2 [Backport] Security Bug 1070012 1/5 * 54a56516088 [Backport] Security Bug 1070012 2/5 * fbc701311c1 [Backport] Security Bug 1070012 3/5 * ebc9d4ba625 [Backport] Security Bug 1070012 4/5 * 04e8b821b36 [Backport] Security Bug 1070012 5/5 * 8a53e97dba1 [Backport] CVE-2020-6467 Task-number: QTBUG-84633 Change-Id: I24367d2f3249f900202b2f847a762aefd0ef4072 Reviewed-by: Michael Brüning <michael.bruning@qt.io>
* Update ChormiumMichal Klocek2020-06-111-0/+0
| | | | | | | | | | | | | | | Pulls in following changes: * 7c34012060d [Backport] Fix for CVE-2020-6464 * c3a4dada23b [Backport] CVE-2020-6468 * 8d8aa95903c [Backport] Security bug 1075907 * e7c84adad1b [Backport] Security bug 1025302 * d686675960c [Backport] CVE-2020-6493 * 3a8febfdab7 Fixup for [Backport] Security bug 1025740 1/2 Task-number: QTBUG-84633 Change-Id: I9ad7da07ca0cdc4656cb936eef5a4e7445b31949 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Update ChromiumMichal Klocek2020-06-111-0/+0
| | | | | | | | | | | | | | | Pulls in following changes: * 04567666dae [Backport] Fix for security issue 1066893 * 8dc8aecf84b [Backport] When suspending context, don't clear handlers * 8ad03010124 [Backport] Security bug 1025740 1/2 * c8b517eb447 [Backport] Security bug 1025740 2/2 * 717395cfce0 [Backport] CVE-2020-6461: Use after free in storage * b3b4d5af3a1 Fixup: add missing gn include Task-number: QTBUG-84633 Change-Id: Ia56b018ea93caa091212b574947b26dd83ca52f3 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Update ChromiumMichal Klocek2020-06-091-0/+0
| | | | | | | | | | | | | | | | Pulls in following patches: * d7755040dde Update sqlite, fixing CVE-2020-6455 * d009d836cfb [Backport] CVE-2020-6431 * bfc495cdeae [Backport] Fix for CVE-2020-6441 * 130150732b6 [Backport] Fix for CVE-2020-6443 * 3269720fc8a [Backport] Fix for security issue 1050090 * b96587fcf2c [Backport] CVE-2020-6432 * 47b2198c4ef [Backport] CVE-2020-6460 Task-number: QTBUG-84633 Change-Id: I9d45b6cc40cccbe4a8dc7931619cad60d6551217 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Update ChromiumMichal Klocek2020-06-081-0/+0
| | | | | | | | | | | | | | | | | Pulls in following patches: * cab2fe0edbe Disable Empty Base Class Layout Optimization for MSVC * e7cf409b07f [Backport] CVE-2020-6452 * d91969c6230 [Backport] CVE-2020-6450 * a54c653a3b8 [Backport] CVE-2020-6451 * 19363411c41 [Backport] Security Bug 1065094 1/2 * becfaac2ceb [Backport] Security Bug 1065094 2/2 * f11657ed645 [Backport] Fix for CVE-2020-6423 * 4cdf74a64d3 Fixup: msvc undefined type HandleScopeImplementer Task-number: QTBUG-84633 Change-Id: Ia621d7d04ce7bdedbdb57d6ef0472c896bb2f215 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Fix macOS build after 10.15.4Peter Varga2020-04-261-1/+5
| | | | | | | | | | | | | | | | QMAKE_MAC_SDK_VERSION is set by /usr/bin/xcrun --sdk macosx --show-sdk-version in qtbase/mkpecs/features/mac/sdk.prf From 10.15.4, xcrun outputs the SDK version in Major.Minor.Patch format instead of Major.Minor. mac_sdk_min gn arg is expected to be in Major.Minor format, therefor pass only the first 2 revision numbers to gn. Fixes: QTBUG-83318 Change-Id: I3af523dd5df8149fb5cd57b259c2bed889db88b5 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io> (cherry picked from commit 5d2026cb04ef8fd408e5722a84e2affb5b9a3119)
* Update ChromiumMichael Brüning2020-03-251-0/+0
| | | | | | | | | | | | | | | | | Pulls in the following changes: 1a2d6d8df67 [Backport] Dependency for CVE-2020-6391 4ceb67df8cd [Backport] CVE-2020-6391 - Insufficient validation of untrusted input in Blink (1/3) bca907a58b5 [Backport] CVE-2020-6391 - Insufficient validation of untrusted input in Blink (2/3) 479882836f3 [Backport] CVE-2020-6391 - Insufficient validation of untrusted input in Blink (3/3) f616cecf23c [Backport] CVE-2020-6399 - Insufficient policy enforcement in AppCache 62ca8dad9bb [Backport] Security bug 1035723 0ee1af65d4e [Backport] Fix multiple CVEs and security bugs in sqlite 7483e059d88 [Backport] CVE-2019-18197 - Multiple vulnerabilities in XML Change-Id: I9d8992b1aa28f4fb5704b37d8493cd6964bcf4ed Fixes: QTBUG-81910 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Update ChromiumMichael Brüning2020-03-241-0/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | Pulls in the following changes: cecd1a67e96 [Backport] CVE-2020-6394 - Insufficient policy enforcement in Blink 9a821b38b3f [Backport] CVE-2020-6398 - Uninitialized use in PDFium 3abef6fa271 [Backport] CVE-2020-6401 (1/3) and CVE-2020-6411 581ef6c8ccf [Backport] CVE-2020-6401 (2/3) c0a826b58f7 [Backport] CVE-2020-6401 (3/3) 55b7cedcc65 [Backport] Security bug 1018629 873da842e3d [Backport] CVE-2020-6410 - Insufficient policy enforcement in navigation dec516df711 [Backport] CVE-2020-6412 - Insufficient validation of untrusted input in Omnibox 4b2fb2f933f [Backport] CVE-2020-6413 - Inappropriate implementation in Blink 86959566c4b [Backport] Security bug 1020031 442f3b6715d [Backport] Security bug 1016506 09277a67339 [Backport] Security bug 1026293 1bdf6178d9a [Backport] Security bug 1047097 6bf234cfacc [Backport] Security bug 1025442 02e9407022a [Backport] Security bug 1016038 f7524c75783 [Backport] CVE-2020-6388 - Out of bounds memory access in WebAudio 604ef94f4f9 [Backport] CVE-2019-20503: Out of bounds read in usersctplib Task-number: QTBUG-81910 Change-Id: I5b36f3f65852af99cc551cbad2a6da60a1007176 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Update ChromiumMichael Brüning2020-03-231-0/+0
| | | | | | | | | | | | | | | | | | | | | | Pulls in the following changes: 2c37da9ad4f [Backport] Allow restricted clock_nanosleep in Linux sandbox 1119bc1c945 [Backport] Security bug 1040700 7ce30813cdc [Backport] CVE-2020-6381 - Integer overflow in Javascript 50d216266c1 [Backport] CVE-2020-6418 - Type confusion in V8 f4ee4fe130c [Backport] CVE-2020-6383 - Type confusion in V8 7cfa13add28 [Backport] CVE-2020-6384: Use after free in WebAudio a75e60afb7c [Backport] Security bug 1029865 24e36e97107 [Backport] Security bug 1044570 acb02559c02 [Backport] CVE-2020-6389 - Out of bounds write in WebRTC 807a82b2e28 [Backport] CVE-2020-6420: Insufficient policy enforcement in media 30040b36f90 [Backport] Security bug 1031909 9dfaed8eab0 [Backport] CVE-2020-6406 - Use after free in audio ca0ca819983 [Backport] CVE-2020-6393 - Insufficient policy enforcement in Blink Task-number: QTBUG-81910 Change-Id: Ib3c90cabf2151d652de2a4742f7b0422bf730419 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Fix crashes in urlChanged signal handlersSzabolcs David2020-02-201-1/+3
| | | | | | | | | | | | | | | If a user initiates page load from a urlChanged signal handler after a failed navigation while still being in NavigationRequest::OnRequestFailedInternal(), the new page load can discard the pending navigation entry and delete the NavigationRequest instance before finishing execution of OnRequestFailedInternal(). Fix crash by returning to the event loop before emitting urlChanged signal. Task-number: QTBUG-78490 Change-Id: I849a609f5524d715769079f6c5cabf8db6b45944 Reviewed-by: Michal Klocek <michal.klocek@qt.io>
* Update navigation actions when load finishes in a subframePeter Varga2020-02-191-1/+3
| | | | | | Fixes: QTBUG-81521 Change-Id: I8ca82224cd834b667471d1e96a44430164d3669e Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Update ChromiumMichal Klocek2020-01-251-0/+0
| | | | | | | | | | | | | Pulls in following patches: * f4f2d564d94 [Backport] CVE-2020-0601 * f91f6b41907 [Backport] Security bug 1035371 and 1034695 * 5ca6ac0f951 [Backport] Security bugs 1029506, 1029210, 1029027, 1029002, 1028722 Task-number: QTBUG-80736 Change-Id: I2680d5a4d9af95b0ee1e8b27f98749332250b04c Reviewed-by: Michael Brüning <michael.bruning@qt.io>
* Update ChromiumMichal Klocek2020-01-251-0/+0
| | | | | | | | | | | | | | | | | | Pulls in following patches: * 28d34c9574b [Backport] CVE-2019-13738 * b94dccc951a [Backport] CVE-2019-13739 * f2ad81650e5 [Backport] CVE-2019-13735: Out of bounds write in V8 * 502cf4dc5a4 [Backport] Dependency of fix for CVE-2019-13758 (1/3) * f59df0d5773 [Backport] Dependency of fix for CVE-2019-13758 (2/3) * aedfb4f4114 [Backport] Dependency of fix for CVE-2019-13758 (3/3) * e3130b222f6 [Backport] CVE-2019-13758: Insufficient policy enforcement in navigation. * a3c60650eae [Backport] CVE-2019-13728: Out of bounds write in V8 Task-number: QTBUG-80736 Change-Id: Id00bb34174b6f8313e6512bfd5f5928f6413a142 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Update ChromiumMichal Klocek2020-01-231-0/+0
| | | | | | | | | | | | | | | | | | Pulls in following patches: * 1d84b1d66de [Backport] CVE-2020-6377 * a0a756490e5 [Backport] CVE-2019-13761: Incorrect security UI in Omnibox. * 1735d7de2e2 [Backport] Security bug 1027905 * 20d31c84457 [Backport] CVE-2019-13747: Uninitialized Use in rendering. * b154c1e99b3 [Backport] Security bug 1025089 * 95f69c52f85 [Backport] CVE-2019-13757: Incorrect security UI in Omnibox (1/2) * 0026972c101 [Backport] CVE-2019-13757: Incorrect security UI in Omnibox (2/2) * f527b66b1e3 [Backport] Security bug 889276 * 37330fd70ee [Backport] Security bug 1033260 Task-number: QTBUG-80736 Change-Id: Ie98271999713f07e4c2fab86df28e86310e1a44b Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Update ChromiumMichal Klocek2020-01-221-0/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | Pulls in following patches: * 42b5c26a6af [Backport] Avoid leaking GamepadService in tests * c7196fc6a85 [Backport] Security bug 1017020 * 8fafaa17b3b [Backport] Security bug 1017961 * 9d6e9a7ca2d [Backport] CVE-2019-13736 * f11302cbaab [Backport] CVE-2019-13737 * 990546181b6 [Backport] Fix for CVE-2019-13730: Type Confusion in V8 * f33ba482f60 [Backport] Fix for CVE-2019-13732: Use after free in WebAudio * f0f6703e7d3 [Backport] Fix for CVE-2019-13764: Type Confusion in V8 * 67232758405 [Backport] Dependency for fixing CVE-2019-13734 (1/5) * 520f5e48c7b [Backport] Dependency for fixing CVE-2019-13734 (2/5) * b4b8e7c5a3c [Backport] Dependency for fixing CVE-2019-13734 (3/5) * 17bda0b1daf [Backport] Dependency for fixing CVE-2019-13734 (4/5) * 437d404bd6d [Backport] Dependency for fixing CVE-2019-13734 (5/5) * bcba12fa82a [Backport] CVE-2019-13741: Insufficient validation of untrusted input in Blink * b07274b9d31 [Backport] CVE-2019-13762: Insufficient policy enforcement in downloads. * c445a9bcf07 [Backport] CVE-2019-13734: Out of bounds write in SQLite * 0dde1aba1cd [Backport] Fix up for dependency for CVE-2019-13734 (3/5) Task-number: QTBUG-80736 Change-Id: I53af6ffbe3975c8ab601eabba79c31acaf434482 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Fixup Update ChromiumPeter Varga2020-01-081-0/+0
| | | | | | | | | Wrong hash: * fc95242615b -> 0bf0431f9fe Revert "[Backport] CVE-2019-13701" Change-Id: I05e2e6511df628c79d2d13e8c00139d53774134e Reviewed-by: Michal Klocek <michal.klocek@qt.io>
* Update ChromiumMichal Klocek2019-12-191-0/+0
| | | | | | | | | | | | | | | | | | | | | | Pulls in following changes: * d88a4a62100 [Backport] CVE-2019-13700 * d835d057c27 [Backport] CVE-2019-13701 * 9e816ff0eb4 Fix compiling on Xcode 11. * 7d0edd2bed2 Fix use of deprecated method for scanning wifi networks * 5be6616bfe2 [Backport] CVE-2019-15903 * 63902dffe13 [Backport] CVE-2019-13714 * c8ec40bb38c [Backport] CVE-2019-13715 * 61ba046fc61 [Backport] CVE-2019-13718 * 300c4402c06 [Backport] Security bug 1011551 * e0369af7ae7 [Backport] Secuirty bug 1006544 * c9d697a2959 [Backport] Security bug 993266 * a7a50a7adf3 [Backport] Security bug 1018406 * 246773b5a07 [Backport] Security bug 955191 * fc95242615b Revert "[Backport] CVE-2019-13701" Change-Id: I4ac3fe4acecc1d1193ecbf5c7966e8aad43cb68a Reviewed-by: Michael Brüning <michael.bruning@qt.io>
* Fix pepper flash plugin permissionTamas Zakor2019-12-161-1/+2
| | | | | | | | | Fixes: QTBUG-78280 Fixes: QTBUG-80696 Change-Id: Ic202314bb7935741791fa8c747e255b10dc7dc61 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io> Reviewed-by: Florian Bruhin <qt-project.org@the-compiler.org> (cherry picked from commit e72fd5136c5a7a848d9156334cf8f067eb1a1a10)
* Update ChromiumAllan Sandfeld Jensen2019-11-011-0/+0
| | | | | | | | | | | | | | | | | | | | | | Pulls in remaining security patches from 77 and one from 78 under active attack. Changes: 4fb070d2eb3 [Backport] Fix for CVE-2019-13720 9f720e99462 [Backport] CVE-2019-13664 96cdfdfc635 [Backport] CVE-2019-13665 8a7e8fca86d [Backport] Security issue 946351 bf49c9261e8 [Backport] Security issue 964938 af3f9345ac4 [Backport] Security issue 990234 24a674a2ce8 [Backport] CVE-2019-13674 50dda9e6fda [Backport] CVE-2019-13675 e8fcf3a6a28 [Backport] Security issue 960354 db783cf5684 [Backport] Security issue 979373 89644ad92fe [Backport] Security issue 981459 Task-number: QTBUG-79193 Change-Id: I6ad20783c27cc3c4464923d6b0b7a629ebe51840 Reviewed-by: Michal Klocek <michal.klocek@qt.io>
* Update ChromiumAllan Sandfeld Jensen2019-10-311-0/+0
| | | | | | | | | | | | | | | Changes: c0ad7bb1842 [Backport] CVE-2019-13691 3dbf3a4c21f [Backport] CVE-2019-13692 3d89c990655 [Backport] CVE-2019-13693 cda3a507f68 [Backport] CVE-2019-13694 a6fbcf5a98d [Backport] CVE-2019-13695 635b163527b [Backport] CVE-2019-13697 fcb382834f9 [Backport] Security issue 986727 [1/2] 593acfce0ca [Backport] Security issue 986727 [2/2] Change-Id: I275b9d3031bfbea8796507dd1669e772be446fe2 Reviewed-by: Michael Brüning <michael.bruning@qt.io>
* Update ChromiumAllan Sandfeld Jensen2019-10-301-0/+0
| | | | | | | | | | | | | | | | | | | Changes: 4055f1498d Fix building with pulseaudio 13 b0fb9f38d9f [Backport] Fix security issue 957160 70036bae331 [Backport] Fix CVE-2019-5869 e6902ac08d4 Add missing semicolon to fix build with icu 65.1 55e2f9a305c [Backport] CVE-2019-5870 a0d7bfaee7d [Backport] CVE-2019-13659 4e154694fbc [Backport] CVE-2019-13660 cdee285b9b2 [Backport] CVE-2019-5875 bf4fb03c7c4 Fix building with VS2019 5ab4355f5e9 [Backport] CVE-2019-5876 5f1b74a907d [Backport] CVE-2019-13687 d4780d1a68b [Backport] CVE-2019-13688 Change-Id: I418e5b0ddb3a0e482330ac5560a2383d5d389b6d Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
* Fix WebEngineView flashing when closing popupPeter Varga2019-09-121-1/+1
| | | | | | | | | | | | | Closing a popup (eg. HTML select element) might cause WebEngineView to flash on macOS. This seems to be related to the window's NSPanel destruction and seems to appear only if the Qt::ToolTip window flag is set. Fixes: QTBUG-77072 Fixes: QTBUG-78084 Change-Id: I72af67ee97304278870b312482f8f9058ecd1233 Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io> (cherry picked from commit 2f72083601fb6a4fcc66b6440222291fc334cb3f)
* Update ChromiumMichael Brüning2019-09-091-0/+0
| | | | | | | | | | This pulls in the following change: 111349f18a4 Rename Chromium bootstrap name to prevent collisions Change-Id: I7003c35c5bad96f32b69900d507e637252a4950d Fixes: QTBUG-77938 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Reject certificate error for non-overridable errorsKirill Burtsev2019-08-292-4/+2
| | | | | | | | | | | | | | | | | | On certificate validation error page load is just halted meaning that no progress or load result are reported and no default error page for certificate errors is shown. Even though documentation states that 'By default, an invalid certificate will be automatically rejected' and that aligns with default implementation of certificateError method within Page and non-deferred errors in quick View, page or view silently stays in an intermediate state for non-overridable errors. Fix this inconsistent behavior by automatically rejecting certificate for every invalid case (non-overridable error, not deferred or not implemented overridable method). Change-Id: Id1cee2ee5cc45bdcb5f262a6c99c84274e6ca374 Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
* Fix reporting overridable flag for QML WebEngineCertificateError typeKirill Burtsev2019-08-294-7/+7
| | | | | | | | | Also remove confusion inside CertificateErrorController constructor and overridable method by matching documentation for AllowCertificateError method of ContentBrowserClient api. Change-Id: I7e10ef71a4429dcf5acc4b714a8a45f67a2ec684 Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
* Fix WebEngineView.findText with a callback doc parameter descriptionKirill Burtsev2019-08-281-6/+5
| | | | | | Change-Id: I6415ccd9486433d6c449ea0d18b65f354e4bcd42 Reviewed-by: Leena Miettinen <riitta-leena.miettinen@qt.io> Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
* Update ChromiumJüri Valdmann2019-08-211-0/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This pulls in the following changes: a90e18d2d30 [Backport] Security bug 983938 0699308555b [Backport] Security bug 976050 852040586ec [Backport] Security bug 983850 a9f2f201ec6 [Backport] Security bug 973893 4bc95ce8486 [Backport] Security bug 958717 456aa9409ea [Backport] CVE-2019-5856 8ad3193acea [Backport] CVE-2019-5852 c1a19035306 [Backport] CVE-2019-5854 de78692c035 [Backport] CVE-2019-5855 ac7d5d7df5a [Backport] CVE-2019-5851 81417ff67b7 [Backport] Critical security issue 977057 ffbd836a7c8 [Backport] CVE-2019-5857 6693cf14341 [Backport] CVE-2019-5860 134a78ac91b [Backport] Security bug 981602 e981e2326a8 [Backport] CVE-2019-5865 b814b7b7d71 [Backport] CVE-2019-5862 1/4 dbb531a8212 [Backport] CVE-2019-5862 2/4 8502a1f7be2 [Backport] CVE-2019-5862 3/4 b71efe4a834 [Backport] CVE-2019-5862 4/4 d377f182ec3 [Backport] CVE-2019-5861 1/2 e13a9847f21 [Backport] CVE-2019-5861 2/2 4d84676d74a [Backport] Security bug 974627 d0d509db8c7 [Backport] Security bug 961674 691d632f7af [Backport] Security bug 960785 bdb7acb5afd [Backport] Security bug 964002 6e2562dd1ef Fix build with recent linux kernel. 7a779d01607 Fix skcms build with avx Fixes: QTBUG-77402 Change-Id: Ib9fe63c806149c299714bb1f76e4adf2877389d5 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Update ChromiumMichal Klocek2019-08-051-0/+0
| | | | | | | | | | | | | | Pulls in following changes: * f7765bc8 [Backport] Security bug 959518 * 3b775d71 [Backport] CVE-2019-5842 * 05e857bc [Backport] Security bug 934161 * a57309fa [Backport] Security bug 950005 * b0859392 [Backport] Security bug 948172 Task-number: QTBUG-76207 Change-Id: I54fb67a97564b24f34c58b93b048b347f01dc306 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Update ChromiumMichal Klocek2019-08-041-0/+0
| | | | | | | | | | | | | | Pulls in following changes: * 7a9ec163 [Backport] Security bug 962083 * 7242b69e [Backport] Security bug 948944 * a0218a0c [Backport] Security bug 952849 * 3d7891fd [Backport] Security bug 956625 * 7b993cc6 [Backport] Security bug 958457 Task-number: QTBUG-76207 Change-Id: I5753e64d396098a481da8d06a47560e4ba46bfb1 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Update ChromiumMichal Klocek2019-08-041-0/+0
| | | | | | | | | | | | | | | Pulls in following changes: * c5c158eb [Backport] Security bug 958689 * a33c416a [Backport] Security bug 959193 1/2 * e339bd3a [Backport] Security bug 959193 2/2 * 44d5ec60 [Backport] Security bug 961597 * 33647d6f [Backport] Security bug 939644 * dd0c0a92 [Backport] Security bug 948228 Task-number: QTBUG-76207 Change-Id: I4ba94d0ee4fac31ea36688dcfa5d12905c9ec5f2 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Fix tooltip text wrappingTamas Zakor2019-07-252-4/+6
| | | | | | | | Also set the hiding delay to a reasonable time. Fixes: QTBUG-76122 Change-Id: Id971edbd9fb87cc96df53f73f2e7c61bde5855ef Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Fix use-after-free of HostResolverJüri Valdmann2019-07-242-1/+3
| | | | | | | | | Create one HostResolver per profile to avoid use-after-free in NetworkHintsMessageFilter (5.12) or NetworkContext (5.13). Fixes: QTBUG-75884 Change-Id: Ic1a2973b4fb0aed6bd0fa1bb9a1d7c3012c30fe0 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Update ChromiumMichal Klocek2019-07-221-0/+0
| | | | | | | | | | | | | | | | | | | | Pulls in following changes: * 0a0221c [Backport] CVE-2019-5839 * 3c46be6 [Backport] CVE-2019-5837 4/4 * c23cb87 [Backport] CVE-2019-5837 3/4 * f123d13 [Backport] CVE-2019-5837 2/4 * 10d98e6 [Backport] CVE-2019-5837 1/4 * 8ffc041 [Backport] CVE-2019-5832 * a97fa0a [Backport] CVE-2019-5831 * ec89d97 [Backport] CVE-2019-5829 * 2323dc9 Fix segfaults with arm 32bit on metrics * 6f3c15d Bump V8 patch level * e8eec84 Fix changing should_override_user_agent_in_new_tabs_ Task-number: QTBUG-76207 Change-Id: Ifc6b76ae4b253a7ea385398bfdc1bc0fcf699de7 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Doc: Edit docs on script injectionLeena Miettinen2019-07-226-12/+21
| | | | | | Task-number: QTBUG-76489 Change-Id: If489ebed802d273b0015bc6cfc190d948c4896e3 Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
* Fix use-after-free in WebContentsAdapter::loadJüri Valdmann2019-07-181-3/+7
| | | | | | | | | Pass WebContentsAdapter pointer to lambda via QWeakPointer in case the adapter has been deleted already. Fixes: QTBUG-76958 Change-Id: I1962ba3dd1794a27e7013a2ad1b729fe7a08c079 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
* Reset findText reply id on StopFinding to prevent callback laterKirill Burtsev2019-07-163-1/+4
| | | | | | | | | Not updating lastReceivedFindReply caused next findText call after StopFinding to trigger redundant callback call on checking stale query. Fixes: QTBUG-77029 Change-Id: Iad4b71364ecb3ec3db3096b739e77620d12731f9 Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
* Do not proceed with uninitialized resourcesMichal Klocek2019-07-121-4/+4
| | | | | | | | | | | | QRC files can be optimized with CONFIG+=qtquickcompiler and removed, in that case 'size' of resource is zero. Do not process 'empty' resources. Throw warning. Fixes: QTBUG-76403 Change-Id: If21ff698e7985f82e6456500d4d24cb366cff012 Reviewed-by: Kai Koehne <kai.koehne@qt.io>
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-17 23:09:46 +0000