[prev in list] [next in list] [prev in thread] [next in thread] 

List:       fedora-devel-list
Subject:    Re: [security] only latest Qt 5.14.1 has all fixes
From:       Rex Dieter <rdieter () math ! unl ! edu>
Date:       2020-01-28 21:57:05
Message-ID: r0qani$13rb$1 () ciao ! gmane ! io
[Download RAW message or body]

Kevin Kofler wrote:

> Rex Dieter wrote:
>> Latest CVE there has a backported fix applied to fedora's packaging, and
>> is currently in bodhi updates-testing,
>> https://bodhi.fedoraproject.org/updates/FEDORA-2020-9139ba5469
>> https://bodhi.fedoraproject.org/updates/FEDORA-2020-e9b85978d4
> 
> But that's only QtBase. QtWebEngine has dozens of security fixes again in
> 5.14.0 and 5.14.1 and our package is stuck on 5.13.2. (5.14.0 adds the
> fixes from Chrom* 78, 5.14.1 the ones from Chrom* 79. 5.13.2 only has
> security fixes up to Chrom* 77.)

QtBase was the primary CVE mentioned in the original link.

QtWebengine packaging is less restricted as far as updates and pretty sure 
that wasn't the point of the original post.

-- Rex
_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org

[prev in list] [next in list] [prev in thread] [next in thread]