GLSA 202501-09: QtWebEngine: Multiple Vulnerabilities
Severity: | high |
Title: | QtWebEngine: Multiple Vulnerabilities |
Date: | 01/23/2025 |
Bugs: |
|
ID: | 202501-09 |
Synopsis
Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.Background
QtWebEngine is a library for rendering dynamic web content in Qt5 and Qt6 C++ and QML applications.
Affected packages
Package | Vulnerable | Unaffected | Architecture(s) |
---|---|---|---|
dev-qt/qtwebengine | < 5.15.16_p20241115 | >= 5.15.16_p20241115 | All supported architectures |
Description
Multiple vulnerabilities have been discovered in QtWebEngine. Please review the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All QtWebEngine users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-qt/qtwebengine-5.15.16_p20241115"
References
CVE-2024-45492 CVE-2024-45491 CVE-2024-45490 CVE-2024-10827 CVE-2024-10826 CVE-2024-10231 CVE-2024-10230 CVE-2024-10229 CVE-2024-9603 CVE-2024-9602 CVE-2024-9123 CVE-2024-9122 CVE-2024-9121 CVE-2024-9120 CVE-2024-8639 CVE-2024-8638 CVE-2024-8637 CVE-2024-8636 CVE-2024-8198 CVE-2024-8194 CVE-2024-8193 CVE-2024-8035 CVE-2024-8034 CVE-2024-8033 CVE-2024-7981 CVE-2024-7980 CVE-2024-7979 CVE-2024-7978 CVE-2024-7977 CVE-2024-7976 CVE-2024-7975 CVE-2024-7974 CVE-2024-7973 CVE-2024-7972 CVE-2024-7971 CVE-2024-7969 CVE-2024-7968 CVE-2024-7967 CVE-2024-7966 CVE-2024-7965 CVE-2024-7964 CVE-2024-7550 CVE-2024-7536 CVE-2024-7535 CVE-2024-7534 CVE-2024-7533 CVE-2024-7532 CVE-2024-7005 CVE-2024-7004 CVE-2024-7003 CVE-2024-7001 CVE-2024-7000 CVE-2024-6999 CVE-2024-6998 CVE-2024-6997 CVE-2024-6996 CVE-2024-6995 CVE-2024-6994 CVE-2024-6991 CVE-2024-6989 CVE-2024-6988 CVE-2024-6293 CVE-2024-6292 CVE-2024-6291 CVE-2024-6290 CVE-2024-5847 CVE-2024-5846 CVE-2024-5845 CVE-2024-5844 CVE-2024-5843 CVE-2024-5842 CVE-2024-5841 CVE-2024-5840 CVE-2024-5839 CVE-2024-5838 CVE-2024-5837 CVE-2024-5836 CVE-2024-5835 CVE-2024-5834 CVE-2024-5833 CVE-2024-5832 CVE-2024-5831 CVE-2024-5830 CVE-2024-5160 CVE-2024-5159 CVE-2024-5158 CVE-2024-5157 CVE-2024-4761 CVE-2024-4559 CVE-2024-4558 CVE-2024-4060 CVE-2024-4059 CVE-2024-4058
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.