Security update for qutebrowser
This update for qutebrowser fixes the following issues:
Security issue fixed:
- CVE-2018-1000559: Fix an XSS issue on qute://history (boo#1101507).
- CVE-2018-10895: Fix CSRF issue on the qute://settings page (boo#1100968).
-
Submitted by
Alexei Sorokin (XRevan86)
Fixed bugs
bnc#1101507
VUL-0: CVE-2018-1000559: qutebrowser: Cross Site Scripting (XSS) vulnerability in history command
bnc#1100968
VUL-0: CVE-2018-10895: qutebrowser: Cross-site request forgery flaw allows sites to access 'qute://*' URLs and execute arbitrary code
