Overview
Request 618471 superseded
- Update to version 1.3.3:
Security:
* An XSS vulnerability on the qute://history page allowed
websites to inject HTML into the page via a crafted title
tag. This could allow them to steal your browsing history.
If you're currently unable to upgrade, avoid using :history.
A CVE request for this issue is pending.
Fixed:
* Crash in a workaround for a Qt 5.11 bug in rare
circumstances.
* Workaround for a Qt bug which preserves searches between page
loads.
- Created by lachs0r
- In state superseded
- Superseded by 618472
-
Open review for
opensuse-review-team
-
Open review for
repo-checker
- Open review for openSUSE:Factory:Staging:adi:38
Request History
lachs0r created request
- Update to version 1.3.3:
Security:
* An XSS vulnerability on the qute://history page allowed
websites to inject HTML into the page via a crafted title
tag. This could allow them to steal your browsing history.
If you're currently unable to upgrade, avoid using :history.
A CVE request for this issue is pending.
Fixed:
* Crash in a workaround for a Qt 5.11 bug in rare
circumstances.
* Workaround for a Qt bug which preserves searches between page
loads.
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto added repo-checker as a reviewer
Please review build success
factory-auto accepted review
Check script succeeded
licensedigger accepted review
ok
staging-bot added as a reviewer
Being evaluated by staging project "openSUSE:Factory:Staging:adi:38"
staging-bot accepted review
Picked openSUSE:Factory:Staging:adi:38