ubuntu-sdk-bugs team mailing list archive

Thread
Date

[Bug 1830807] [NEW] Update to bug-fix release Qt 5.9.8 to fix security issues in qtwebengine in Bionic

To: ubuntu-sdk-bugs@xxxxxxxxxxxxxxxxxxx
From: Amr Ibrahim <1830807@xxxxxxxxxxxxxxxxxx>
Date: Tue, 28 May 2019 22:29:09 -0000
Reply-to: Bug 1830807 <1830807@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Public bug reported:

https://wiki.qt.io/Qt_5.9.6_Change_Files
https://wiki.qt.io/Qt_5.9.7_Change_Files
https://wiki.qt.io/Qt_5.9.8_Change_Files

Upstream Qt 5.9 is a long-term support (LTS) release. Qt 5.9.8 is a bug-
fix release. It maintains both forward and backward compatibility
(source and binary) with Qt 5.9.0 through 5.9.7. It would be beneficial
to have Qt 5.9.8 in Bionic.

Qtwebengine 5.9.8 Changes
https://code.qt.io/cgit/qt/qtwebengine.git/tree/dist/changes-5.9.8/?h=v5.9.8

Chromium
--------
 - Security fixes from Chromium up to version 72.0.3626.121
   * CVE-2018-17462
   * CVE-2018-17469
   * CVE-2018-17471
   * CVE-2018-17474
   * CVE-2018-17476
   * CVE-2018-17481
   * CVE-2018-18336
   * CVE-2018-18337
   * CVE-2018-18339
   * CVE-2018-18340
   * CVE-2018-18342
   * CVE-2018-18343
   * CVE-2018-18345
   * CVE-2018-18347
   * CVE-2018-18349
   * CVE-2018-18356
   * CVE-2019-5756
   * CVE-2019-5758
   * CVE-2019-5759
   * CVE-2019-5764
   * CVE-2019-5786
   * Security issue 872189
   * Security issue 877843
   * Security issue 880207
   * Security issue 899689
   * Security issue 900910
   * Security issue 911253
   * Security issue 922677

The other Qt 5.8.9 components are also a bug-fix release.

** Affects: qtwebengine-opensource-src (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: bionic

** Also affects: qtbase-opensource-src (Ubuntu)
   Importance: Undecided
       Status: New

-- 
You received this bug notification because you are a member of Ubuntu
SDK bug tracking, which is subscribed to qtbase-opensource-src in
Ubuntu.
https://bugs.launchpad.net/bugs/1830807

Title:
  Update to bug-fix release Qt 5.9.8 to fix security issues in
  qtwebengine in Bionic

Status in qtwebengine-opensource-src package in Ubuntu:
  New

Bug description:
  https://wiki.qt.io/Qt_5.9.6_Change_Files
  https://wiki.qt.io/Qt_5.9.7_Change_Files
  https://wiki.qt.io/Qt_5.9.8_Change_Files

  Upstream Qt 5.9 is a long-term support (LTS) release. Qt 5.9.8 is a
  bug-fix release. It maintains both forward and backward compatibility
  (source and binary) with Qt 5.9.0 through 5.9.7. It would be
  beneficial to have Qt 5.9.8 in Bionic.

  Qtwebengine 5.9.8 Changes
  https://code.qt.io/cgit/qt/qtwebengine.git/tree/dist/changes-5.9.8/?h=v5.9.8

  Chromium
  --------
   - Security fixes from Chromium up to version 72.0.3626.121
     * CVE-2018-17462
     * CVE-2018-17469
     * CVE-2018-17471
     * CVE-2018-17474
     * CVE-2018-17476
     * CVE-2018-17481
     * CVE-2018-18336
     * CVE-2018-18337
     * CVE-2018-18339
     * CVE-2018-18340
     * CVE-2018-18342
     * CVE-2018-18343
     * CVE-2018-18345
     * CVE-2018-18347
     * CVE-2018-18349
     * CVE-2018-18356
     * CVE-2019-5756
     * CVE-2019-5758
     * CVE-2019-5759
     * CVE-2019-5764
     * CVE-2019-5786
     * Security issue 872189
     * Security issue 877843
     * Security issue 880207
     * Security issue 899689
     * Security issue 900910
     * Security issue 911253
     * Security issue 922677

  The other Qt 5.8.9 components are also a bug-fix release.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/qtwebengine-opensource-src/+bug/1830807/+subscriptions

Follow ups

[Bug 1830807] Re: Update to bug-fix release Qt 5.9.8 to fix security issues in qtwebengine in Bionic
From: Amr Ibrahim, 2019-05-28