Confira !!
Várias vulnerabilidades foram encontradas no Qt WebEngine, a pior das quais pode resultar na execução arbitrária de código.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 202101-30
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gravidade: normal
Título: Qt WebEngine: vulnerabilidades múltiplas
Data: 26 de janeiro de 2021
Bugs: # 734600, # 754852
ID: 202101-30
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Sinopse
========
Várias vulnerabilidades foram encontradas no Qt WebEngine, a pior das
o que pode resultar na execução arbitrária do código.
background
==========
Biblioteca para renderização de conteúdo dinâmico da web em Qt5 C ++ e QML
formulários.
Pacotes afetados
=================
-------------------------------------------------- -----------------
Pacote / Vulnerável / Não afetado
-------------------------------------------------- -----------------
1 dev-qt / qtwebengine <5.15.2> = 5.15.2
Descrição
===========
Várias vulnerabilidades foram descobertas no Qt WebEngine. Por favor
reveja os identificadores CVE mencionados abaixo para obter detalhes.
Impacto
======
Reveja os identificadores CVE referenciados para obter detalhes.
Workaround
==========
Não existe nenhuma solução conhecida neste momento.
Resolução
==========
Todos os usuários do Qt WebEngine devem atualizar para a versão mais recente:
# emerge --sync
# emerge --ask --oneshot --verbose "> = dev-qt / qtwebengine-5.15.2"
Referências
==========
[1] CVE-2020-15959
https://nvd.nist.gov/vuln/detail/CVE-2020-15959
[2] CVE-2020-15959
https://nvd.nist.gov/vuln/detail/CVE-2020-15959
[3] CVE-2020-15960
https://nvd.nist.gov/vuln/detail/CVE-2020-15960
[4] CVE-2020-15960
https://nvd.nist.gov/vuln/detail/CVE-2020-15960
[5] CVE-2020-15961
https://nvd.nist.gov/vuln/detail/CVE-2020-15961
[6] CVE-2020-15961
https://nvd.nist.gov/vuln/detail/CVE-2020-15961
[7] CVE-2020-15962
https://nvd.nist.gov/vuln/detail/CVE-2020-15962
[8] CVE-2020-15962
https://nvd.nist.gov/vuln/detail/CVE-2020-15962
[9] CVE-2020-15963
https://nvd.nist.gov/vuln/detail/CVE-2020-15963
[10] CVE-2020-15963
https://nvd.nist.gov/vuln/detail/CVE-2020-15963
[11] CVE-2020-15964
https://nvd.nist.gov/vuln/detail/CVE-2020-15964
[12] CVE-2020-15964
https://nvd.nist.gov/vuln/detail/CVE-2020-15964
[13] CVE-2020-15965
https://nvd.nist.gov/vuln/detail/CVE-2020-15965
[14] CVE-2020-15965
https://nvd.nist.gov/vuln/detail/CVE-2020-15965
[15] CVE-2020-15966
https://nvd.nist.gov/vuln/detail/CVE-2020-15966
[16] CVE-2020-15966
https://nvd.nist.gov/vuln/detail/CVE-2020-15966
[17] CVE-2020-15968
https://nvd.nist.gov/vuln/detail/CVE-2020-15968
[18] CVE-2020-15968
https://nvd.nist.gov/vuln/detail/CVE-2020-15968
[19] CVE-2020-15969
https://nvd.nist.gov/vuln/detail/CVE-2020-15969
[20] CVE-2020-15969
https://nvd.nist.gov/vuln/detail/CVE-2020-15969
[21] CVE-2020-15972
https://nvd.nist.gov/vuln/detail/CVE-2020-15972
[22] CVE-2020-15972
https://nvd.nist.gov/vuln/detail/CVE-2020-15972
[23] CVE-2020-15974
https://nvd.nist.gov/vuln/detail/CVE-2020-15974
[24] CVE-2020-15974
https://nvd.nist.gov/vuln/detail/CVE-2020-15974
[25] CVE-2020-15976
https://nvd.nist.gov/vuln/detail/CVE-2020-15976
[26] CVE-2020-15976
https://nvd.nist.gov/vuln/detail/CVE-2020-15976
[27] CVE-2020-15977
https://nvd.nist.gov/vuln/detail/CVE-2020-15977
[28] CVE-2020-15977
https://nvd.nist.gov/vuln/detail/CVE-2020-15977
[29] CVE-2020-15978
https://nvd.nist.gov/vuln/detail/CVE-2020-15978
[30] CVE-2020-15978
https://nvd.nist.gov/vuln/detail/CVE-2020-15978
[31] CVE-2020-15979
https://nvd.nist.gov/vuln/detail/CVE-2020-15979
[32] CVE-2020-15979
https://nvd.nist.gov/vuln/detail/CVE-2020-15979
[33] CVE-2020-15985
https://nvd.nist.gov/vuln/detail/CVE-2020-15985
[34] CVE-2020-15985
https://nvd.nist.gov/vuln/detail/CVE-2020-15985
[35] CVE-2020-15987
https://nvd.nist.gov/vuln/detail/CVE-2020-15987
[36] CVE-2020-15987
https://nvd.nist.gov/vuln/detail/CVE-2020-15987
[37] CVE-2020-15989
https://nvd.nist.gov/vuln/detail/CVE-2020-15989
[38] CVE-2020-15989
https://nvd.nist.gov/vuln/detail/CVE-2020-15989
[39] CVE-2020-15992
https://nvd.nist.gov/vuln/detail/CVE-2020-15992
[40] CVE-2020-15992
https://nvd.nist.gov/vuln/detail/CVE-2020-15992
[41] CVE-2020-16001
https://nvd.nist.gov/vuln/detail/CVE-2020-16001
[42] CVE-2020-16001
https://nvd.nist.gov/vuln/detail/CVE-2020-16001
[43] CVE-2020-16002
https://nvd.nist.gov/vuln/detail/CVE-2020-16002
[44] CVE-2020-16002
https://nvd.nist.gov/vuln/detail/CVE-2020-16002
[45] CVE-2020-16003
https://nvd.nist.gov/vuln/detail/CVE-2020-16003
[46] CVE-2020-16003
https://nvd.nist.gov/vuln/detail/CVE-2020-16003
[47] CVE-2020-6467
https://nvd.nist.gov/vuln/detail/CVE-2020-6467
[48] CVE-2020-6467
https://nvd.nist.gov/vuln/detail/CVE-2020-6467
[49] CVE-2020-6470
https://nvd.nist.gov/vuln/detail/CVE-2020-6470
[50] CVE-2020-6470
https://nvd.nist.gov/vuln/detail/CVE-2020-6470
[51] CVE-2020-6471
https://nvd.nist.gov/vuln/detail/CVE-2020-6471
[52] CVE-2020-6471
https://nvd.nist.gov/vuln/detail/CVE-2020-6471
[53] CVE-2020-6472
https://nvd.nist.gov/vuln/detail/CVE-2020-6472
[54] CVE-2020-6473
https://nvd.nist.gov/vuln/detail/CVE-2020-6473
[55] CVE-2020-6474
https://nvd.nist.gov/vuln/detail/CVE-2020-6474
[56] CVE-2020-6475
https://nvd.nist.gov/vuln/detail/CVE-2020-6475
[57] CVE-2020-6476
https://nvd.nist.gov/vuln/detail/CVE-2020-6476
[58] CVE-2020-6480
https://nvd.nist.gov/vuln/detail/CVE-2020-6480
[59] CVE-2020-6481
https://nvd.nist.gov/vuln/detail/CVE-2020-6481
[60] CVE-2020-6482
https://nvd.nist.gov/vuln/detail/CVE-2020-6482
[61] CVE-2020-6483
https://nvd.nist.gov/vuln/detail/CVE-2020-6483
[62] CVE-2020-6486
https://nvd.nist.gov/vuln/detail/CVE-2020-6486
[63] CVE-2020-6487
https://nvd.nist.gov/vuln/detail/CVE-2020-6487
[64] CVE-2020-6489
https://nvd.nist.gov/vuln/detail/CVE-2020-6489
[65] CVE-2020-6490
https://nvd.nist.gov/vuln/detail/CVE-2020-6490
[66] CVE-2020-6506
https://nvd.nist.gov/vuln/detail/CVE-2020-6506
[67] CVE-2020-6510
https://nvd.nist.gov/vuln/detail/CVE-2020-6510
[68] CVE-2020-6511
https://nvd.nist.gov/vuln/detail/CVE-2020-6511
[69] CVE-2020-6512
https://nvd.nist.gov/vuln/detail/CVE-2020-6512
[70] CVE-2020-6513
https://nvd.nist.gov/vuln/detail/CVE-2020-6513
[71] CVE-2020-6514
https://nvd.nist.gov/vuln/detail/CVE-2020-6514
[72] CVE-2020-6518
https://nvd.nist.gov/vuln/detail/CVE-2020-6518
[73] CVE-2020-6523
https://nvd.nist.gov/vuln/detail/CVE-2020-6523
[74] CVE-2020-6524
https://nvd.nist.gov/vuln/detail/CVE-2020-6524
[75] CVE-2020-6526
https://nvd.nist.gov/vuln/detail/CVE-2020-6526
[76] CVE-2020-6529
https://nvd.nist.gov/vuln/detail/CVE-2020-6529
[77] CVE-2020-6530
https://nvd.nist.gov/vuln/detail/CVE-2020-6530
[78] CVE-2020-6531
https://nvd.nist.gov/vuln/detail/CVE-2020-6531
[79] CVE-2020-6532
https://nvd.nist.gov/vuln/detail/CVE-2020-6532
[80] CVE-2020-6533
https://nvd.nist.gov/vuln/detail/CVE-2020-6533
[81] CVE-2020-6534
https://nvd.nist.gov/vuln/detail/CVE-2020-6534
[82] CVE-2020-6535
https://nvd.nist.gov/vuln/detail/CVE-2020-6535
[83] CVE-2020-6540
https://nvd.nist.gov/vuln/detail/CVE-2020-6540
[84] CVE-2020-6541
https://nvd.nist.gov/vuln/detail/CVE-2020-6541
[85] CVE-2020-6542
https://nvd.nist.gov/vuln/detail/CVE-2020-6542
[86] CVE-2020-6543
https://nvd.nist.gov/vuln/detail/CVE-2020-6543
[87] CVE-2020-6544
https://nvd.nist.gov/vuln/detail/CVE-2020-6544
[88] CVE-2020-6545
https://nvd.nist.gov/vuln/detail/CVE-2020-6545
[89] CVE-2020-6548
https://nvd.nist.gov/vuln/detail/CVE-2020-6548
[90] CVE-2020-6549
https://nvd.nist.gov/vuln/detail/CVE-2020-6549
[91] CVE-2020-6550
https://nvd.nist.gov/vuln/detail/CVE-2020-6550
[92] CVE-2020-6551
https://nvd.nist.gov/vuln/detail/CVE-2020-6551
[93] CVE-2020-6555
https://nvd.nist.gov/vuln/detail/CVE-2020-6555
[94] CVE-2020-6557
https://nvd.nist.gov/vuln/detail/CVE-2020-6557
[95] CVE-2020-6559
https://nvd.nist.gov/vuln/detail/CVE-2020-6559
[96] CVE-2020-6561
https://nvd.nist.gov/vuln/detail/CVE-2020-6561
[97] CVE-2020-6562
https://nvd.nist.gov/vuln/detail/CVE-2020-6562
[98] CVE-2020-6569
https://nvd.nist.gov/vuln/detail/CVE-2020-6569
[99] CVE-2020-6570
https://nvd.nist.gov/vuln/detail/CVE-2020-6570
[100] CVE-2020-6571
https://nvd.nist.gov/vuln/detail/CVE-2020-6571
[101] CVE-2020-6573
https://nvd.nist.gov/vuln/detail/CVE-2020-6573
[102] CVE-2020-6575
https://nvd.nist.gov/vuln/detail/CVE-2020-6575
[103] CVE-2020-6576
https://nvd.nist.gov/vuln/detail/CVE-2020-6576
Disponibilidade
============
Este GLSA e quaisquer atualizações estão disponíveis para visualização em
o site de segurança do Gentoo:
https://security.gentoo.org/glsa/202101-30
Preocupações?
=========
A segurança é o foco principal do Gentoo Linux e garantindo o
confidencialidade e segurança das máquinas de nossos usuários é o máximo
importância para nós. Quaisquer questões de segurança devem ser encaminhadas para
security@gentoo.org ou alternativamente, você pode registrar um bug em
https://bugs.gentoo.org.
Licença
=======
Copyright 2021 Gentoo Foundation, Inc; texto referenciado
pertence ao (s) seu (s) proprietário (s).
O conteúdo deste documento está licenciado sob a
Creative Commons - Licença de atribuição / compartilhamento semelhante.
https://creativecommons.org/licenses/by-sa/2.5
Fonte
Até a próxima !!
Nenhum comentário:
Postar um comentário