FERRAMENTAS LINUX: Atualização de segurança do Gentoo para corrigir as vulnerabilidades múltiplas no Qt WebEngine, aviso Gentoo: GLSA-202101-30

Confira !!

Várias vulnerabilidades foram encontradas no Qt WebEngine, a pior das quais pode resultar na execução arbitrária de código.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Gentoo Linux Security Advisory GLSA 202101-30

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

https://security.gentoo.org/

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Gravidade: normal

Título: Qt WebEngine: vulnerabilidades múltiplas

Data: 26 de janeiro de 2021

Bugs: # 734600, # 754852

ID: 202101-30

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Sinopse

========

Várias vulnerabilidades foram encontradas no Qt WebEngine, a pior das

o que pode resultar na execução arbitrária do código.

background

==========

Biblioteca para renderização de conteúdo dinâmico da web em Qt5 C ++ e QML

formulários.

Pacotes afetados

=================

-------------------------------------------------- -----------------

Pacote / Vulnerável / Não afetado

-------------------------------------------------- -----------------

1 dev-qt / qtwebengine <5.15.2> = 5.15.2

Descrição

===========

Várias vulnerabilidades foram descobertas no Qt WebEngine. Por favor

reveja os identificadores CVE mencionados abaixo para obter detalhes.

Impacto

======

Reveja os identificadores CVE referenciados para obter detalhes.

Workaround

==========

Não existe nenhuma solução conhecida neste momento.

Resolução

==========

Todos os usuários do Qt WebEngine devem atualizar para a versão mais recente:

# emerge --sync

# emerge --ask --oneshot --verbose "> = dev-qt / qtwebengine-5.15.2"

Referências

==========

[1] CVE-2020-15959

https://nvd.nist.gov/vuln/detail/CVE-2020-15959

[2] CVE-2020-15959

https://nvd.nist.gov/vuln/detail/CVE-2020-15959

[3] CVE-2020-15960

https://nvd.nist.gov/vuln/detail/CVE-2020-15960

[4] CVE-2020-15960

https://nvd.nist.gov/vuln/detail/CVE-2020-15960

[5] CVE-2020-15961

https://nvd.nist.gov/vuln/detail/CVE-2020-15961

[6] CVE-2020-15961

https://nvd.nist.gov/vuln/detail/CVE-2020-15961

[7] CVE-2020-15962

https://nvd.nist.gov/vuln/detail/CVE-2020-15962

[8] CVE-2020-15962

https://nvd.nist.gov/vuln/detail/CVE-2020-15962

[9] CVE-2020-15963

https://nvd.nist.gov/vuln/detail/CVE-2020-15963

[10] CVE-2020-15963

https://nvd.nist.gov/vuln/detail/CVE-2020-15963

[11] CVE-2020-15964

https://nvd.nist.gov/vuln/detail/CVE-2020-15964

[12] CVE-2020-15964

https://nvd.nist.gov/vuln/detail/CVE-2020-15964

[13] CVE-2020-15965

https://nvd.nist.gov/vuln/detail/CVE-2020-15965

[14] CVE-2020-15965

https://nvd.nist.gov/vuln/detail/CVE-2020-15965

[15] CVE-2020-15966

https://nvd.nist.gov/vuln/detail/CVE-2020-15966

[16] CVE-2020-15966

https://nvd.nist.gov/vuln/detail/CVE-2020-15966

[17] CVE-2020-15968

https://nvd.nist.gov/vuln/detail/CVE-2020-15968

[18] CVE-2020-15968

https://nvd.nist.gov/vuln/detail/CVE-2020-15968

[19] CVE-2020-15969

https://nvd.nist.gov/vuln/detail/CVE-2020-15969

[20] CVE-2020-15969

https://nvd.nist.gov/vuln/detail/CVE-2020-15969

[21] CVE-2020-15972

https://nvd.nist.gov/vuln/detail/CVE-2020-15972

[22] CVE-2020-15972

https://nvd.nist.gov/vuln/detail/CVE-2020-15972

[23] CVE-2020-15974

https://nvd.nist.gov/vuln/detail/CVE-2020-15974

[24] CVE-2020-15974

https://nvd.nist.gov/vuln/detail/CVE-2020-15974

[25] CVE-2020-15976

https://nvd.nist.gov/vuln/detail/CVE-2020-15976

[26] CVE-2020-15976

https://nvd.nist.gov/vuln/detail/CVE-2020-15976

[27] CVE-2020-15977

https://nvd.nist.gov/vuln/detail/CVE-2020-15977

[28] CVE-2020-15977

https://nvd.nist.gov/vuln/detail/CVE-2020-15977

[29] CVE-2020-15978

https://nvd.nist.gov/vuln/detail/CVE-2020-15978

[30] CVE-2020-15978

https://nvd.nist.gov/vuln/detail/CVE-2020-15978

[31] CVE-2020-15979

https://nvd.nist.gov/vuln/detail/CVE-2020-15979

[32] CVE-2020-15979

https://nvd.nist.gov/vuln/detail/CVE-2020-15979

[33] CVE-2020-15985

https://nvd.nist.gov/vuln/detail/CVE-2020-15985

[34] CVE-2020-15985

https://nvd.nist.gov/vuln/detail/CVE-2020-15985

[35] CVE-2020-15987

https://nvd.nist.gov/vuln/detail/CVE-2020-15987

[36] CVE-2020-15987

https://nvd.nist.gov/vuln/detail/CVE-2020-15987

[37] CVE-2020-15989

https://nvd.nist.gov/vuln/detail/CVE-2020-15989

[38] CVE-2020-15989

https://nvd.nist.gov/vuln/detail/CVE-2020-15989

[39] CVE-2020-15992

https://nvd.nist.gov/vuln/detail/CVE-2020-15992

[40] CVE-2020-15992

https://nvd.nist.gov/vuln/detail/CVE-2020-15992

[41] CVE-2020-16001

https://nvd.nist.gov/vuln/detail/CVE-2020-16001

[42] CVE-2020-16001

https://nvd.nist.gov/vuln/detail/CVE-2020-16001

[43] CVE-2020-16002

https://nvd.nist.gov/vuln/detail/CVE-2020-16002

[44] CVE-2020-16002

https://nvd.nist.gov/vuln/detail/CVE-2020-16002

[45] CVE-2020-16003

https://nvd.nist.gov/vuln/detail/CVE-2020-16003

[46] CVE-2020-16003

https://nvd.nist.gov/vuln/detail/CVE-2020-16003

[47] CVE-2020-6467

https://nvd.nist.gov/vuln/detail/CVE-2020-6467

[48] CVE-2020-6467

https://nvd.nist.gov/vuln/detail/CVE-2020-6467

[49] CVE-2020-6470

https://nvd.nist.gov/vuln/detail/CVE-2020-6470

[50] CVE-2020-6470

https://nvd.nist.gov/vuln/detail/CVE-2020-6470

[51] CVE-2020-6471

https://nvd.nist.gov/vuln/detail/CVE-2020-6471

[52] CVE-2020-6471

https://nvd.nist.gov/vuln/detail/CVE-2020-6471

[53] CVE-2020-6472

https://nvd.nist.gov/vuln/detail/CVE-2020-6472

[54] CVE-2020-6473

https://nvd.nist.gov/vuln/detail/CVE-2020-6473

[55] CVE-2020-6474

https://nvd.nist.gov/vuln/detail/CVE-2020-6474

[56] CVE-2020-6475

https://nvd.nist.gov/vuln/detail/CVE-2020-6475

[57] CVE-2020-6476

https://nvd.nist.gov/vuln/detail/CVE-2020-6476

[58] CVE-2020-6480

https://nvd.nist.gov/vuln/detail/CVE-2020-6480

[59] CVE-2020-6481

https://nvd.nist.gov/vuln/detail/CVE-2020-6481

[60] CVE-2020-6482

https://nvd.nist.gov/vuln/detail/CVE-2020-6482

[61] CVE-2020-6483

https://nvd.nist.gov/vuln/detail/CVE-2020-6483

[62] CVE-2020-6486

https://nvd.nist.gov/vuln/detail/CVE-2020-6486

[63] CVE-2020-6487

https://nvd.nist.gov/vuln/detail/CVE-2020-6487

[64] CVE-2020-6489

https://nvd.nist.gov/vuln/detail/CVE-2020-6489

[65] CVE-2020-6490

https://nvd.nist.gov/vuln/detail/CVE-2020-6490

[66] CVE-2020-6506

https://nvd.nist.gov/vuln/detail/CVE-2020-6506

[67] CVE-2020-6510

https://nvd.nist.gov/vuln/detail/CVE-2020-6510

[68] CVE-2020-6511

https://nvd.nist.gov/vuln/detail/CVE-2020-6511

[69] CVE-2020-6512

https://nvd.nist.gov/vuln/detail/CVE-2020-6512

[70] CVE-2020-6513

https://nvd.nist.gov/vuln/detail/CVE-2020-6513

[71] CVE-2020-6514

https://nvd.nist.gov/vuln/detail/CVE-2020-6514

[72] CVE-2020-6518

https://nvd.nist.gov/vuln/detail/CVE-2020-6518

[73] CVE-2020-6523

https://nvd.nist.gov/vuln/detail/CVE-2020-6523

[74] CVE-2020-6524

https://nvd.nist.gov/vuln/detail/CVE-2020-6524

[75] CVE-2020-6526

https://nvd.nist.gov/vuln/detail/CVE-2020-6526

[76] CVE-2020-6529

https://nvd.nist.gov/vuln/detail/CVE-2020-6529

[77] CVE-2020-6530

https://nvd.nist.gov/vuln/detail/CVE-2020-6530

[78] CVE-2020-6531

https://nvd.nist.gov/vuln/detail/CVE-2020-6531

[79] CVE-2020-6532

https://nvd.nist.gov/vuln/detail/CVE-2020-6532

[80] CVE-2020-6533

https://nvd.nist.gov/vuln/detail/CVE-2020-6533

[81] CVE-2020-6534

https://nvd.nist.gov/vuln/detail/CVE-2020-6534

[82] CVE-2020-6535

https://nvd.nist.gov/vuln/detail/CVE-2020-6535

[83] CVE-2020-6540

https://nvd.nist.gov/vuln/detail/CVE-2020-6540

[84] CVE-2020-6541

https://nvd.nist.gov/vuln/detail/CVE-2020-6541

[85] CVE-2020-6542

https://nvd.nist.gov/vuln/detail/CVE-2020-6542

[86] CVE-2020-6543

https://nvd.nist.gov/vuln/detail/CVE-2020-6543

[87] CVE-2020-6544

https://nvd.nist.gov/vuln/detail/CVE-2020-6544

[88] CVE-2020-6545

https://nvd.nist.gov/vuln/detail/CVE-2020-6545

[89] CVE-2020-6548

https://nvd.nist.gov/vuln/detail/CVE-2020-6548

[90] CVE-2020-6549

https://nvd.nist.gov/vuln/detail/CVE-2020-6549

[91] CVE-2020-6550

https://nvd.nist.gov/vuln/detail/CVE-2020-6550

[92] CVE-2020-6551

https://nvd.nist.gov/vuln/detail/CVE-2020-6551

[93] CVE-2020-6555

https://nvd.nist.gov/vuln/detail/CVE-2020-6555

[94] CVE-2020-6557

https://nvd.nist.gov/vuln/detail/CVE-2020-6557

[95] CVE-2020-6559

https://nvd.nist.gov/vuln/detail/CVE-2020-6559

[96] CVE-2020-6561

https://nvd.nist.gov/vuln/detail/CVE-2020-6561

[97] CVE-2020-6562

https://nvd.nist.gov/vuln/detail/CVE-2020-6562

[98] CVE-2020-6569

https://nvd.nist.gov/vuln/detail/CVE-2020-6569

[99] CVE-2020-6570

https://nvd.nist.gov/vuln/detail/CVE-2020-6570

[100] CVE-2020-6571

https://nvd.nist.gov/vuln/detail/CVE-2020-6571

[101] CVE-2020-6573

https://nvd.nist.gov/vuln/detail/CVE-2020-6573

[102] CVE-2020-6575

https://nvd.nist.gov/vuln/detail/CVE-2020-6575

[103] CVE-2020-6576

https://nvd.nist.gov/vuln/detail/CVE-2020-6576

Disponibilidade

============

Este GLSA e quaisquer atualizações estão disponíveis para visualização em

o site de segurança do Gentoo:

https://security.gentoo.org/glsa/202101-30

Preocupações?

=========

A segurança é o foco principal do Gentoo Linux e garantindo o

confidencialidade e segurança das máquinas de nossos usuários é o máximo

importância para nós. Quaisquer questões de segurança devem ser encaminhadas para

security@gentoo.org ou alternativamente, você pode registrar um bug em

https://bugs.gentoo.org.

Licença

=======

pertence ao (s) seu (s) proprietário (s).

O conteúdo deste documento está licenciado sob a

Creative Commons - Licença de atribuição / compartilhamento semelhante.

https://creativecommons.org/licenses/by-sa/2.5

Fonte

Até a próxima !!

Páginas

terça-feira, 26 de janeiro de 2021

Atualização de segurança do Gentoo para corrigir as vulnerabilidades múltiplas no Qt WebEngine, aviso Gentoo: GLSA-202101-30

Nenhum comentário:

Postar um comentário