New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
qtwebengine: add patch for CVE-2019-13720 #72794
Conversation
Whoops, this patch does not apply to the source as it is |
I think it should be okay now, maybe someone else can look into patches for older versions of qtwebengine, but I think this one is most important. |
Meh, still broken: Does fetchpatch provide an option to remove the directory prefix (a/b) after adding the extraPrefix? |
|
Ah, got it. Thanks for the help. |
nix-review report:
The spyder failure is pre-existing in current master. Aside from that - is there an alternative link/resource we could provide in the comment? The currently provided one requires a login. |
Thanks for running nix-review. I think it is critical that we can ship this soon, since it is a remote arbitrary code execution in browsers that some of us use being exploited in the wild. The maintainers or members of the security team can push changes to my branch as they see fit. |
Let's ping @globin @andir @worldofpeace additionally. |
Thanks, also testing backports |
Motivation for this change
Things done
sandbox
innix.conf
on non-NixOS linux)nix-shell -p nix-review --run "nix-review wip"
./result/bin/
)nix path-info -S
before and after)Notify maintainers
CC qt maintainers @qknight @ttuegel @periklis @bkchr
CC security team @grahamc @fpletz @domenkozar