packages/qt6-qtwebengine
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

CVE-2023-6112

Browse Source
This commit is contained in:
peijiankang 2024-01-30 09:56:02 +08:00
parent 96caa06a41
commit 0859af6a24
2 changed files with 36 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
CVE-2023-6112.patch Normal file
View File

@ -0,0 +1,29 @@
From b727ffde2b4ffe8b979927d6dc9f056eb916a8b8 Mon Sep 17 00:00:00 2001
From: peijiankang <peijiankang@kylinos.cn>
Date: Tue, 30 Jan 2024 09:43:39 +0800
Subject: [PATCH] CVE-2023-6112
---
.../content/browser/loader/navigation_url_loader_impl.cc | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/3rdparty/chromium/content/browser/loader/navigation_url_loader_impl.cc b/src/3rdparty/chromium/content/browser/loader/navigation_url_loader_impl.cc
index f54cfd9a6..41c78e2fe 100644
--- a/src/3rdparty/chromium/content/browser/loader/navigation_url_loader_impl.cc
+++ b/src/3rdparty/chromium/content/browser/loader/navigation_url_loader_impl.cc
@@ -560,10 +560,10 @@ void NavigationURLLoaderImpl::MaybeStartLoader(
next_interceptor->MaybeCreateLoader(
*resource_request_, browser_context_,
base::BindOnce(&NavigationURLLoaderImpl::MaybeStartLoader,
- base::Unretained(this), next_interceptor),
+ weak_factory_.GetWeakPtr(), next_interceptor),
base::BindOnce(
&NavigationURLLoaderImpl::FallbackToNonInterceptedRequest,
- base::Unretained(this)));
+ weak_factory_.GetWeakPtr()));
return;
}
--
2.41.0

9
qt6-qtwebengine.spec
View File

@ -38,7 +38,7 @@
Summary: Qt6 - QtWebEngine components Summary: Qt6 - QtWebEngine components
Name: qt6-qtwebengine Name: qt6-qtwebengine
Version: 6.5.0 Version: 6.5.0
Release: 3 Release: 5
# See LICENSE.GPL LICENSE.LGPL LGPL_EXCEPTION.txt, for details # See LICENSE.GPL LICENSE.LGPL LGPL_EXCEPTION.txt, for details
# See also http://qt-project.org/doc/qt-5.0/qtdoc/licensing.html # See also http://qt-project.org/doc/qt-5.0/qtdoc/licensing.html
@ -79,7 +79,8 @@ Patch100: qtwebengine-webrtc-dlopen-h264.patch
## Upstreamable patches: ## Upstreamable patches:
Patch110: qtwebengine-blink-dlopen-h264.patch Patch110: qtwebengine-blink-dlopen-h264.patch
#https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/518607
Patch111: CVE-2023-6112.patch
# handled by qt6-srpm-macros, which defines %%qt6_qtwebengine_arches # handled by qt6-srpm-macros, which defines %%qt6_qtwebengine_arches
# FIXME use/update qt6_qtwebengine_arches # FIXME use/update qt6_qtwebengine_arches
# 32-bit arches not supported (https://bugreports.qt.io/browse/QTBUG-102143) # 32-bit arches not supported (https://bugreports.qt.io/browse/QTBUG-102143)
@ -340,6 +341,7 @@ popd
## upstreamable patches ## upstreamable patches
%patch110 -p1 -b .blink-dlopen-h264 %patch110 -p1 -b .blink-dlopen-h264
%patch111 -p1
# delete all "toolprefix = " lines from build/toolchain/linux/BUILD.gn, as we # delete all "toolprefix = " lines from build/toolchain/linux/BUILD.gn, as we
# never cross-compile in native Fedora RPMs, fixes ARM and aarch64 FTBFS # never cross-compile in native Fedora RPMs, fixes ARM and aarch64 FTBFS
@ -594,6 +596,9 @@ done
%changelog %changelog
* Tue Jan 30 2024 peijiankang <peijiankang@kylinos.cn> - 6.5.0-5
- CVE-2023-6112.patch
* Fri Dec 08 2023 peijiankang <peijiankang@kylinos.cn> - 6.5.0-4 * Fri Dec 08 2023 peijiankang <peijiankang@kylinos.cn> - 6.5.0-4
- fix build error about re2 - fix build error about re2