Google has recently reported that Chromium has a security issue - Type 
confusion in the V8 JavaScript engine - which is reported in a bit more detail 
here: 
https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_25.html.
 This has been assigned the CVE id CVE-2022-1096.

This effects QtWebEngine as well since it is using Chromium to provide that 
functionality. Therefore as a result Qt needs to be patched as well to fix this 
problem. There is no workaround for this so the only solution is to apply the 
patch.

Solution: Apply the patch or update to Qt 5.15.9, Qt 6.2.5 or Qt 6.3.0.

Patches:

Qt 6.3: 
https://download.qt.io/official_releases/qt/6.3/CVE-2022-1096-qtwebengine-6.3.diff
Qt 6.2: 
https://download.qt.io/official_releases/qt/6.2/CVE-2022-1096-qtwebengine-6.2.diff
Qt 5.15: 
https://download.qt.io/official_releases/qt/5.15/CVE-2022-1096-qtwebengine-5.15.diff

Kind regards,
Andy
--
Andy Shaw
Senior Manager Customer Support
The Qt Company

_______________________________________________
Announce mailing list
annou...@qt-project.org
https://lists.qt-project.org/listinfo/announce
_______________________________________________
Development mailing list
Development@qt-project.org
https://lists.qt-project.org/listinfo/development

Reply via email to