[qutebrowser] Chromium Zero-days (CVE-2019-13720 and -13721)
me at the-compiler.org
Fri Nov 1 20:36:50 CET 2019
There's currently news going around of two Chromium Zero-Days, one of them
being actively exploited in the wild:
qutebrowser likely is unaffected by the PDFium one (as it disables the PDF
viewer, even with Qt 5.13). It's likely affected by the WebAudio one though,
and I don't see a way to turn WebAudio off (other than disabling JS).
Fixes for both will land in Qt 5.12.6 and 5.14.0 (there likely isn't going to
be a 5.13.3). I've also reported this to Arch and a fix landed in qt5-webengine
5.13.1-3 (and 5.13.2-2 in [testing]).
https://www.qutebrowser.org | me at the-compiler.org (Mail/XMPP)
GPG: 916E B0C8 FD55 A072 | https://the-compiler.org/pubkey.asc
I love long mails! | https://email.is-not-s.ms/
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: not available
More information about the qutebrowser