This update fix CVE-2018-10895  and a few minor bugs.
 : Due to a CSRF vulnerability affecting the
qute://settings page, it was
possible for websites to modify qutebrowser settings. Via settings like
editor.command, this possibly allowed websites to execute arbitrary code.
This version fix compatibility issues with qtwebengine 5.11.x, add support for page printing, tab muting, third-party cookie blocking and has the web inspector "enabled" (does not require
--enable-webengine-inspector) by default. It also ships a few bugfixes and changes.
|submitted||10 days ago|
|in testing||10 days ago|
|in stable||2 days ago|
|modified||9 days ago|
|0||0||#1600289 CVE-2018-10895 qutebrowser: Cross-site request forgery flaw allows sites to access 'qute://*' URLs and execute arbitrary code [fedora-all]|
Test results and gating status may sometimes conflict as the gating status is retrieved periodically by Bodhi's backend server, while the test results presented here are retrieved upon page load. If your update is marked as gated while all the tests show green/passed, the next check of gating status should open the gate.