stable

qutebrowser-1.4.1-1.fc28

FEDORA-2018-61dbd4a787 created by fnux 6 years ago for Fedora 28

This update fix CVE-2018-10895 [0] and a few minor bugs.

[0] : Due to a CSRF vulnerability affecting the qute://settings page, it was possible for websites to modify qutebrowser settings. Via settings like editor.command, this possibly allowed websites to execute arbitrary code.


This version fix compatibility issues with qtwebengine 5.11.x, add support for page printing, tab muting, third-party cookie blocking and has the web inspector "enabled" (does not require --enable-webengine-inspector) by default. It also ships a few bugfixes and changes.

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2018-61dbd4a787

This update has been submitted for testing by fnux.

6 years ago

This update has obsoleted qutebrowser-1.4.0-1.fc28, and has inherited its bugs and notes.

6 years ago

This update has been pushed to testing.

6 years ago

fnux edited this update.

6 years ago

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

5 years ago

This update has been submitted for stable by fnux.

5 years ago

This update has been pushed to stable.

5 years ago

Please login to add feedback.

Metadata
Type
security
Severity
urgent
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
disabled
Dates
submitted
6 years ago
in testing
6 years ago
in stable
5 years ago
modified
6 years ago
BZ#1600289 CVE-2018-10895 qutebrowser: Cross-site request forgery flaw allows sites to access 'qute://*' URLs and execute arbitrary code [fedora-all]
0
0

Automated Test Results