Bugzilla – Bug 954210
VUL-1: CVE-2015-8079 qt5-qtwebkit: QtWebKit logs visited URLs to WebpageIcons.db in private browsing mode
Last modified: 2016-10-26 14:20:00 UTC
Quoting from RH BZ: "QtWebKit upstream are reviewing a patch that prevents it recording visited URLs to its favicon database (WebpageIcons.db) while using private browsing mode" References: https://codereview.qt-project.org/#/c/108936/ https://bugzilla.redhat.com/show_bug.cgi?id=1204795 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8079 http://seclists.org/oss-sec/2015/q4/227 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8079
bugbot adjusting priority
Submitted MR#78951 for SUSE:SLE-12:Update and SR#78955 for SUSE:SLE-12-SP1:GA
should be done. set to resolved.
SUSE-SU-2016:2397-1: An update that fixes two vulnerabilities is now available. Category: security (moderate) Bug References: 954210,990856 CVE References: CVE-2015-8079,CVE-2016-6354 Sources used: SUSE Linux Enterprise Workstation Extension 12-SP1 (src): bogofilter-1.2.4-5.3 SUSE Linux Enterprise Software Development Kit 12-SP1 (src): flex-2.5.37-8.1, libQtWebKit4-4.8.6+2.3.3-3.1, libbonobo-2.32.1-16.1, mdbtools-0.7-5.1, netpbm-10.66.3-4.1, openslp-2.0.0-11.1, sgmltool-1.0.9-1075.1 SUSE Linux Enterprise Server 12-SP1 (src): at-3.1.14-7.3, cyrus-imapd-2.3.18-40.1, flex-2.5.37-8.1, kdelibs4-4.12.0-7.3, libQtWebKit4-4.8.6+2.3.3-3.1, libbonobo-2.32.1-16.1, netpbm-10.66.3-4.1, openslp-2.0.0-11.1 SUSE Linux Enterprise Desktop 12-SP1 (src): at-3.1.14-7.3, bogofilter-1.2.4-5.3, kdelibs4-4.12.0-7.3, libQtWebKit4-4.8.6+2.3.3-3.1, libbonobo-2.32.1-16.1, netpbm-10.66.3-4.1, openslp-2.0.0-11.1