Vitaly Zaitsev via devel wrote:
QtWebEngine is an extremely vulnerable thing due to a major lag after WebKit/Blink security patches.
There is a lag, but it is less than the average lag we add in Fedora.
E.g., the security fixes from Chromium 100 were backported to qtwebengine- chromium git after 1 month, and the release was tagged 2 weeks later.
Note: Do not believe websites when they claim "your browser is outdated and insecure" when using Falkon. They only see the base Chromium version (e.g., for QtWebEngine 5.15.10, that is Chromium 87), not the backported security fixes (5.15.10 includes backported security fixes up to Chromium 100).
Kevin Kofler