[SECURITY] Fedora 32 Update: qutebrowser-1.13.1-1.fc32

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2020-f0812d6aad 2020-09-21 00:00:35.262153 -------------------------------------------------------------------------------- Name : qutebrowser Product : Fedora 32 Version : 1.13.1 Release : 1.fc32 URL : http://www.qutebrowser.org Summary : A keyboard-driven, vim-like browser based on PyQt5 and QtWebEngine Description : qutebrowser is a keyboard-focused browser with a minimal GUI. It���s based on Python, PyQt5 and QtWebEngine and free software, licensed under the GPL. It was inspired by other browsers/addons like dwb and Vimperator/Pentadactyl. -------------------------------------------------------------------------------- Update Information: We missed a few upstream releases but there's not breaking changes as far as I know. Lot of bug fixes and minor changes. ---- Addresses CVE-2020-11054: After a certificate error was overridden by the user, qutebrowser displays the URL as yellow (colors.statusbar.url.warn.fg). However, when the affected website was subsequently loaded again, the URL was mistakenly displayed as green (colors.statusbar.url.success_https). While the user already has seen a certificate error prompt at this point (or set content.ssl_strict to false which is not recommended), this could still provide a false sense of security. This is now fixed. -------------------------------------------------------------------------------- ChangeLog: * Sat Jun 20 2020 Timoth��e Floure <fnux(a)fedoraproject.org&gt; - 1.13.1-1 - New upstream release * Sat Jun 20 2020 Ankur Sinha <ankursinha AT fedoraproject DOT org> - 1.12.0-1 - Update to 1.12.0 * Tue May 26 2020 Miro Hron��ok <mhroncok(a)redhat.com&gt; - 1.11.1-2 - Rebuilt for Python 3.9 * Sat May 23 2020 Timoth��e Floure <fnux(a)fedoraproject.org&gt; - 1.11.1-1 - New upstream release (addresses CVE-2020-11054) * Fri May 1 2020 Timoth��e Floure <fnux(a)fedoraproject.org&gt; - 1.11.0-1 - New upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1825405 - qutebrowser-1.11.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1825405 [ 2 ] Bug #1835335 - CVE-2020-11054 qutebrowser: Improper handling of certificates while visiting pages [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1835335 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-f0812d6aad' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------