[Slackbuilds-users] qutebrowser 1.3.3 security update
dave at dawoodfall.net
Thu Jun 21 23:14:34 UTC 2018
I've just submitted my first update because of a security issue.
"An XSS vulnerability on the qute://history page allowed websites to inject
HTML into the page via a crafted title tag. This could allow them to steal
your browsing history. If you're currently unable to upgrade, avoid using
:history. A CVE request for this issue is pending, see #4011 for updates."
Until this is available, please avoid using the :history (or qute://history) command.
I'll post any updates here.
The good thing about standards is that there are so many to choose from.
-- Andrew S. Tanenbaum
More information about the SlackBuilds-users