QtWebKit upstream are reviewing a patch that prevents it recording visited URLs to its favicon database (WebpageIcons.db) while using private browsing mode: - https://codereview.qt-project.org/#/c/108936/
Created qt5-qtwebkit tracking bugs for this issue: Affects: fedora-all [bug 1204796] Affects: epel-all [bug 1204797]
Created mingw-qt5-qtwebkit tracking bugs for this issue: Affects: fedora-all [bug 1204798] Affects: epel-all [bug 1204799]
qt5-qtwebkit-5.4.1-4.el7 has been pushed to the Fedora EPEL 7 stable repository. If problems still persist, please make note of it in this bug report.
qt5-qtwebkit-5.4.1-4.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.
qtwebkit-2.3.4-6.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.
qtwebkit-2.3.4-6.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.
qt5-qtwebkit-5.4.1-4.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.
qtwebkit-2.3.4-6.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
qt5-qtwebkit-5.4.1-4.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
I don't think a CVE was requested for this issue. Can this be done now?
Switching needinfo from the generic team alias to Adam Maris for following up.
CVE request: http://seclists.org/oss-sec/2015/q4/224
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.