Unspecified use-after-free vulnerability has been found  in Chromium pepper plugins.
I dont have access to the upstream bug. However it seems this is related to
Tomas, confirmed this is a part of the code we ship, calling it affected.
This issue has been addressed in the following products:
Supplementary for Red Hat Enterprise Linux 6
Via RHSA-2014:1894 https://rhn.redhat.com/errata/RHSA-2014-1894.html
Why were we Qt/KDE maintainers put on CC for this bug? This is clearly a Chromium-specific vulnerability that cannot possibly affect QtWebKit or KHTML (because neither supports Pepper plugins). Only QtWebEngine can possibly be affected, but it is not currently in Fedora.