- Update to version 1.11.1

* CVE-2020-11054: After a certificate error was overridden by
  the user, qutebrowser displays the URL as yellow
  (colors.statusbar.url.warn.fg). However, when the affected
  website was subsequently loaded again, the URL was mistakenly
  displayed as green (colors.statusbar.url.success_https).
  While the user already has seen a certificate error prompt
  at this point (or set content.ssl_strict to false which is not
  recommended), this could still provide a false sense of security.
  This is now fixed.

OBS-URL: https://build.opensuse.org/package/show/network/qutebrowser?expand=0&rev=90

qutebrowser-1.11.0.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:e2ed9d56aa5db8a0865f7a18d5d0d796d48db161d9c04c03a935dd95e2a4182c
-size 3106297

qutebrowser-1.11.0.tar.gz.asc

@@ -1,16 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQIzBAABCAAdFiEE4E5WAAJAG47w528KkW6wyP1VoHIFAl6m4+oACgkQkW6wyP1V
-oHK63g/9Ekiv/fVhtEmXS83vom6yFtvdxyJi8VTYreLC3uGYqALzbcGZb/8Fuzbi
-3avnPSGQE7YSklJbBh3+Lg/1Wqy0im4wzEJY2lkArIgtOf8djalYlMQSTaKRebwf
-dMhFnEcoj3Z9zh7MTVgSgI9AdHnJGb0239NEyFT2QzEUn/c0dF67QvpGgD2qOIF7
-7EyFkwNswxxtMBB/0GvyRsFQ35jXpz56tEt7hwpyhimCLjtihMNJ6c+W06ai/hx9
-yeCLTmsXJ/YFGPQvpjFRTJHjnusul9MKkbHpe7Nb4wjmtFtV6xXzsSgUb5Ipvc+T
-9zxcLdMWic0yiDWmXp7yZ0rWP0QCoOySM8IKUz4tBLU2Yx6YJ37qU192kaORnvQa
-uqUVQUY3DNIhBkimVhalkeQ3TcO3R0hRnXLWAUkBqyr1IUgQt5xiZ0tg5uY+X/mk
-5gK6Lo+Wu0ZKUW4DtQnJXTPjRjf7yUDvDLz7UHbTV6Y+b+fdFWfZWvbo5MtTU+a+
-NC8PQVUllir5E1reS/W3zS+KFuhPRG/0HNDEkyxG2+MylDKbUaku0OsYQKZOueIf
-eOmgLuNEofKtPkmg+mrTJeoujbOzszVQYvIABdAW/pcXaMTRYFQJh7CYyl9ruEBk
-/pOemjZJm0BNUTH189DeEUXsDewQQfbumN63WloM7wN/uZGbDrk=
-=yuVL
------END PGP SIGNATURE-----

qutebrowser-1.11.1.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:7a3354cb28efcec2cc4549b8ab37e1c4b81b45c51f52e87fdfb9380100afb533
+size 6789139

qutebrowser-1.11.1.tar.gz.asc

@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCAAdFiEE4E5WAAJAG47w528KkW6wyP1VoHIFAl60HsQACgkQkW6wyP1V
+oHJU7w/+I6TJzIaUjNS8InESmibWnhkZeT2o+Y64bk0RXLXkNl15URf7MRagUvbf
+VLDcFACzZfbhmnMgvKc2KNPfOxwMFmzf4bmUI5Dk0/WQn9NTMvMQKVnCEgcjRXfh
+GMO7v5Y75NXKWW6TiI3nRipNUvB5jI9wTv8WBY4HvEL4jZfgUFljl6b2ONFMx1HS
+hQMIOQFUYUSXRpRe6zCaSCxM1pNJr0GfTW4Qh+e7miM2XUZqBah6c6IFwHZZzPz6
+viOFXqxAVMV6xy691br1DTFjTDAlWhwnK3yRm8Rzls5v2itmTAGbooQ7tYlCJSR+
+7jinMiuGOLmAcciQiFCaWrcKsPATUMiQ/7jOPUuyG7emK7EX0M9QHwQThovwKWdN
+AbY4tNzpiCuHLH4hdWaR20azxJwaz6gQ3+g6OReedptxkE/hYgsvbs2Rc4Od1372
+5FOIklQasDEzw198wL3svq3vmEc7zFa8w4WuTFX/buDQpnljcg9MyE+VTc7h2eiY
+QohEiqSTJzESairhtJJDhXm517NbaXNmljVps6riE4EBTZaJ/AGkILkgsDVKMUrl
+yatQcNwM9cSaCUZrUbd1qTNWp8XjPosv33Ih784A3dpgNi18+SDajs2XrsyDgzn1
+AFCkCFNhGrZr/ks/PfWQr28aTXxBfvxqQ+d1pid/oY9e3GUmrzc=
+=vypP
+-----END PGP SIGNATURE-----

qutebrowser.changes

@@ -1,3 +1,17 @@
+-------------------------------------------------------------------
+Fri May  8 08:32:56 UTC 2020 - Mia Herkt <mia@0x0.st>
+
+- Update to version 1.11.1
+  * CVE-2020-11054: After a certificate error was overridden by
+  the user, qutebrowser displays the URL as yellow
+  (colors.statusbar.url.warn.fg). However, when the affected
+  website was subsequently loaded again, the URL was mistakenly
+  displayed as green (colors.statusbar.url.success_https).
+  While the user already has seen a certificate error prompt
+  at this point (or set content.ssl_strict to false which is not
+  recommended), this could still provide a false sense of security.
+  This is now fixed.
+
 -------------------------------------------------------------------
 Wed May  6 05:00:29 UTC 2020 - Mia Herkt <mia@0x0.st>
 

qutebrowser.spec

@@ -17,7 +17,7 @@
 
 
 Name:           qutebrowser
-Version:        1.11.0
+Version:        1.11.1
 Release:        0
 Summary:        Keyboard-driven vim-like browser based on Qt5
 License:        GPL-3.0-or-later