Fedora: Update 24 - Critical Security Patches For Chromium

Google's "pnacl" toolchain for native client support in Chromium. Depends on

their older "nacl" toolchain, packaged separately.

Update to chromium 58. Move chrome-remote-desktop to user systemd service.

Security fixes for CVE-2017-5068, CVE-2017-5057, CVE-2017-5058, CVE-2017-5059,

CVE-2017-5060, CVE-2017-5061, CVE-2017-5062, CVE-2017-5063, CVE-2017-5064,

CVE-2017-5065, CVE-2017-5066, CVE-2017-5067, CVE-2017-5069 ---- Security fix

for CVE-2017-5055, CVE-2017-5054, CVE-2017-5052, CVE-2017-5056, CVE-2017-5053

[ 1 ] Bug #1443850 - CVE-2017-5069 chromium-browser: cross-origin bypass in blink

https://bugzilla.redhat.com/show_bug.cgi?id=1443850

[ 2 ] Bug #1443849 - CVE-2017-5067 chromium-browser: url spoofing in omnibox

https://bugzilla.redhat.com/show_bug.cgi?id=1443849

[ 3 ] Bug #1443848 - CVE-2017-5066 chromium-browser: incorrect signature handing in networking

https://bugzilla.redhat.com/show_bug.cgi?id=1443848

[ 4 ] Bug #1443847 - CVE-2017-5065 chromium-browser: incorrect ui in blink

https://bugzilla.redhat.com/show_bug.cgi?id=1443847

[ 5 ] Bug #1443845 - CVE-2017-5064 chromium-browser: use after free in blink

https://bugzilla.redhat.com/show_bug.cgi?id=1443845

[ 6 ] Bug #1443841 - CVE-2017-5063 chromium-browser: heap overflow in skia

https://bugzilla.redhat.com/show_bug.cgi?id=1443841

[ 7 ] Bug #1443840 - CVE-2017-5062 chromium-browser: use after free in chrome apps

https://bugzilla.redhat.com/show_bug.cgi?id=1443840

[ 8 ] Bug #1443839 - CVE-2017-5061 chromium-browser: url spoofing in omnibox

https://bugzilla.redhat.com/show_bug.cgi?id=1443839

[ 9 ] Bug #1443838 - CVE-2017-5060 chromium-browser: url spoofing in omnibox

https://bugzilla.redhat.com/show_bug.cgi?id=1443838

[ 10 ] Bug #1443837 - CVE-2017-5059 chromium-browser: type confusion in blink

https://bugzilla.redhat.com/show_bug.cgi?id=1443837

[ 11 ] Bug #1443836 - CVE-2017-5058 chromium-browser: heap use after free in print preview

https://bugzilla.redhat.com/show_bug.cgi?id=1443836

[ 12 ] Bug #1443835 - CVE-2017-5057 chromium-browser: type confusion in pdfium

https://bugzilla.redhat.com/show_bug.cgi?id=1443835

[ 13 ] Bug #1448031 - CVE-2017-5068 chromium-browser: race condition in webrtc

https://bugzilla.redhat.com/show_bug.cgi?id=1448031

[ 14 ] Bug #1437353 - CVE-2017-5053 chromium-browser: out of bounds memory access in v8

https://bugzilla.redhat.com/show_bug.cgi?id=1437353

[ 15 ] Bug #1437352 - CVE-2017-5056 chromium-browser: use after free in blink

https://bugzilla.redhat.com/show_bug.cgi?id=1437352

[ 16 ] Bug #1437351 - CVE-2017-5052 chromium-browser: bad cast in blink

https://bugzilla.redhat.com/show_bug.cgi?id=1437351

[ 17 ] Bug #1437350 - CVE-2017-5054 chromium-browser: heap buffer overflow in v8

https://bugzilla.redhat.com/show_bug.cgi?id=1437350

[ 18 ] Bug #1437348 - CVE-2017-5055 chromium-browser: use after free in printing

https://bugzilla.redhat.com/show_bug.cgi?id=1437348

su -c 'dnf upgrade chromium-native_client' at the command line.

For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org