--------------------------------------------------------------------------------Fedora Update Notification
FEDORA-2017-7d698eba8b
2017-06-02 17:35:03.195487
--------------------------------------------------------------------------------Name        : chromium
Product     : Fedora 24
Version     : 58.0.3029.110
Release     : 2.fc24
URL         : https://www.chromium.org/Home/
Summary     : A WebKit (Blink) powered web browser
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).

--------------------------------------------------------------------------------Update Information:

Update to chromium 58. Move chrome-remote-desktop to user systemd service.
Security fixes for CVE-2017-5068, CVE-2017-5057, CVE-2017-5058, CVE-2017-5059,
CVE-2017-5060, CVE-2017-5061, CVE-2017-5062, CVE-2017-5063, CVE-2017-5064,
CVE-2017-5065, CVE-2017-5066, CVE-2017-5067, CVE-2017-5069   ----  Security fix
for CVE-2017-5055, CVE-2017-5054, CVE-2017-5052, CVE-2017-5056, CVE-2017-5053
--------------------------------------------------------------------------------References:

  [ 1 ] Bug #1443850 - CVE-2017-5069 chromium-browser: cross-origin bypass in blink
        https://bugzilla.redhat.com/show_bug.cgi?id=1443850
  [ 2 ] Bug #1443849 - CVE-2017-5067 chromium-browser: url spoofing in omnibox
        https://bugzilla.redhat.com/show_bug.cgi?id=1443849
  [ 3 ] Bug #1443848 - CVE-2017-5066 chromium-browser: incorrect signature handing in networking
        https://bugzilla.redhat.com/show_bug.cgi?id=1443848
  [ 4 ] Bug #1443847 - CVE-2017-5065 chromium-browser: incorrect ui in blink
        https://bugzilla.redhat.com/show_bug.cgi?id=1443847
  [ 5 ] Bug #1443845 - CVE-2017-5064 chromium-browser: use after free in blink
        https://bugzilla.redhat.com/show_bug.cgi?id=1443845
  [ 6 ] Bug #1443841 - CVE-2017-5063 chromium-browser: heap overflow in skia
        https://bugzilla.redhat.com/show_bug.cgi?id=1443841
  [ 7 ] Bug #1443840 - CVE-2017-5062 chromium-browser: use after free in chrome apps
        https://bugzilla.redhat.com/show_bug.cgi?id=1443840
  [ 8 ] Bug #1443839 - CVE-2017-5061 chromium-browser: url spoofing in omnibox
        https://bugzilla.redhat.com/show_bug.cgi?id=1443839
  [ 9 ] Bug #1443838 - CVE-2017-5060 chromium-browser: url spoofing in omnibox
        https://bugzilla.redhat.com/show_bug.cgi?id=1443838
  [ 10 ] Bug #1443837 - CVE-2017-5059 chromium-browser: type confusion in blink
        https://bugzilla.redhat.com/show_bug.cgi?id=1443837
  [ 11 ] Bug #1443836 - CVE-2017-5058 chromium-browser: heap use after free in print preview
        https://bugzilla.redhat.com/show_bug.cgi?id=1443836
  [ 12 ] Bug #1443835 - CVE-2017-5057 chromium-browser: type confusion in pdfium
        https://bugzilla.redhat.com/show_bug.cgi?id=1443835
  [ 13 ] Bug #1448031 - CVE-2017-5068 chromium-browser: race condition in webrtc
        https://bugzilla.redhat.com/show_bug.cgi?id=1448031
  [ 14 ] Bug #1437353 - CVE-2017-5053 chromium-browser: out of bounds memory access in v8
        https://bugzilla.redhat.com/show_bug.cgi?id=1437353
  [ 15 ] Bug #1437352 - CVE-2017-5056 chromium-browser: use after free in blink
        https://bugzilla.redhat.com/show_bug.cgi?id=1437352
  [ 16 ] Bug #1437351 - CVE-2017-5052 chromium-browser: bad cast in blink
        https://bugzilla.redhat.com/show_bug.cgi?id=1437351
  [ 17 ] Bug #1437350 - CVE-2017-5054 chromium-browser: heap buffer overflow in v8
        https://bugzilla.redhat.com/show_bug.cgi?id=1437350
  [ 18 ] Bug #1437348 - CVE-2017-5055 chromium-browser: use after free in printing
        https://bugzilla.redhat.com/show_bug.cgi?id=1437348
--------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade chromium' at the command line.
For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora 24: chromium Security Update 2017-7d698eba8b

June 3, 2017
Update to chromium 58

Summary

Chromium is an open-source web browser, powered by WebKit (Blink).

Update to chromium 58. Move chrome-remote-desktop to user systemd service.

Security fixes for CVE-2017-5068, CVE-2017-5057, CVE-2017-5058, CVE-2017-5059,

CVE-2017-5060, CVE-2017-5061, CVE-2017-5062, CVE-2017-5063, CVE-2017-5064,

CVE-2017-5065, CVE-2017-5066, CVE-2017-5067, CVE-2017-5069 ---- Security fix

for CVE-2017-5055, CVE-2017-5054, CVE-2017-5052, CVE-2017-5056, CVE-2017-5053

[ 1 ] Bug #1443850 - CVE-2017-5069 chromium-browser: cross-origin bypass in blink

https://bugzilla.redhat.com/show_bug.cgi?id=1443850

[ 2 ] Bug #1443849 - CVE-2017-5067 chromium-browser: url spoofing in omnibox

https://bugzilla.redhat.com/show_bug.cgi?id=1443849

[ 3 ] Bug #1443848 - CVE-2017-5066 chromium-browser: incorrect signature handing in networking

https://bugzilla.redhat.com/show_bug.cgi?id=1443848

[ 4 ] Bug #1443847 - CVE-2017-5065 chromium-browser: incorrect ui in blink

https://bugzilla.redhat.com/show_bug.cgi?id=1443847

[ 5 ] Bug #1443845 - CVE-2017-5064 chromium-browser: use after free in blink

https://bugzilla.redhat.com/show_bug.cgi?id=1443845

[ 6 ] Bug #1443841 - CVE-2017-5063 chromium-browser: heap overflow in skia

https://bugzilla.redhat.com/show_bug.cgi?id=1443841

[ 7 ] Bug #1443840 - CVE-2017-5062 chromium-browser: use after free in chrome apps

https://bugzilla.redhat.com/show_bug.cgi?id=1443840

[ 8 ] Bug #1443839 - CVE-2017-5061 chromium-browser: url spoofing in omnibox

https://bugzilla.redhat.com/show_bug.cgi?id=1443839

[ 9 ] Bug #1443838 - CVE-2017-5060 chromium-browser: url spoofing in omnibox

https://bugzilla.redhat.com/show_bug.cgi?id=1443838

[ 10 ] Bug #1443837 - CVE-2017-5059 chromium-browser: type confusion in blink

https://bugzilla.redhat.com/show_bug.cgi?id=1443837

[ 11 ] Bug #1443836 - CVE-2017-5058 chromium-browser: heap use after free in print preview

https://bugzilla.redhat.com/show_bug.cgi?id=1443836

[ 12 ] Bug #1443835 - CVE-2017-5057 chromium-browser: type confusion in pdfium

https://bugzilla.redhat.com/show_bug.cgi?id=1443835

[ 13 ] Bug #1448031 - CVE-2017-5068 chromium-browser: race condition in webrtc

https://bugzilla.redhat.com/show_bug.cgi?id=1448031

[ 14 ] Bug #1437353 - CVE-2017-5053 chromium-browser: out of bounds memory access in v8

https://bugzilla.redhat.com/show_bug.cgi?id=1437353

[ 15 ] Bug #1437352 - CVE-2017-5056 chromium-browser: use after free in blink

https://bugzilla.redhat.com/show_bug.cgi?id=1437352

[ 16 ] Bug #1437351 - CVE-2017-5052 chromium-browser: bad cast in blink

https://bugzilla.redhat.com/show_bug.cgi?id=1437351

[ 17 ] Bug #1437350 - CVE-2017-5054 chromium-browser: heap buffer overflow in v8

https://bugzilla.redhat.com/show_bug.cgi?id=1437350

[ 18 ] Bug #1437348 - CVE-2017-5055 chromium-browser: use after free in printing

https://bugzilla.redhat.com/show_bug.cgi?id=1437348

su -c 'dnf upgrade chromium' at the command line.

For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

FEDORA-2017-7d698eba8b 2017-06-02 17:35:03.195487 Product : Fedora 24 Version : 58.0.3029.110 Release : 2.fc24 URL : https://www.chromium.org/Home/ Summary : A WebKit (Blink) powered web browser Description : Chromium is an open-source web browser, powered by WebKit (Blink). Update to chromium 58. Move chrome-remote-desktop to user systemd service. Security fixes for CVE-2017-5068, CVE-2017-5057, CVE-2017-5058, CVE-2017-5059, CVE-2017-5060, CVE-2017-5061, CVE-2017-5062, CVE-2017-5063, CVE-2017-5064, CVE-2017-5065, CVE-2017-5066, CVE-2017-5067, CVE-2017-5069 ---- Security fix for CVE-2017-5055, CVE-2017-5054, CVE-2017-5052, CVE-2017-5056, CVE-2017-5053 [ 1 ] Bug #1443850 - CVE-2017-5069 chromium-browser: cross-origin bypass in blink https://bugzilla.redhat.com/show_bug.cgi?id=1443850 [ 2 ] Bug #1443849 - CVE-2017-5067 chromium-browser: url spoofing in omnibox https://bugzilla.redhat.com/show_bug.cgi?id=1443849 [ 3 ] Bug #1443848 - CVE-2017-5066 chromium-browser: incorrect signature handing in networking https://bugzilla.redhat.com/show_bug.cgi?id=1443848 [ 4 ] Bug #1443847 - CVE-2017-5065 chromium-browser: incorrect ui in blink https://bugzilla.redhat.com/show_bug.cgi?id=1443847 [ 5 ] Bug #1443845 - CVE-2017-5064 chromium-browser: use after free in blink https://bugzilla.redhat.com/show_bug.cgi?id=1443845 [ 6 ] Bug #1443841 - CVE-2017-5063 chromium-browser: heap overflow in skia https://bugzilla.redhat.com/show_bug.cgi?id=1443841 [ 7 ] Bug #1443840 - CVE-2017-5062 chromium-browser: use after free in chrome apps https://bugzilla.redhat.com/show_bug.cgi?id=1443840 [ 8 ] Bug #1443839 - CVE-2017-5061 chromium-browser: url spoofing in omnibox https://bugzilla.redhat.com/show_bug.cgi?id=1443839 [ 9 ] Bug #1443838 - CVE-2017-5060 chromium-browser: url spoofing in omnibox https://bugzilla.redhat.com/show_bug.cgi?id=1443838 [ 10 ] Bug #1443837 - CVE-2017-5059 chromium-browser: type confusion in blink https://bugzilla.redhat.com/show_bug.cgi?id=1443837 [ 11 ] Bug #1443836 - CVE-2017-5058 chromium-browser: heap use after free in print preview https://bugzilla.redhat.com/show_bug.cgi?id=1443836 [ 12 ] Bug #1443835 - CVE-2017-5057 chromium-browser: type confusion in pdfium https://bugzilla.redhat.com/show_bug.cgi?id=1443835 [ 13 ] Bug #1448031 - CVE-2017-5068 chromium-browser: race condition in webrtc https://bugzilla.redhat.com/show_bug.cgi?id=1448031 [ 14 ] Bug #1437353 - CVE-2017-5053 chromium-browser: out of bounds memory access in v8 https://bugzilla.redhat.com/show_bug.cgi?id=1437353 [ 15 ] Bug #1437352 - CVE-2017-5056 chromium-browser: use after free in blink https://bugzilla.redhat.com/show_bug.cgi?id=1437352 [ 16 ] Bug #1437351 - CVE-2017-5052 chromium-browser: bad cast in blink https://bugzilla.redhat.com/show_bug.cgi?id=1437351 [ 17 ] Bug #1437350 - CVE-2017-5054 chromium-browser: heap buffer overflow in v8 https://bugzilla.redhat.com/show_bug.cgi?id=1437350 [ 18 ] Bug #1437348 - CVE-2017-5055 chromium-browser: use after free in printing https://bugzilla.redhat.com/show_bug.cgi?id=1437348 su -c 'dnf upgrade chromium' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Change Log

References

Update Instructions

Severity
Product : Fedora 24
Version : 58.0.3029.110
Release : 2.fc24
URL : https://www.chromium.org/Home/
Summary : A WebKit (Blink) powered web browser

Related News

5.ShakingHands Esm H320
3 - 5 min read
There has been a promising shift in the tech industry, with major companies pledging to release products with built-in security features. This
18.WifiCutout Landscape Esm H320
2 - 3 min read
A novel attack called TunnelVision has been discovered. It compromises the security of virtually all VPN apps, rendering their purpose useless. The
21.Globe RadiatingCode Esm H320
2 - 3 min read
The recent discovery of a backdoor in XZ Utils , a widely used Linux tool, raises concerns about the security of the open-source ecosystem. While
13.Lock StylizedMotherboard Esm H320
1 - 2 min read
Spiral Linux is a Debian-based distribution that offers a range of desktop environments, making it stand out from other Linux distributions. In
32.Lock Code Circular Esm H320
2 - 3 min read
Two critical security vulnerabilities were found in pgAdmin, the open-source administration tool for PostgreSQL . The vulnerabilities assigned
1.Penguin Landscape Esm H320
2 - 3 min read
The recent release of AlmaLinux 9.4 , closely aligned with Red Hat Enterprise Linux (RHEL) 9.4 , presents Linux admins and infosec professionals
11.Locks IsometricPattern Esm H320
2 - 3 min read
The upcoming release of Linux Mint 22 will introduce significant changes, particularly in handling XApp , GNOME applications, and the Software
2.Motherboard Esm H320
2 - 3 min read
German software engineer Lennart Poettering recently presented run0 , a new tool in systemd v256 that aims to address the security concerns
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved