Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

Fedora 26: 2018-ff8b9e4b5e2 High: Firefox Vulnerability Patches

fedora
Calendar Grey May 23, 2017
Dist Fedora Esm H88
Fedora 25 upgrades Firefox to version 52 and strengthens NetworkManager with critical security improvements.
Update to chromium 58

Summary

Chromium is an open-source web browser, powered by WebKit (Blink).

Update to chromium 58. Move chrome-remote-desktop to user systemd service.

Security fixes for CVE-2017-5068, CVE-2017-5057, CVE-2017-5058, CVE-2017-5059,

CVE-2017-5060, CVE-2017-5061, CVE-2017-5062, CVE-2017-5063, CVE-2017-5064,

CVE-2017-5065, CVE-2017-5066, CVE-2017-5067, CVE-2017-5069

[ 1 ] Bug #1443850 - CVE-2017-5069 chromium-browser: cross-origin bypass in blink

https://bugzilla.redhat.com/show_bug.cgi?id=1443850

[ 2 ] Bug #1443849 - CVE-2017-5067 chromium-browser: url spoofing in omnibox

https://bugzilla.redhat.com/show_bug.cgi?id=1443849

[ 3 ] Bug #1443848 - CVE-2017-5066 chromium-browser: incorrect signature handing in networking

https://bugzilla.redhat.com/show_bug.cgi?id=1443848

[ 4 ] Bug #1443847 - CVE-2017-5065 chromium-browser: incorrect ui in blink

https://bugzilla.redhat.com/show_bug.cgi?id=1443847

[ 5 ] Bug #1443845 - CVE-2017-5064 chromium-browser: use after free in blink

https://bugzilla.redhat.com/show_bug.cgi?id=1443845

[ 6 ] Bug #1443841 - CVE-2017-5063 chromium-browser: heap overflow in skia

https://bugzilla.redhat.com/show_bug.cgi?id=1443841

[ 7 ] Bug #1443840 - CVE-2017-5062 chromium-browser: use after free in chrome apps

https://bugzilla.redhat.com/show_bug.cgi?id=1443840

[ 8 ] Bug #1443839 - CVE-2017-5061 chromium-browser: url spoofing in omnibox

https://bugzilla.redhat.com/show_bug.cgi?id=1443839

[ 9 ] Bug #1443838 - CVE-2017-5060 chromium-browser: url spoofing in omnibox

https://bugzilla.redhat.com/show_bug.cgi?id=1443838

[ 10 ] Bug #1443837 - CVE-2017-5059 chromium-browser: type confusion in blink

https://bugzilla.redhat.com/show_bug.cgi?id=1443837

[ 11 ] Bug #1443836 - CVE-2017-5058 chromium-browser: heap use after free in print preview

https://bugzilla.redhat.com/show_bug.cgi?id=1443836

[ 12 ] Bug #1443835 - CVE-2017-5057 chromium-browser: type confusion in pdfium

https://bugzilla.redhat.com/show_bug.cgi?id=1443835

[ 13 ] Bug #1448031 - CVE-2017-5068 chromium-browser: race condition in webrtc

https://bugzilla.redhat.com/show_bug.cgi?id=1448031

su -c 'dnf upgrade chromium' at the command line.

For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Topics%20covered

Topics Covered

security advisory Fedora security fix moderate threat browser update systemd chromium

Change Log

References

Update Instructions

Product: Fedora 25
Version: 58.0.3029.110
Release: 2.fc25
URL: https://www.chromium.org/Home/
Summary: A WebKit (Blink) powered web browser

Topics%20covered

Topics Covered

security advisory Fedora security fix moderate threat browser update systemd chromium

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here