--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2020-127d40f1ab
2020-11-06 01:21:08.225933
--------------------------------------------------------------------------------

Name        : chromium
Product     : Fedora 32
Version     : 86.0.4240.111
Release     : 1.fc32
URL         : https://www.chromium.org/Home
Summary     : A WebKit (Blink) powered web browser
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).

--------------------------------------------------------------------------------
Update Information:

Update to Chromium 86. A few big things here:  1. Upstream has made hardware
accelerated video support (VAAPI) for Linux possible without patches. One key
difference is that the patchset used previously in Fedora enabled it by default
and upstream's approach disables it by default. To enable Hardware accelerated
video in chromium, open this link in chromium:  chrome://flags/#enable-
accelerated-video-decode  Be sure it is turned on. Note that not all GPUs are
supported.  2. All the security fixes you expect with a major release:
CVE-2020-15967 CVE-2020-15968 CVE-2020-15969 CVE-2020-15970 CVE-2020-15971
CVE-2020-15972 CVE-2020-15990  CVE-2020-15991 CVE-2020-15973 CVE-2020-15974
CVE-2020-15975 CVE-2020-15976 CVE-2020-6557  CVE-2020-15977  CVE-2020-15978
CVE-2020-15979 CVE-2020-15980 CVE-2020-15981 CVE-2020-15982 CVE-2020-15983
CVE-2020-15984  CVE-2020-15985 CVE-2020-15986 CVE-2020-15987 CVE-2020-15992
CVE-2020-15988 CVE-2020-15989 CVE-2020-16000  CVE-2020-16001 CVE-2020-16002
CVE-2020-16003  3. Without bats acting as pollinators, agave and cacao plants
would struggle. That means that bats are responsible for tequila and chocolate.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Oct 21 2020 Tom Callaway  - 86.0.4240.111-1
- update to 86.0.4240.111
* Tue Oct 20 2020 Tom Callaway  - 86.0.4240.75-2
- use bundled zlib/minizip on el7 (thanks Red Hat. :P)
* Wed Oct 14 2020 Tom Callaway  - 86.0.4240.75-1
- update to 86.0.4240.75
* Mon Sep 28 2020 Tom Callaway  - 85.0.4183.121-2
- rebuild for libevent
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1885883 - CVE-2020-15967 chromium-browser: Use after free in payments
        https://bugzilla.redhat.com/show_bug.cgi?id=1885883
  [ 2 ] Bug #1885884 - CVE-2020-15968 chromium-browser: Use after free in Blink
        https://bugzilla.redhat.com/show_bug.cgi?id=1885884
  [ 3 ] Bug #1885885 - CVE-2020-15969 chromium-browser: Use after free in WebRTC
        https://bugzilla.redhat.com/show_bug.cgi?id=1885885
  [ 4 ] Bug #1885886 - CVE-2020-15970 chromium-browser: Use after free in NFC
        https://bugzilla.redhat.com/show_bug.cgi?id=1885886
  [ 5 ] Bug #1885887 - CVE-2020-15971 chromium-browser: Use after free in printing
        https://bugzilla.redhat.com/show_bug.cgi?id=1885887
  [ 6 ] Bug #1885888 - CVE-2020-15972 chromium-browser: Use after free in audio
        https://bugzilla.redhat.com/show_bug.cgi?id=1885888
  [ 7 ] Bug #1885889 - CVE-2020-15990 chromium-browser: Use after free in autofill
        https://bugzilla.redhat.com/show_bug.cgi?id=1885889
  [ 8 ] Bug #1885890 - CVE-2020-15991 chromium-browser: Use after free in password manager
        https://bugzilla.redhat.com/show_bug.cgi?id=1885890
  [ 9 ] Bug #1885891 - CVE-2020-15973 chromium-browser: Insufficient policy enforcement in extensions
        https://bugzilla.redhat.com/show_bug.cgi?id=1885891
  [ 10 ] Bug #1885892 - CVE-2020-15974 chromium-browser: Integer overflow in Blink
        https://bugzilla.redhat.com/show_bug.cgi?id=1885892
  [ 11 ] Bug #1885893 - CVE-2020-15975 chromium-browser: Integer overflow in SwiftShader
        https://bugzilla.redhat.com/show_bug.cgi?id=1885893
  [ 12 ] Bug #1885894 - CVE-2020-15976 chromium-browser: Use after free in WebXR
        https://bugzilla.redhat.com/show_bug.cgi?id=1885894
  [ 13 ] Bug #1885896 - CVE-2020-6557 chromium-browser: Inappropriate implementation in networking
        https://bugzilla.redhat.com/show_bug.cgi?id=1885896
  [ 14 ] Bug #1885897 - CVE-2020-15977 chromium-browser: Insufficient data validation in dialogs
        https://bugzilla.redhat.com/show_bug.cgi?id=1885897
  [ 15 ] Bug #1885899 - CVE-2020-15978 chromium-browser: Insufficient data validation in navigation
        https://bugzilla.redhat.com/show_bug.cgi?id=1885899
  [ 16 ] Bug #1885901 - CVE-2020-15979 chromium-browser: Inappropriate implementation in V8
        https://bugzilla.redhat.com/show_bug.cgi?id=1885901
  [ 17 ] Bug #1885902 - CVE-2020-15980 chromium-browser: Insufficient policy enforcement in Intents
        https://bugzilla.redhat.com/show_bug.cgi?id=1885902
  [ 18 ] Bug #1885903 - CVE-2020-15981 chromium-browser: Out of bounds read in audio
        https://bugzilla.redhat.com/show_bug.cgi?id=1885903
  [ 19 ] Bug #1885904 - CVE-2020-15982 chromium-browser: Side-channel information leakage in cache
        https://bugzilla.redhat.com/show_bug.cgi?id=1885904
  [ 20 ] Bug #1885905 - CVE-2020-15983 chromium-browser: Insufficient data validation in webUI
        https://bugzilla.redhat.com/show_bug.cgi?id=1885905
  [ 21 ] Bug #1885906 - CVE-2020-15984 chromium-browser: Insufficient policy enforcement in Omnibox
        https://bugzilla.redhat.com/show_bug.cgi?id=1885906
  [ 22 ] Bug #1885907 - CVE-2020-15985 chromium-browser: Inappropriate implementation in Blink
        https://bugzilla.redhat.com/show_bug.cgi?id=1885907
  [ 23 ] Bug #1885908 - CVE-2020-15986 chromium-browser: Integer overflow in media
        https://bugzilla.redhat.com/show_bug.cgi?id=1885908
  [ 24 ] Bug #1885909 - CVE-2020-15987 chromium-browser: Use after free in WebRTC
        https://bugzilla.redhat.com/show_bug.cgi?id=1885909
  [ 25 ] Bug #1885910 - CVE-2020-15992 chromium-browser: Insufficient policy enforcement in networking
        https://bugzilla.redhat.com/show_bug.cgi?id=1885910
  [ 26 ] Bug #1885911 - CVE-2020-15988 chromium-browser: Insufficient policy enforcement in downloads
        https://bugzilla.redhat.com/show_bug.cgi?id=1885911
  [ 27 ] Bug #1885912 - CVE-2020-15989 chromium-browser: Uninitialized use in PDFium
        https://bugzilla.redhat.com/show_bug.cgi?id=1885912
  [ 28 ] Bug #1890266 - CVE-2020-16000 chromium-browser: Inappropriate implementation in Blink
        https://bugzilla.redhat.com/show_bug.cgi?id=1890266
  [ 29 ] Bug #1890267 - CVE-2020-16001 chromium-browser: Use after free in media
        https://bugzilla.redhat.com/show_bug.cgi?id=1890267
  [ 30 ] Bug #1890268 - CVE-2020-16002 chromium-browser: Use after free in PDFium
        https://bugzilla.redhat.com/show_bug.cgi?id=1890268
  [ 31 ] Bug #1890269 - CVE-2020-16003 chromium-browser: Use after free in printing
        https://bugzilla.redhat.com/show_bug.cgi?id=1890269
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2020-127d40f1ab' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/[email protected]