Fedora 32: FEDORA-2020-3e005ce2e0 Moderate: Chromium Browser Fixes

fedora

November 23, 2020

Update to 87.0.4280.66

Summary

Chromium is an open-source web browser, powered by WebKit (Blink).

Update to 87.0.4280.66. Fixes bugs and security holes. Yay! CVE-2020-16012

CVE-2020-16018 CVE-2020-16019 CVE-2020-16020 CVE-2020-16021 CVE-2020-16022

CVE-2020-16015 CVE-2020-16014 CVE-2020-16023 CVE-2020-16024 CVE-2020-16025

CVE-2020-16026 CVE-2020-16027 CVE-2020-16028 CVE-2020-16029 CVE-2020-16030

CVE-2020-16031 CVE-2020-16032 CVE-2020-16033 CVE-2020-16034 CVE-2020-16035

CVE-2020-16036 ---- Update to 86.0.4240.198. Fixes the following security

issues: CVE-2020-16013 CVE-2020-16016 CVE-2020-16017 ---- Update to

86.0.4240.183. Fixes the following security issues: CVE-2020-16004

CVE-2020-16005 CVE-2020-16006 CVE-2020-16008 CVE-2020-16009 Also disables the

very verbose output going to stdout.

* Wed Nov 18 2020 Tom Callaway - 87.0.4280.66-1

- update to 87.0.4280.66

* Thu Nov 12 2020 Jeff Law - 86.0.4240.198-1

- Fix missing #inclues for gcc-11

- Fix bogus volatile caught by gcc-11

* Thu Nov 12 2020 Tom Callaway - 86.0.4240.198-1

- update to 86.0.4240.198

* Tue Nov 10 2020 Tom Callaway - 86.0.4240.193-1

- update to 86.0.4240.193

* Wed Nov 4 2020 Tom Callaway - 86.0.4240.183-1

- update to 86.0.4240.183

* Mon Nov 2 2020 Tom Callaway - 86.0.4240.111-2

- fix conditional typo that was causing console logging to be turned on

[ 1 ] Bug #1894197 - CVE-2020-16004 chromium-browser: Use after free in user interface

https://bugzilla.redhat.com/show_bug.cgi?id=1894197

[ 2 ] Bug #1894198 - CVE-2020-16005 chromium-browser: Insufficient policy enforcement in ANGLE

https://bugzilla.redhat.com/show_bug.cgi?id=1894198

[ 3 ] Bug #1894199 - CVE-2020-16006 chromium-browser: Inappropriate implementation in V8

https://bugzilla.redhat.com/show_bug.cgi?id=1894199

[ 4 ] Bug #1894201 - CVE-2020-16008 chromium-browser: Stack buffer overflow in WebRTC

https://bugzilla.redhat.com/show_bug.cgi?id=1894201

[ 5 ] Bug #1894202 - CVE-2020-16009 chromium-browser: Inappropriate implementation in V8

https://bugzilla.redhat.com/show_bug.cgi?id=1894202

[ 6 ] Bug #1896641 - CVE-2020-16016 chromium-browser: Inappropriate implementation in base

https://bugzilla.redhat.com/show_bug.cgi?id=1896641

[ 7 ] Bug #1897206 - CVE-2020-16013 chromium-browser: Inappropriate implementation in V8

https://bugzilla.redhat.com/show_bug.cgi?id=1897206

[ 8 ] Bug #1897207 - CVE-2020-16017 chromium-browser: Use after free in site isolation

https://bugzilla.redhat.com/show_bug.cgi?id=1897207

[ 9 ] Bug #1899222 - CVE-2020-16018 chromium-browser: Use after free in payments

https://bugzilla.redhat.com/show_bug.cgi?id=1899222

[ 10 ] Bug #1899223 - CVE-2020-16019 chromium-browser: Inappropriate implementation in filesystem

https://bugzilla.redhat.com/show_bug.cgi?id=1899223

[ 11 ] Bug #1899224 - CVE-2020-16020 chromium-browser: Inappropriate implementation in cryptohome

https://bugzilla.redhat.com/show_bug.cgi?id=1899224

[ 12 ] Bug #1899225 - CVE-2020-16021 chromium-browser: Race in ImageBurner

https://bugzilla.redhat.com/show_bug.cgi?id=1899225

[ 13 ] Bug #1899226 - CVE-2020-16022 chromium-browser: Insufficient policy enforcement in networking

https://bugzilla.redhat.com/show_bug.cgi?id=1899226

[ 14 ] Bug #1899227 - CVE-2020-16015 chromium-browser: Insufficient data validation in WASM

https://bugzilla.redhat.com/show_bug.cgi?id=1899227

[ 15 ] Bug #1899228 - CVE-2020-16014 chromium-browser: Use after free in PPAPI

https://bugzilla.redhat.com/show_bug.cgi?id=1899228

[ 16 ] Bug #1899229 - CVE-2020-16023 chromium-browser: Use after free in WebCodecs

https://bugzilla.redhat.com/show_bug.cgi?id=1899229

[ 17 ] Bug #1899230 - CVE-2020-16024 chromium-browser: Heap buffer overflow in UI

https://bugzilla.redhat.com/show_bug.cgi?id=1899230

[ 18 ] Bug #1899231 - CVE-2020-16025 chromium-browser: Heap buffer overflow in clipboard

https://bugzilla.redhat.com/show_bug.cgi?id=1899231

[ 19 ] Bug #1899232 - CVE-2020-16026 chromium-browser: Use after free in WebRTC

https://bugzilla.redhat.com/show_bug.cgi?id=1899232

[ 20 ] Bug #1899233 - CVE-2020-16027 chromium-browser: Insufficient policy enforcement in developer tools

https://bugzilla.redhat.com/show_bug.cgi?id=1899233

[ 21 ] Bug #1899234 - CVE-2020-16028 chromium-browser: Heap buffer overflow in WebRTC

https://bugzilla.redhat.com/show_bug.cgi?id=1899234

[ 22 ] Bug #1899235 - CVE-2020-16029 chromium-browser: Inappropriate implementation in PDFium

https://bugzilla.redhat.com/show_bug.cgi?id=1899235

[ 23 ] Bug #1899237 - CVE-2020-16030 chromium-browser: Insufficient data validation in Blink

https://bugzilla.redhat.com/show_bug.cgi?id=1899237

[ 24 ] Bug #1899239 - CVE-2019-8075 flash-plugin: Same origin policy bypass leading to information disclosure

https://bugzilla.redhat.com/show_bug.cgi?id=1899239

[ 25 ] Bug #1899240 - CVE-2020-16031 chromium-browser: Incorrect security UI in tab preview

https://bugzilla.redhat.com/show_bug.cgi?id=1899240

[ 26 ] Bug #1899241 - CVE-2020-16032 chromium-browser: Incorrect security UI in sharing

https://bugzilla.redhat.com/show_bug.cgi?id=1899241

[ 27 ] Bug #1899242 - CVE-2020-16033 chromium-browser: Incorrect security UI in WebUSB

https://bugzilla.redhat.com/show_bug.cgi?id=1899242

[ 28 ] Bug #1899243 - CVE-2020-16034 chromium-browser: Inappropriate implementation in WebRTC

https://bugzilla.redhat.com/show_bug.cgi?id=1899243

[ 29 ] Bug #1899244 - CVE-2020-16035 chromium-browser: Insufficient data validation in cros-disks

https://bugzilla.redhat.com/show_bug.cgi?id=1899244

[ 30 ] Bug #1899245 - CVE-2020-16036 chromium-browser: Inappropriate implementation in cookies

https://bugzilla.redhat.com/show_bug.cgi?id=1899245

su -c 'dnf upgrade --advisory FEDORA-2020-3e005ce2e0' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Topics Covered

security advisory fedora update bug fix browser chromium

Change Log

References

Update Instructions

Severity

important

Lowest

Low

Medium

High

Critical

Product: Fedora 32

Version: 87.0.4280.66

Release: 1.fc32

URL: https://www.chromium.org/Home/

Summary: A WebKit (Blink) powered web browser

Topics Covered

security advisory fedora update bug fix browser chromium

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Fedora 32: FEDORA-2020-3e005ce2e0 Moderate: Chromium Browser Fixes

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Fedora 32: FEDORA-2020-3e005ce2e0 Moderate: Chromium Browser Fixes

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!