Fedora 32: chromium 2020-bf684961d9

    Date 30 Jul 2020
    133
    Posted By LinuxSecurity Advisories
    Just enough time for one more update. Chromium 84. Fixes CVE-2020-6510 CVE-2020-6511 CVE-2020-6512 CVE-2020-6513 CVE-2020-6514 CVE-2020-6515 CVE-2020-6516 CVE-2020-6517 CVE-2020-6518 CVE-2020-6519 CVE-2020-6520 CVE-2020-6521 CVE-2020-6522 CVE-2020-6523 CVE-2020-6524 CVE-2020-6525 CVE-2020-6526 CVE-2020-6527 CVE-2020-6528 CVE-2020-6529 CVE-2020-6530
    --------------------------------------------------------------------------------
    Fedora Update Notification
    FEDORA-2020-bf684961d9
    2020-07-30 17:50:12.727824
    --------------------------------------------------------------------------------
    
    Name        : chromium
    Product     : Fedora 32
    Version     : 84.0.4147.89
    Release     : 1.fc32
    URL         : https://www.chromium.org/Home
    Summary     : A WebKit (Blink) powered web browser
    Description :
    Chromium is an open-source web browser, powered by WebKit (Blink).
    
    --------------------------------------------------------------------------------
    Update Information:
    
    Just enough time for one more update.   Chromium 84.  Fixes CVE-2020-6510
    CVE-2020-6511 CVE-2020-6512 CVE-2020-6513 CVE-2020-6514 CVE-2020-6515
    CVE-2020-6516 CVE-2020-6517 CVE-2020-6518 CVE-2020-6519 CVE-2020-6520
    CVE-2020-6521 CVE-2020-6522 CVE-2020-6523 CVE-2020-6524 CVE-2020-6525
    CVE-2020-6526 CVE-2020-6527 CVE-2020-6528 CVE-2020-6529 CVE-2020-6530
    CVE-2020-6531 CVE-2020-6533 CVE-2020-6534 CVE-2020-6535 CVE-2020-6536
    --------------------------------------------------------------------------------
    ChangeLog:
    
    * Wed Jul 15 2020 Tom Callaway  - 84.0.4147.89-1
    - update to 84.0.4147.89
    --------------------------------------------------------------------------------
    References:
    
      [ 1 ] Bug #1857320 - CVE-2020-6511 chromium-browser: Side-channel information leakage in content security policy
            https://bugzilla.redhat.com/show_bug.cgi?id=1857320
      [ 2 ] Bug #1857321 - CVE-2020-6512 chromium-browser: Type Confusion in V8
            https://bugzilla.redhat.com/show_bug.cgi?id=1857321
      [ 3 ] Bug #1857322 - CVE-2020-6513 chromium-browser: Heap buffer overflow in PDFium
            https://bugzilla.redhat.com/show_bug.cgi?id=1857322
      [ 4 ] Bug #1857323 - CVE-2020-6515 chromium-browser: Use after free in tab strip
            https://bugzilla.redhat.com/show_bug.cgi?id=1857323
      [ 5 ] Bug #1857324 - CVE-2020-6516 chromium-browser: Policy bypass in CORS
            https://bugzilla.redhat.com/show_bug.cgi?id=1857324
      [ 6 ] Bug #1857325 - CVE-2020-6518 chromium-browser: Use after free in developer tools
            https://bugzilla.redhat.com/show_bug.cgi?id=1857325
      [ 7 ] Bug #1857326 - CVE-2020-6519 chromium-browser: Policy bypass in CSP
            https://bugzilla.redhat.com/show_bug.cgi?id=1857326
      [ 8 ] Bug #1857327 - CVE-2020-6520 chromium-browser: Heap buffer overflow in Skia
            https://bugzilla.redhat.com/show_bug.cgi?id=1857327
      [ 9 ] Bug #1857328 - CVE-2020-6521 chromium-browser: Side-channel information leakage in autofill
            https://bugzilla.redhat.com/show_bug.cgi?id=1857328
      [ 10 ] Bug #1857329 - CVE-2020-6523 chromium-browser: Out of bounds write in Skia
            https://bugzilla.redhat.com/show_bug.cgi?id=1857329
      [ 11 ] Bug #1857330 - CVE-2020-6524 chromium-browser: Heap buffer overflow in WebAudio
            https://bugzilla.redhat.com/show_bug.cgi?id=1857330
      [ 12 ] Bug #1857331 - CVE-2020-6525 chromium-browser: Heap buffer overflow in Skia
            https://bugzilla.redhat.com/show_bug.cgi?id=1857331
      [ 13 ] Bug #1857332 - CVE-2020-6526 chromium-browser: Inappropriate implementation in iframe sandbox
            https://bugzilla.redhat.com/show_bug.cgi?id=1857332
      [ 14 ] Bug #1857333 - CVE-2020-6527 chromium-browser: Insufficient policy enforcement in CSP
            https://bugzilla.redhat.com/show_bug.cgi?id=1857333
      [ 15 ] Bug #1857334 - CVE-2020-6528 chromium-browser: Incorrect security UI in basic auth
            https://bugzilla.redhat.com/show_bug.cgi?id=1857334
      [ 16 ] Bug #1857336 - CVE-2020-6529 chromium-browser: Inappropriate implementation in WebRTC
            https://bugzilla.redhat.com/show_bug.cgi?id=1857336
      [ 17 ] Bug #1857337 - CVE-2020-6530 chromium-browser: Out of bounds memory access in developer tools
            https://bugzilla.redhat.com/show_bug.cgi?id=1857337
      [ 18 ] Bug #1857338 - CVE-2020-6531 chromium-browser: Side-channel information leakage in scroll to text
            https://bugzilla.redhat.com/show_bug.cgi?id=1857338
      [ 19 ] Bug #1857339 - CVE-2020-6533 chromium-browser: Type Confusion in V8
            https://bugzilla.redhat.com/show_bug.cgi?id=1857339
      [ 20 ] Bug #1857340 - CVE-2020-6534 chromium-browser: Heap buffer overflow in WebRTC
            https://bugzilla.redhat.com/show_bug.cgi?id=1857340
      [ 21 ] Bug #1857341 - CVE-2020-6535 chromium-browser: Insufficient data validation in WebUI
            https://bugzilla.redhat.com/show_bug.cgi?id=1857341
      [ 22 ] Bug #1857342 - CVE-2020-6536 chromium-browser: Incorrect security UI in PWAs
            https://bugzilla.redhat.com/show_bug.cgi?id=1857342
    --------------------------------------------------------------------------------
    
    This update can be installed with the "dnf" update program. Use
    su -c 'dnf upgrade --advisory FEDORA-2020-bf684961d9' at the command
    line. For more information, refer to the dnf documentation available at
    https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
    
    All packages are signed with the Fedora Project GPG key. More details on the
    GPG keys used by the Fedora Project can be found at
    https://fedoraproject.org/keys
    --------------------------------------------------------------------------------
    _______________________________________________
    package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it.
    To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it.
    Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
    List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
    List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it.
    

    LinuxSecurity Poll

    Are you planning to use the 1Password password manager now that it is available to Linux users?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/35-are-you-planning-to-use-the-1password-password-manager-now-that-it-is-available-to-linux-users?task=poll.vote&format=json
    35
    radio
    [{"id":"122","title":"Yes","votes":"1","type":"x","order":"1","pct":20,"resources":[]},{"id":"123","title":"No ","votes":"3","type":"x","order":"2","pct":60,"resources":[]},{"id":"124","title":"Not sure at the moment","votes":"1","type":"x","order":"3","pct":20,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
    bottom 200

    Advisories

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.