Fedora 33: chromium 2021-aa764a8531

Date 28 Feb 2021

Category Fedora Linux Distribution - Security Advisories

225

Posted By LinuxSecurity Advisories

Update to 88.0.4324.182. Fixes CVE-2021-21149 CVE-2021-21150 CVE-2021-21151 CVE-2021-21152 CVE-2021-21153 CVE-2021-21154 CVE-2021-21155 CVE-2021-21156 CVE-2021-21157

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2021-aa764a8531
2021-02-28 17:25:31.286237
--------------------------------------------------------------------------------

Name        : chromium
Product     : Fedora 33
Version     : 88.0.4324.182
Release     : 1.fc33
URL         : https://www.chromium.org/Home
Summary     : A WebKit (Blink) powered web browser
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).

--------------------------------------------------------------------------------
Update Information:

Update to 88.0.4324.182.   Fixes CVE-2021-21149 CVE-2021-21150 CVE-2021-21151
CVE-2021-21152 CVE-2021-21153 CVE-2021-21154 CVE-2021-21155 CVE-2021-21156
CVE-2021-21157
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 17 2021 Tom Callaway  - 88.0.4234.182-1
- update to 88.0.4234.182
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1929523 - CVE-2021-21149 chromium-browser: Stack overflow in Data Transfer
        https://bugzilla.redhat.com/show_bug.cgi?id=1929523
  [ 2 ] Bug #1929524 - CVE-2021-21150 chromium-browser: Use after free in Downloads
        https://bugzilla.redhat.com/show_bug.cgi?id=1929524
  [ 3 ] Bug #1929525 - CVE-2021-21151 chromium-browser: Use after free in Payments
        https://bugzilla.redhat.com/show_bug.cgi?id=1929525
  [ 4 ] Bug #1929526 - CVE-2021-21152 chromium-browser: Heap buffer overflow in Media
        https://bugzilla.redhat.com/show_bug.cgi?id=1929526
  [ 5 ] Bug #1929527 - CVE-2021-21153 chromium-browser: Stack overflow in GPU Process
        https://bugzilla.redhat.com/show_bug.cgi?id=1929527
  [ 6 ] Bug #1929528 - CVE-2021-21154 chromium-browser: Heap buffer overflow in Tab Strip
        https://bugzilla.redhat.com/show_bug.cgi?id=1929528
  [ 7 ] Bug #1929529 - CVE-2021-21155 chromium-browser: Heap buffer overflow in Tab Strip
        https://bugzilla.redhat.com/show_bug.cgi?id=1929529
  [ 8 ] Bug #1929530 - CVE-2021-21156 chromium-browser: Heap buffer overflow in V8
        https://bugzilla.redhat.com/show_bug.cgi?id=1929530
  [ 9 ] Bug #1929531 - CVE-2021-21157 chromium-browser: Use after free in Web Sockets
        https://bugzilla.redhat.com/show_bug.cgi?id=1929531
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2021-aa764a8531' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it.
To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it.
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it.
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure