Fedora 33: 2021-ca58c57bdf Moderate: Chromium Multiple Issues

fedora

July 17, 2021

Fix crash in ThemeService (thanks to OpenSUSE) ---- Security fixes

Summary

Chromium is an open-source web browser, powered by WebKit (Blink).

Fix crash in ThemeService (thanks to OpenSUSE) ---- Security fixes.

CVE-2021-30506 CVE-2021-30507 CVE-2021-30508 CVE-2021-30509 CVE-2021-30510

CVE-2021-30511 CVE-2021-30512 CVE-2021-30513 CVE-2021-30514 CVE-2021-30515

CVE-2021-30516 CVE-2021-30517 CVE-2021-30518 CVE-2021-30519 CVE-2021-30520

CVE-2021-30521 CVE-2021-30522 CVE-2021-30523 CVE-2021-30524 CVE-2021-30525

CVE-2021-30526 CVE-2021-30527 CVE-2021-30528 CVE-2021-30529 CVE-2021-30530

CVE-2021-30531 CVE-2021-30532 CVE-2021-30533 CVE-2021-30534 CVE-2021-30535

CVE-2021-30536 CVE-2021-30537 CVE-2021-30538 CVE-2021-30539 CVE-2021-30540

CVE-2021-30544 CVE-2021-30545 CVE-2021-30546 CVE-2021-30547 CVE-2021-30548

CVE-2021-30549 CVE-2021-30550 CVE-2021-30551 CVE-2021-30552 CVE-2021-30553

CVE-2021-30554 CVE-2021-30555 CVE-2021-30556 CVE-2021-30557

* Tue Jul 6 2021 Tom Callaway - 91.0.4472.114-2

- fix ThemeService crash (thanks OpenSUSE)

* Wed Jun 23 2021 Tom Callaway - 91.0.4472.114-1

- update to 91.0.4472.114

* Tue Jun 1 2021 Tom Callaway - 91.0.4472.77-1

- update to 91.0.4472.77

[ 1 ] Bug #1965424 - CVE-2021-30521 chromium-browser: Heap buffer overflow in Autofill

https://bugzilla.redhat.com/show_bug.cgi?id=1965424

[ 2 ] Bug #1965425 - CVE-2021-30522 chromium-browser: Use after free in WebAudio

https://bugzilla.redhat.com/show_bug.cgi?id=1965425

[ 3 ] Bug #1965426 - CVE-2021-30523 chromium-browser: Use after free in WebRTC

https://bugzilla.redhat.com/show_bug.cgi?id=1965426

[ 4 ] Bug #1965427 - CVE-2021-30524 chromium-browser: Use after free in TabStrip

https://bugzilla.redhat.com/show_bug.cgi?id=1965427

[ 5 ] Bug #1965428 - CVE-2021-30525 chromium-browser: Use after free in TabGroups

https://bugzilla.redhat.com/show_bug.cgi?id=1965428

[ 6 ] Bug #1965429 - CVE-2021-30526 chromium-browser: Out of bounds write in TabStrip

https://bugzilla.redhat.com/show_bug.cgi?id=1965429

[ 7 ] Bug #1965430 - CVE-2021-30527 chromium-browser: Use after free in WebUI

https://bugzilla.redhat.com/show_bug.cgi?id=1965430

[ 8 ] Bug #1965431 - CVE-2021-30528 chromium-browser: Use after free in WebAuthentication

https://bugzilla.redhat.com/show_bug.cgi?id=1965431

[ 9 ] Bug #1965432 - CVE-2021-30529 chromium-browser: Use after free in Bookmarks

https://bugzilla.redhat.com/show_bug.cgi?id=1965432

[ 10 ] Bug #1965433 - CVE-2021-30530 chromium-browser: Out of bounds memory access in WebAudio

https://bugzilla.redhat.com/show_bug.cgi?id=1965433

[ 11 ] Bug #1965434 - CVE-2021-30531 chromium-browser: Insufficient policy enforcement in Content Security Policy

https://bugzilla.redhat.com/show_bug.cgi?id=1965434

[ 12 ] Bug #1965435 - CVE-2021-30532 chromium-browser: Insufficient policy enforcement in Content Security Policy

https://bugzilla.redhat.com/show_bug.cgi?id=1965435

[ 13 ] Bug #1965436 - CVE-2021-30533 chromium-browser: Insufficient policy enforcement in PopupBlocker

https://bugzilla.redhat.com/show_bug.cgi?id=1965436

[ 14 ] Bug #1965437 - CVE-2021-30534 chromium-browser: Insufficient policy enforcement in iFrameSandbox

https://bugzilla.redhat.com/show_bug.cgi?id=1965437

[ 15 ] Bug #1965438 - CVE-2021-30535 chromium-browser: Double free in ICU

https://bugzilla.redhat.com/show_bug.cgi?id=1965438

[ 16 ] Bug #1965439 - CVE-2021-30536 chromium-browser: Out of bounds read in V8

https://bugzilla.redhat.com/show_bug.cgi?id=1965439

[ 17 ] Bug #1965440 - CVE-2021-30537 chromium-browser: Insufficient policy enforcement in cookies

https://bugzilla.redhat.com/show_bug.cgi?id=1965440

[ 18 ] Bug #1965441 - CVE-2021-30538 chromium-browser: Insufficient policy enforcement in content security policy

https://bugzilla.redhat.com/show_bug.cgi?id=1965441

[ 19 ] Bug #1965442 - CVE-2021-30539 chromium-browser: Insufficient policy enforcement in content security policy

https://bugzilla.redhat.com/show_bug.cgi?id=1965442

[ 20 ] Bug #1965443 - CVE-2021-30540 chromium-browser: Incorrect security UI in payments

https://bugzilla.redhat.com/show_bug.cgi?id=1965443

[ 21 ] Bug #1970106 - CVE-2021-30544 chromium-browser: Use after free in BFCache

https://bugzilla.redhat.com/show_bug.cgi?id=1970106

[ 22 ] Bug #1970107 - CVE-2021-30545 chromium-browser: Use after free in Extensions

https://bugzilla.redhat.com/show_bug.cgi?id=1970107

[ 23 ] Bug #1970108 - CVE-2021-30546 chromium-browser: Use after free in Autofill

https://bugzilla.redhat.com/show_bug.cgi?id=1970108

[ 24 ] Bug #1970109 - CVE-2021-30547 chromium-browser: Out of bounds write in ANGLE

https://bugzilla.redhat.com/show_bug.cgi?id=1970109

[ 25 ] Bug #1970110 - CVE-2021-30548 chromium-browser: Use after free in Loader

https://bugzilla.redhat.com/show_bug.cgi?id=1970110

[ 26 ] Bug #1970111 - CVE-2021-30549 chromium-browser: Use after free in Spell check

https://bugzilla.redhat.com/show_bug.cgi?id=1970111

[ 27 ] Bug #1970112 - CVE-2021-30550 chromium-browser: Use after free in Accessibility

https://bugzilla.redhat.com/show_bug.cgi?id=1970112

[ 28 ] Bug #1970113 - CVE-2021-30551 chromium-browser: Type Confusion in V8

https://bugzilla.redhat.com/show_bug.cgi?id=1970113

[ 29 ] Bug #1970114 - CVE-2021-30552 chromium-browser: Use after free in Extensions

https://bugzilla.redhat.com/show_bug.cgi?id=1970114

[ 30 ] Bug #1970115 - CVE-2021-30553 chromium-browser: Use after free in Network service

https://bugzilla.redhat.com/show_bug.cgi?id=1970115

[ 31 ] Bug #1971568 - CVE-2021-30506 chromium-browser: Incorrect security UI in Web App Installs

https://bugzilla.redhat.com/show_bug.cgi?id=1971568

[ 32 ] Bug #1971569 - CVE-2021-30507 chromium-browser: Inappropriate implementation in Offline

https://bugzilla.redhat.com/show_bug.cgi?id=1971569

[ 33 ] Bug #1971570 - CVE-2021-30508 chromium-browser: Heap buffer overflow in Media Feeds

https://bugzilla.redhat.com/show_bug.cgi?id=1971570

[ 34 ] Bug #1971571 - CVE-2021-30509 chromium-browser: Out of bounds write in Tab Strip

https://bugzilla.redhat.com/show_bug.cgi?id=1971571

[ 35 ] Bug #1971572 - CVE-2021-30510 chromium-browser: Race in Aura

https://bugzilla.redhat.com/show_bug.cgi?id=1971572

[ 36 ] Bug #1971573 - CVE-2021-30511 chromium-browser: Out of bounds read in Tab Groups

https://bugzilla.redhat.com/show_bug.cgi?id=1971573

[ 37 ] Bug #1971574 - CVE-2021-30512 chromium-browser: Use after free in Notifications

https://bugzilla.redhat.com/show_bug.cgi?id=1971574

[ 38 ] Bug #1971575 - CVE-2021-30513 chromium-browser: Type Confusion in V8

https://bugzilla.redhat.com/show_bug.cgi?id=1971575

[ 39 ] Bug #1971576 - CVE-2021-30514 chromium-browser: Use after free in Autofill

https://bugzilla.redhat.com/show_bug.cgi?id=1971576

[ 40 ] Bug #1971577 - CVE-2021-30516 chromium-browser: Heap buffer overflow in History

https://bugzilla.redhat.com/show_bug.cgi?id=1971577

[ 41 ] Bug #1971578 - CVE-2021-30517 chromium-browser: Type Confusion in V8

https://bugzilla.redhat.com/show_bug.cgi?id=1971578

[ 42 ] Bug #1971579 - CVE-2021-30518 chromium-browser: Heap buffer overflow in Reader Mode

https://bugzilla.redhat.com/show_bug.cgi?id=1971579

[ 43 ] Bug #1971580 - CVE-2021-30519 chromium-browser: Use after free in Payments

https://bugzilla.redhat.com/show_bug.cgi?id=1971580

[ 44 ] Bug #1971581 - CVE-2021-30520 chromium-browser: Use after free in Tab Strip

https://bugzilla.redhat.com/show_bug.cgi?id=1971581

[ 45 ] Bug #1973547 - CVE-2021-30554 chromium-browser: Use after free in WebGL

https://bugzilla.redhat.com/show_bug.cgi?id=1973547

[ 46 ] Bug #1973548 - CVE-2021-30555 chromium-browser: Use after free in Sharing

https://bugzilla.redhat.com/show_bug.cgi?id=1973548

[ 47 ] Bug #1973549 - CVE-2021-30556 chromium-browser: Use after free in WebAudio

https://bugzilla.redhat.com/show_bug.cgi?id=1973549

[ 48 ] Bug #1973550 - CVE-2021-30557 chromium-browser: Use after free in TabGroups

https://bugzilla.redhat.com/show_bug.cgi?id=1973550

su -c 'dnf upgrade --advisory FEDORA-2021-ca58c57bdf' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

Topics Covered

security advisory fedora buffer overflow moderate threat multiple issues chromium

Change Log

References

Update Instructions

Product: Fedora 33

Version: 91.0.4472.114

Release: 2.fc33

URL: https://www.chromium.org/Home/

Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use

Topics Covered

security advisory fedora buffer overflow moderate threat multiple issues chromium

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Fedora 33: 2021-ca58c57bdf Moderate: Chromium Multiple Issues

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Fedora 33: 2021-ca58c57bdf Moderate: Chromium Multiple Issues

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!