--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2021-6a292e2cf4
2022-01-07 01:10:27.075061
--------------------------------------------------------------------------------

Name        : chromium
Product     : Fedora 34
Version     : 96.0.4664.110
Release     : 3.fc34
URL         : https://www.chromium.org/Home
Summary     : A WebKit (Blink) powered web browser that Google doesn't want you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).

--------------------------------------------------------------------------------
Update Information:

Add wayland detection and pass flags to improve experience when wayland is used.
----  Update to 96.0.4664.110. You know the drill, lots of security bugs fixed,
update if you like security, hit that like and subscribe button. CVE-2021-4052
CVE-2021-4053 CVE-2021-4054 CVE-2021-4055 CVE-2021-4056 CVE-2021-4057
CVE-2021-4058 CVE-2021-4059 CVE-2021-4061 CVE-2021-4062 CVE-2021-4063
CVE-2021-4064 CVE-2021-4065 CVE-2021-4066 CVE-2021-4067 CVE-2021-4068
CVE-2021-4079 CVE-2021-4078 CVE-2021-4098 CVE-2021-4099 CVE-2021-4100
CVE-2021-4101 CVE-2021-4102 CVE-2021-37997 CVE-2021-37998 CVE-2021-37999
CVE-2021-38000 CVE-2021-38001 CVE-2021-38002 CVE-2021-38003 CVE-2021-38004
CVE-2021-38008 CVE-2021-38009 CVE-2021-38006 CVE-2021-38007 CVE-2021-38005
CVE-2021-38010 CVE-2021-38011  CVE-2021-38012 CVE-2021-38013 CVE-2021-38014
CVE-2021-38015 CVE-2021-38016 CVE-2021-38017 CVE-2021-38018  CVE-2021-38019
CVE-2021-38020 CVE-2021-38021 CVE-2021-38022
--------------------------------------------------------------------------------
ChangeLog:

* Mon Dec 27 2021 Tom Callaway  - 96.0.4664.110-3
- have chromium-browser.sh check for wayland env vars and if found, set ozone flags appropriately
  Thanks to Neal Gompa for the nudge
* Mon Dec 20 2021 Tom Callaway  - 96.0.4664.110-2
- enable WebRTCPipeWireCapturer by default
* Thu Dec 16 2021 Tom Callaway  - 96.0.4664.110-1
- update to 96.0.4664.110
* Fri Nov 19 2021 Tom Callaway  - 96.0.4664.45-1
- update to 96.0.4664.45
* Fri Nov 12 2021 Tom Callaway  - 95.0.4638.69-1
- update to 95.0.4638.69
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2018561 - CVE-2021-37997 chromium-browser: Use after free in Sign-In
        https://bugzilla.redhat.com/show_bug.cgi?id=2018561
  [ 2 ] Bug #2018562 - CVE-2021-37998 chromium-browser: Use after free in Garbage Collection
        https://bugzilla.redhat.com/show_bug.cgi?id=2018562
  [ 3 ] Bug #2018563 - CVE-2021-37999 chromium-browser: Insufficient data validation in New Tab Page
        https://bugzilla.redhat.com/show_bug.cgi?id=2018563
  [ 4 ] Bug #2018564 - CVE-2021-38000 chromium-browser: Insufficient validation of untrusted input in Intents
        https://bugzilla.redhat.com/show_bug.cgi?id=2018564
  [ 5 ] Bug #2018565 - CVE-2021-38001 chromium-browser: Type Confusion in V8
        https://bugzilla.redhat.com/show_bug.cgi?id=2018565
  [ 6 ] Bug #2018566 - CVE-2021-38002 chromium-browser: Use after free in Web Transport
        https://bugzilla.redhat.com/show_bug.cgi?id=2018566
  [ 7 ] Bug #2018567 - CVE-2021-38003 chromium-browser: Inappropriate implementation in V8
        https://bugzilla.redhat.com/show_bug.cgi?id=2018567
  [ 8 ] Bug #2024272 - CVE-2021-38008 chromium-browser: Use after free in media
        https://bugzilla.redhat.com/show_bug.cgi?id=2024272
  [ 9 ] Bug #2024273 - CVE-2021-38009 chromium-browser: Inappropriate implementation in cache
        https://bugzilla.redhat.com/show_bug.cgi?id=2024273
  [ 10 ] Bug #2024274 - CVE-2021-38006 chromium-browser: Use after free in storage foundation
        https://bugzilla.redhat.com/show_bug.cgi?id=2024274
  [ 11 ] Bug #2024275 - CVE-2021-38007 chromium-browser: Type Confusion in V8
        https://bugzilla.redhat.com/show_bug.cgi?id=2024275
  [ 12 ] Bug #2024276 - CVE-2021-38005 chromium-browser: Use after free in loader
        https://bugzilla.redhat.com/show_bug.cgi?id=2024276
  [ 13 ] Bug #2024277 - CVE-2021-38010 chromium-browser: Inappropriate implementation in service workers
        https://bugzilla.redhat.com/show_bug.cgi?id=2024277
  [ 14 ] Bug #2024278 - CVE-2021-38011 chromium-browser: Use after free in storage foundation
        https://bugzilla.redhat.com/show_bug.cgi?id=2024278
  [ 15 ] Bug #2024279 - CVE-2021-38012 chromium-browser: Type Confusion in V8
        https://bugzilla.redhat.com/show_bug.cgi?id=2024279
  [ 16 ] Bug #2024280 - CVE-2021-38013 chromium-browser: Heap buffer overflow in fingerprint recognition
        https://bugzilla.redhat.com/show_bug.cgi?id=2024280
  [ 17 ] Bug #2024281 - CVE-2021-38014 chromium-browser: Out of bounds write in Swiftshader
        https://bugzilla.redhat.com/show_bug.cgi?id=2024281
  [ 18 ] Bug #2024282 - CVE-2021-38015 chromium-browser: Inappropriate implementation in input
        https://bugzilla.redhat.com/show_bug.cgi?id=2024282
  [ 19 ] Bug #2024283 - CVE-2021-38016 chromium-browser: Insufficient policy enforcement in background fetch
        https://bugzilla.redhat.com/show_bug.cgi?id=2024283
  [ 20 ] Bug #2024284 - CVE-2021-38017 chromium-browser: Insufficient policy enforcement in iframe sandbox
        https://bugzilla.redhat.com/show_bug.cgi?id=2024284
  [ 21 ] Bug #2024285 - CVE-2021-38018 chromium-browser: Inappropriate implementation in navigation
        https://bugzilla.redhat.com/show_bug.cgi?id=2024285
  [ 22 ] Bug #2024286 - CVE-2021-38019 chromium-browser: Insufficient policy enforcement in CORS
        https://bugzilla.redhat.com/show_bug.cgi?id=2024286
  [ 23 ] Bug #2024287 - CVE-2021-38020 chromium-browser: Insufficient policy enforcement in contacts picker
        https://bugzilla.redhat.com/show_bug.cgi?id=2024287
  [ 24 ] Bug #2024288 - CVE-2021-38021 chromium-browser: Inappropriate implementation in referrer
        https://bugzilla.redhat.com/show_bug.cgi?id=2024288
  [ 25 ] Bug #2024289 - CVE-2021-38022 chromium-browser: Inappropriate implementation in WebAuthentication
        https://bugzilla.redhat.com/show_bug.cgi?id=2024289
  [ 26 ] Bug #2029881 - CVE-2021-4052 chromium-browser: Use after free in web apps
        https://bugzilla.redhat.com/show_bug.cgi?id=2029881
  [ 27 ] Bug #2029882 - CVE-2021-4053 chromium-browser: Use after free in UI
        https://bugzilla.redhat.com/show_bug.cgi?id=2029882
  [ 28 ] Bug #2029883 - CVE-2021-4054 chromium-browser: Incorrect security UI in autofill
        https://bugzilla.redhat.com/show_bug.cgi?id=2029883
  [ 29 ] Bug #2029884 - CVE-2021-4055 chromium-browser: Heap buffer overflow in extensions
        https://bugzilla.redhat.com/show_bug.cgi?id=2029884
  [ 30 ] Bug #2029885 - CVE-2021-4056 chromium-browser: Type Confusion in loader
        https://bugzilla.redhat.com/show_bug.cgi?id=2029885
  [ 31 ] Bug #2029886 - CVE-2021-4057 chromium-browser: Use after free in file API
        https://bugzilla.redhat.com/show_bug.cgi?id=2029886
  [ 32 ] Bug #2029887 - CVE-2021-4058 chromium-browser: Heap buffer overflow in ANGLE
        https://bugzilla.redhat.com/show_bug.cgi?id=2029887
  [ 33 ] Bug #2029888 - CVE-2021-4059 chromium-browser: Insufficient data validation in loader
        https://bugzilla.redhat.com/show_bug.cgi?id=2029888
  [ 34 ] Bug #2029889 - CVE-2021-4061 chromium-browser: Type Confusion in V8
        https://bugzilla.redhat.com/show_bug.cgi?id=2029889
  [ 35 ] Bug #2029890 - CVE-2021-4062 chromium-browser: Heap buffer overflow in BFCache
        https://bugzilla.redhat.com/show_bug.cgi?id=2029890
  [ 36 ] Bug #2029892 - CVE-2021-4063 chromium-browser: Use after free in developer tools
        https://bugzilla.redhat.com/show_bug.cgi?id=2029892
  [ 37 ] Bug #2029893 - CVE-2021-4064 chromium-browser: Use after free in screen capture
        https://bugzilla.redhat.com/show_bug.cgi?id=2029893
  [ 38 ] Bug #2029894 - CVE-2021-4065 chromium-browser: Use after free in autofill
        https://bugzilla.redhat.com/show_bug.cgi?id=2029894
  [ 39 ] Bug #2029895 - CVE-2021-4066 chromium-browser: Integer underflow in ANGLE
        https://bugzilla.redhat.com/show_bug.cgi?id=2029895
  [ 40 ] Bug #2029896 - CVE-2021-4067 chromium-browser: Use after free in window manager
        https://bugzilla.redhat.com/show_bug.cgi?id=2029896
  [ 41 ] Bug #2029897 - CVE-2021-4068 chromium-browser: Insufficient validation of untrusted input in new tab page
        https://bugzilla.redhat.com/show_bug.cgi?id=2029897
  [ 42 ] Bug #2032168 - CVE-2021-4098 chromium-browser: Insufficient data validation in Mojo
        https://bugzilla.redhat.com/show_bug.cgi?id=2032168
  [ 43 ] Bug #2032169 - CVE-2021-4099 chromium-browser: Use after free in Swiftshader
        https://bugzilla.redhat.com/show_bug.cgi?id=2032169
  [ 44 ] Bug #2032170 - CVE-2021-4100 chromium-browser: Object lifecycle issue in ANGLE
        https://bugzilla.redhat.com/show_bug.cgi?id=2032170
  [ 45 ] Bug #2032171 - CVE-2021-4101 chromium-browser: Heap buffer overflow in Swiftshader
        https://bugzilla.redhat.com/show_bug.cgi?id=2032171
  [ 46 ] Bug #2032172 - CVE-2021-4102 chromium-browser: Use after free in V8
        https://bugzilla.redhat.com/show_bug.cgi?id=2032172
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2021-6a292e2cf4' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure