--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-49b52819a4
2022-03-14 22:25:14.381987
--------------------------------------------------------------------------------

Name        : chromium
Product     : Fedora 34
Version     : 99.0.4844.51
Release     : 1.fc34
URL         : https://www.chromium.org/Home
Summary     : A WebKit (Blink) powered web browser that Google doesn't want you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).

--------------------------------------------------------------------------------
Update Information:

Update Chromium to 99.0.4844.51. Fixes, well, a LOT of security bugs. Sorry
about that.  CVE-2021-22570 CVE-2022-0096 CVE-2022-0097 CVE-2022-0098
CVE-2022-0099 CVE-2022-0100 CVE-2022-0101 CVE-2022-0102 CVE-2022-0103
CVE-2022-0104 CVE-2022-0105 CVE-2022-0106 CVE-2022-0107 CVE-2022-0108
CVE-2022-0109 CVE-2022-0110 CVE-2022-0111 CVE-2022-0112 CVE-2022-0113
CVE-2022-0114 CVE-2022-0115 CVE-2022-0116 CVE-2022-0117 CVE-2022-0118
CVE-2022-0120 CVE-2022-0789 CVE-2022-0790 CVE-2022-0791 CVE-2022-0792
CVE-2022-0793 CVE-2022-0794 CVE-2022-0795 CVE-2022-0796 CVE-2022-0797
CVE-2022-0798 CVE-2022-0799 CVE-2022-0800 CVE-2022-0801 CVE-2022-0802
CVE-2022-0803 CVE-2022-0804 CVE-2022-0805 CVE-2022-0806 CVE-2022-0807
CVE-2022-0808 CVE-2022-0809
--------------------------------------------------------------------------------
ChangeLog:

* Sat Mar  5 2022 Tom Callaway  - 99.0.4844.5-1
- update to 99.0.4844.5
* Fri Feb 25 2022 Tom Callaway  - 98.0.4758.102-1
- update to 98.0.4758.102
- fix build issue with subzero and gcc12
* Tue Feb  8 2022 Tom Callaway  - 98.0.4758.80-1
- update to 98.0.4758.80
* Sat Feb  5 2022 Jiri Vanek  - 96.0.4664.110-9
- Rebuilt for java-17-openjdk as system jdk
* Wed Jan 19 2022 Fedora Release Engineering  - 96.0.4664.110-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Wed Jan  5 2022 Tom Callaway  - 96.0.4664.110-7
- i hate regex. trying again
* Tue Jan  4 2022 Tom Callaway  - 96.0.4664.110-6
- always filter provides, was previously inside conditional for shared builds
* Mon Jan  3 2022 Tom Callaway  - 96.0.4664.110-5
- fix provides filtering to be more inclusive (and work properly)
* Thu Dec 30 2021 Tom Callaway  - 96.0.4664.110-4
- package up more swiftshader/angle stuff
- move swiftshader files to -common so headless can use them
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2037457 - CVE-2022-0096 chromium-browser: Use after free in Storage
        https://bugzilla.redhat.com/show_bug.cgi?id=2037457
  [ 2 ] Bug #2037458 - CVE-2022-0097 chromium-browser: Inappropriate implementation in DevTools
        https://bugzilla.redhat.com/show_bug.cgi?id=2037458
  [ 3 ] Bug #2037459 - CVE-2022-0098 chromium-browser: Use after free in Screen Capture
        https://bugzilla.redhat.com/show_bug.cgi?id=2037459
  [ 4 ] Bug #2037460 - CVE-2022-0099 chromium-browser: Use after free in Sign-in
        https://bugzilla.redhat.com/show_bug.cgi?id=2037460
  [ 5 ] Bug #2037461 - CVE-2022-0100 chromium-browser: Heap buffer overflow in Media streams API
        https://bugzilla.redhat.com/show_bug.cgi?id=2037461
  [ 6 ] Bug #2037462 - CVE-2022-0101 chromium-browser: Heap buffer overflow in Bookmarks
        https://bugzilla.redhat.com/show_bug.cgi?id=2037462
  [ 7 ] Bug #2037463 - CVE-2022-0102 chromium-browser: Type Confusion in V8
        https://bugzilla.redhat.com/show_bug.cgi?id=2037463
  [ 8 ] Bug #2037464 - CVE-2022-0103 chromium-browser: Use after free in SwiftShader
        https://bugzilla.redhat.com/show_bug.cgi?id=2037464
  [ 9 ] Bug #2037465 - CVE-2022-0104 chromium-browser: Heap buffer overflow in ANGLE
        https://bugzilla.redhat.com/show_bug.cgi?id=2037465
  [ 10 ] Bug #2037466 - CVE-2022-0105 chromium-browser: Use after free in PDF
        https://bugzilla.redhat.com/show_bug.cgi?id=2037466
  [ 11 ] Bug #2037467 - CVE-2022-0106 chromium-browser: Use after free in Autofill
        https://bugzilla.redhat.com/show_bug.cgi?id=2037467
  [ 12 ] Bug #2037468 - CVE-2022-0107 chromium-browser: Use after free in File Manager API
        https://bugzilla.redhat.com/show_bug.cgi?id=2037468
  [ 13 ] Bug #2037469 - CVE-2022-0108 chromium-browser: Inappropriate implementation in Navigation
        https://bugzilla.redhat.com/show_bug.cgi?id=2037469
  [ 14 ] Bug #2037470 - CVE-2022-0109 chromium-browser: Inappropriate implementation in Autofill
        https://bugzilla.redhat.com/show_bug.cgi?id=2037470
  [ 15 ] Bug #2037471 - CVE-2022-0110 chromium-browser: Incorrect security UI in Autofill
        https://bugzilla.redhat.com/show_bug.cgi?id=2037471
  [ 16 ] Bug #2037472 - CVE-2022-0111 chromium-browser: Inappropriate implementation in Navigation
        https://bugzilla.redhat.com/show_bug.cgi?id=2037472
  [ 17 ] Bug #2037473 - CVE-2022-0112 chromium-browser: Incorrect security UI in Browser UI
        https://bugzilla.redhat.com/show_bug.cgi?id=2037473
  [ 18 ] Bug #2037474 - CVE-2022-0113 chromium-browser: Inappropriate implementation in Blink
        https://bugzilla.redhat.com/show_bug.cgi?id=2037474
  [ 19 ] Bug #2037475 - CVE-2022-0114 chromium-browser: Out of bounds memory access in Web Serial
        https://bugzilla.redhat.com/show_bug.cgi?id=2037475
  [ 20 ] Bug #2037476 - CVE-2022-0115 chromium-browser: Uninitialized Use in File API
        https://bugzilla.redhat.com/show_bug.cgi?id=2037476
  [ 21 ] Bug #2037477 - CVE-2022-0116 chromium-browser: Inappropriate implementation in Compositing
        https://bugzilla.redhat.com/show_bug.cgi?id=2037477
  [ 22 ] Bug #2037478 - CVE-2022-0117 chromium-browser: Policy bypass in Service Workers
        https://bugzilla.redhat.com/show_bug.cgi?id=2037478
  [ 23 ] Bug #2037479 - CVE-2022-0118 chromium-browser: Inappropriate implementation in WebShare
        https://bugzilla.redhat.com/show_bug.cgi?id=2037479
  [ 24 ] Bug #2037480 - CVE-2022-0120 chromium-browser: Inappropriate implementation in Passwords
        https://bugzilla.redhat.com/show_bug.cgi?id=2037480
  [ 25 ] Bug #2049429 - CVE-2021-22570 protobuf: Incorrect parsing of nullchar in the proto symbol  leads to  Nullptr dereference
        https://bugzilla.redhat.com/show_bug.cgi?id=2049429
  [ 26 ] Bug #2059898 - CVE-2022-0789 chromium-browser: Heap buffer overflow in ANGLE
        https://bugzilla.redhat.com/show_bug.cgi?id=2059898
  [ 27 ] Bug #2059900 - CVE-2022-0791 chromium-browser: Use after free in Omnibox
        https://bugzilla.redhat.com/show_bug.cgi?id=2059900
  [ 28 ] Bug #2059901 - CVE-2022-0792 chromium-browser: Out of bounds read in ANGLE
        https://bugzilla.redhat.com/show_bug.cgi?id=2059901
  [ 29 ] Bug #2059902 - CVE-2022-0793 chromium-browser: Use after free in Views
        https://bugzilla.redhat.com/show_bug.cgi?id=2059902
  [ 30 ] Bug #2059905 - CVE-2022-0796 chromium-browser: Use after free in Media
        https://bugzilla.redhat.com/show_bug.cgi?id=2059905
  [ 31 ] Bug #2059910 - CVE-2022-0801 chromium-browser: Inappropriate implementation in HTML parser
        https://bugzilla.redhat.com/show_bug.cgi?id=2059910
  [ 32 ] Bug #2059911 - CVE-2022-0802 chromium-browser: Inappropriate implementation in Full screen mode
        https://bugzilla.redhat.com/show_bug.cgi?id=2059911
  [ 33 ] Bug #2059912 - CVE-2022-0803 chromium-browser: Inappropriate implementation in Permissions
        https://bugzilla.redhat.com/show_bug.cgi?id=2059912
  [ 34 ] Bug #2059913 - CVE-2022-0804 chromium-browser: Inappropriate implementation in Full screen mode
        https://bugzilla.redhat.com/show_bug.cgi?id=2059913
  [ 35 ] Bug #2059914 - CVE-2022-0805 chromium-browser: Use after free in Browser Switcher
        https://bugzilla.redhat.com/show_bug.cgi?id=2059914
  [ 36 ] Bug #2059915 - CVE-2022-0806 chromium-browser: Data leak in Canvas
        https://bugzilla.redhat.com/show_bug.cgi?id=2059915
  [ 37 ] Bug #2059916 - CVE-2022-0807 chromium-browser: Inappropriate implementation in Autofill
        https://bugzilla.redhat.com/show_bug.cgi?id=2059916
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-49b52819a4' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure