Fedora 35: chromium 2022-3ca063941b | LinuxSecurity.com
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-3ca063941b
2022-10-05 01:03:41.175132
--------------------------------------------------------------------------------

Name        : chromium
Product     : Fedora 35
Version     : 105.0.5195.125
Release     : 2.fc35
URL         : https://www.chromium.org/Home
Summary     : A WebKit (Blink) powered web browser that Google doesn't want you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).

--------------------------------------------------------------------------------
Update Information:

Update to chromium-105.0.5195.125. This package only has minor changes... ah,
just kidding. Here is the pile of security issues it fixes:  CVE-2022-2007
CVE-2022-2008 CVE-2022-2010 CVE-2022-2011 CVE-2022-2603 CVE-2022-2604
CVE-2022-2605 CVE-2022-2606 CVE-2022-2607 CVE-2022-2608 CVE-2022-2609
CVE-2022-2610 CVE-2022-2611 CVE-2022-2612 CVE-2022-2613 CVE-2022-2614
CVE-2022-2615 CVE-2022-2616 CVE-2022-2617 CVE-2022-2618 CVE-2022-2619
CVE-2022-2620 CVE-2022-2621 CVE-2022-2622 CVE-2022-2623 CVE-2022-2624
CVE-2022-2852 CVE-2022-2854 CVE-2022-2855 CVE-2022-2857 CVE-2022-2858
CVE-2022-2853 CVE-2022-2856 CVE-2022-2859 CVE-2022-2860 CVE-2022-2861
CVE-2022-3038 CVE-2022-3039 CVE-2022-3040 CVE-2022-3041 CVE-2022-3042
CVE-2022-3043 CVE-2022-3044 CVE-2022-3045 CVE-2022-3046 CVE-2022-3071
CVE-2022-3047 CVE-2022-3048 CVE-2022-3049 CVE-2022-3050 CVE-2022-3051
CVE-2022-3052 CVE-2022-3053 CVE-2022-3054 CVE-2022-3055 CVE-2022-3056
CVE-2022-3057 CVE-2022-3058 CVE-2022-3075 CVE-2022-3195 CVE-2022-3196
CVE-2022-3197 CVE-2022-3198 CVE-2022-3199 CVE-2022-3200 CVE-2022-3201
--------------------------------------------------------------------------------
ChangeLog:

* Fri Sep 23 2022 Tom Callaway  - 105.0.5195.125-2
- apply upstream fix for wayland menu misplacement bug
* Mon Sep 19 2022 Tom Callaway  - 105.0.5195.125-1
- update to 105.0.5195.125
* Thu Sep  1 2022 Tom Callaway  - 105.0.5195.52-1
- update to 105.0.5195.52
* Thu Aug 18 2022 Tom Callaway  - 104.0.5112.101-1
- update to 104.0.5112.101
* Wed Jul 20 2022 Fedora Release Engineering  - 103.0.5060.114-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2095757 - CVE-2022-2007 chromium-browser: Use after free in WebGPU
        https://bugzilla.redhat.com/show_bug.cgi?id=2095757
  [ 2 ] Bug #2095759 - CVE-2022-2008 chromium-browser: Out of bounds memory access in WebGL
        https://bugzilla.redhat.com/show_bug.cgi?id=2095759
  [ 3 ] Bug #2095760 - CVE-2022-2010 chromium-browser: Out of bounds read in compositing
        https://bugzilla.redhat.com/show_bug.cgi?id=2095760
  [ 4 ] Bug #2095761 - CVE-2022-2011 chromium-browser: Use after free in ANGLE
        https://bugzilla.redhat.com/show_bug.cgi?id=2095761
  [ 5 ] Bug #2114693 - CVE-2022-2603 chromium-browser: Use after free in Omnibox
        https://bugzilla.redhat.com/show_bug.cgi?id=2114693
  [ 6 ] Bug #2114694 - CVE-2022-2604 chromium-browser: Use after free in Safe Browsing
        https://bugzilla.redhat.com/show_bug.cgi?id=2114694
  [ 7 ] Bug #2114695 - CVE-2022-2605 chromium-browser: Out of bounds read in Dawn
        https://bugzilla.redhat.com/show_bug.cgi?id=2114695
  [ 8 ] Bug #2114696 - CVE-2022-2606 chromium-browser: Use after free in Managed devices API
        https://bugzilla.redhat.com/show_bug.cgi?id=2114696
  [ 9 ] Bug #2114697 - CVE-2022-2607 chromium-browser: Use after free in Tab Strip
        https://bugzilla.redhat.com/show_bug.cgi?id=2114697
  [ 10 ] Bug #2114698 - CVE-2022-2608 chromium-browser: Use after free in Overview Mode
        https://bugzilla.redhat.com/show_bug.cgi?id=2114698
  [ 11 ] Bug #2114699 - CVE-2022-2609 chromium-browser: Use after free in Nearby Share
        https://bugzilla.redhat.com/show_bug.cgi?id=2114699
  [ 12 ] Bug #2114700 - CVE-2022-2610 chromium-browser: Insufficient policy enforcement in Background Fetch
        https://bugzilla.redhat.com/show_bug.cgi?id=2114700
  [ 13 ] Bug #2114701 - CVE-2022-2611 chromium-browser: Inappropriate implementation in Fullscreen API
        https://bugzilla.redhat.com/show_bug.cgi?id=2114701
  [ 14 ] Bug #2114702 - CVE-2022-2612 chromium-browser: Side-channel information leakage in Keyboard input
        https://bugzilla.redhat.com/show_bug.cgi?id=2114702
  [ 15 ] Bug #2114703 - CVE-2022-2613 chromium-browser: Use after free in Input
        https://bugzilla.redhat.com/show_bug.cgi?id=2114703
  [ 16 ] Bug #2114704 - CVE-2022-2614 chromium-browser: Use after free in Sign-In Flow
        https://bugzilla.redhat.com/show_bug.cgi?id=2114704
  [ 17 ] Bug #2114705 - CVE-2022-2615 chromium-browser: Insufficient policy enforcement in Cookies
        https://bugzilla.redhat.com/show_bug.cgi?id=2114705
  [ 18 ] Bug #2114706 - CVE-2022-2616 chromium-browser: Inappropriate implementation in Extensions API
        https://bugzilla.redhat.com/show_bug.cgi?id=2114706
  [ 19 ] Bug #2114707 - CVE-2022-2617 chromium-browser: Use after free in Extensions API
        https://bugzilla.redhat.com/show_bug.cgi?id=2114707
  [ 20 ] Bug #2114708 - CVE-2022-2618 chromium-browser: Insufficient validation of untrusted input in Internals
        https://bugzilla.redhat.com/show_bug.cgi?id=2114708
  [ 21 ] Bug #2114709 - CVE-2022-2619 chromium-browser: Insufficient validation of untrusted input in Settings
        https://bugzilla.redhat.com/show_bug.cgi?id=2114709
  [ 22 ] Bug #2114710 - CVE-2022-2620 chromium-browser: Use after free in WebUI
        https://bugzilla.redhat.com/show_bug.cgi?id=2114710
  [ 23 ] Bug #2114711 - CVE-2022-2621 chromium-browser: Use after free in Extensions
        https://bugzilla.redhat.com/show_bug.cgi?id=2114711
  [ 24 ] Bug #2114712 - CVE-2022-2622 chromium-browser: Insufficient validation of untrusted input in Safe Browsing
        https://bugzilla.redhat.com/show_bug.cgi?id=2114712
  [ 25 ] Bug #2114713 - CVE-2022-2623 chromium-browser: Use after free in Offline
        https://bugzilla.redhat.com/show_bug.cgi?id=2114713
  [ 26 ] Bug #2114714 - CVE-2022-2624 chromium-browser: Heap buffer overflow in PDF
        https://bugzilla.redhat.com/show_bug.cgi?id=2114714
  [ 27 ] Bug #2118934 - CVE-2022-2852 chromium-browser: Use after free in FedCM
        https://bugzilla.redhat.com/show_bug.cgi?id=2118934
  [ 28 ] Bug #2118935 - CVE-2022-2854 chromium-browser: Use after free in SwiftShader
        https://bugzilla.redhat.com/show_bug.cgi?id=2118935
  [ 29 ] Bug #2118936 - CVE-2022-2855 chromium-browser: Use after free in ANGLE
        https://bugzilla.redhat.com/show_bug.cgi?id=2118936
  [ 30 ] Bug #2118937 - CVE-2022-2857 chromium-browser: Use after free in Blink
        https://bugzilla.redhat.com/show_bug.cgi?id=2118937
  [ 31 ] Bug #2118938 - CVE-2022-2858 chromium-browser: Use after free in Sign-In Flow
        https://bugzilla.redhat.com/show_bug.cgi?id=2118938
  [ 32 ] Bug #2118939 - CVE-2022-2853 chromium-browser: Heap buffer overflow in Downloads
        https://bugzilla.redhat.com/show_bug.cgi?id=2118939
  [ 33 ] Bug #2118941 - CVE-2022-2856 chromium-browser: Insufficient validation of untrusted input in Intents
        https://bugzilla.redhat.com/show_bug.cgi?id=2118941
  [ 34 ] Bug #2118942 - CVE-2022-2859 chromium-browser: Use after free in Chrome OS Shell
        https://bugzilla.redhat.com/show_bug.cgi?id=2118942
  [ 35 ] Bug #2118943 - CVE-2022-2860 chromium-browser: Insufficient policy enforcement in Cookies
        https://bugzilla.redhat.com/show_bug.cgi?id=2118943
  [ 36 ] Bug #2118944 - CVE-2022-2861 chromium-browser: Inappropriate implementation in Extensions API
        https://bugzilla.redhat.com/show_bug.cgi?id=2118944
  [ 37 ] Bug #2123660 - CVE-2022-3038 chromium-browser: Use after free in Network Service
        https://bugzilla.redhat.com/show_bug.cgi?id=2123660
  [ 38 ] Bug #2123661 - CVE-2022-3039 chromium-browser: Use after free in WebSQL
        https://bugzilla.redhat.com/show_bug.cgi?id=2123661
  [ 39 ] Bug #2123662 - CVE-2022-3040 chromium-browser: Use after free in Layout
        https://bugzilla.redhat.com/show_bug.cgi?id=2123662
  [ 40 ] Bug #2123664 - CVE-2022-3041 chromium-browser: Use after free in WebSQL
        https://bugzilla.redhat.com/show_bug.cgi?id=2123664
  [ 41 ] Bug #2123665 - CVE-2022-3042 chromium-browser: Use after free in PhoneHub
        https://bugzilla.redhat.com/show_bug.cgi?id=2123665
  [ 42 ] Bug #2123666 - CVE-2022-3043 chromium-browser: Heap buffer overflow in Screen Capture
        https://bugzilla.redhat.com/show_bug.cgi?id=2123666
  [ 43 ] Bug #2123667 - CVE-2022-3044 chromium-browser: Inappropriate implementation in Site Isolation
        https://bugzilla.redhat.com/show_bug.cgi?id=2123667
  [ 44 ] Bug #2123668 - CVE-2022-3045 chromium-browser: Insufficient validation of untrusted input in V8
        https://bugzilla.redhat.com/show_bug.cgi?id=2123668
  [ 45 ] Bug #2123669 - CVE-2022-3046 chromium-browser: Use after free in Browser Tag
        https://bugzilla.redhat.com/show_bug.cgi?id=2123669
  [ 46 ] Bug #2123670 - CVE-2022-3071 chromium-browser: Use after free in Tab Strip
        https://bugzilla.redhat.com/show_bug.cgi?id=2123670
  [ 47 ] Bug #2123671 - CVE-2022-3047 chromium-browser: Insufficient policy enforcement in Extensions API
        https://bugzilla.redhat.com/show_bug.cgi?id=2123671
  [ 48 ] Bug #2123672 - CVE-2022-3048 chromium-browser: Inappropriate implementation in Chrome OS lockscreen
        https://bugzilla.redhat.com/show_bug.cgi?id=2123672
  [ 49 ] Bug #2123673 - CVE-2022-3049 chromium-browser: Use after free in SplitScreen
        https://bugzilla.redhat.com/show_bug.cgi?id=2123673
  [ 50 ] Bug #2123674 - CVE-2022-3050 chromium-browser: Heap buffer overflow in WebUI
        https://bugzilla.redhat.com/show_bug.cgi?id=2123674
  [ 51 ] Bug #2123675 - CVE-2022-3051 chromium-browser: Heap buffer overflow in Exosphere
        https://bugzilla.redhat.com/show_bug.cgi?id=2123675
  [ 52 ] Bug #2123676 - CVE-2022-3052 chromium-browser: Heap buffer overflow in Window Manager
        https://bugzilla.redhat.com/show_bug.cgi?id=2123676
  [ 53 ] Bug #2123677 - CVE-2022-3053 chromium-browser: Inappropriate implementation in Pointer Lock
        https://bugzilla.redhat.com/show_bug.cgi?id=2123677
  [ 54 ] Bug #2123678 - CVE-2022-3054 chromium-browser: Insufficient policy enforcement in DevTools
        https://bugzilla.redhat.com/show_bug.cgi?id=2123678
  [ 55 ] Bug #2123679 - CVE-2022-3055 chromium-browser: Use after free in Passwords
        https://bugzilla.redhat.com/show_bug.cgi?id=2123679
  [ 56 ] Bug #2123680 - CVE-2022-3056 chromium-browser: Insufficient policy enforcement in Content Security Policy
        https://bugzilla.redhat.com/show_bug.cgi?id=2123680
  [ 57 ] Bug #2123681 - CVE-2022-3057 chromium-browser: Inappropriate implementation in iframe Sandbox
        https://bugzilla.redhat.com/show_bug.cgi?id=2123681
  [ 58 ] Bug #2123683 - CVE-2022-3058 chromium-browser: Use after free in Sign-In Flow
        https://bugzilla.redhat.com/show_bug.cgi?id=2123683
  [ 59 ] Bug #2124154 - CVE-2022-3075 chromium-browser: Insufficient data validation in Mojo
        https://bugzilla.redhat.com/show_bug.cgi?id=2124154
  [ 60 ] Bug #2126918 - CVE-2022-3195 chromium-browser: Out of bounds write in Storage
        https://bugzilla.redhat.com/show_bug.cgi?id=2126918
  [ 61 ] Bug #2126919 - CVE-2022-3196 chromium-browser: Use after free in PDF
        https://bugzilla.redhat.com/show_bug.cgi?id=2126919
  [ 62 ] Bug #2126920 - CVE-2022-3197 chromium-browser: Use after free in PDF
        https://bugzilla.redhat.com/show_bug.cgi?id=2126920
  [ 63 ] Bug #2126921 - CVE-2022-3198 chromium-browser: Use after free in PDF
        https://bugzilla.redhat.com/show_bug.cgi?id=2126921
  [ 64 ] Bug #2126922 - CVE-2022-3199 chromium-browser: Use after free in Frames
        https://bugzilla.redhat.com/show_bug.cgi?id=2126922
  [ 65 ] Bug #2126923 - CVE-2022-3200 chromium-browser: Heap buffer overflow in Internals
        https://bugzilla.redhat.com/show_bug.cgi?id=2126923
  [ 66 ] Bug #2126924 - CVE-2022-3201 chromium-browser: Insufficient validation of untrusted input in DevTools
        https://bugzilla.redhat.com/show_bug.cgi?id=2126924
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-3ca063941b' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue

Fedora 35: chromium 2022-3ca063941b

October 4, 2022
Update to chromium-105.0.5195.125

Summary

Chromium is an open-source web browser, powered by WebKit (Blink).

Update Information:

Update to chromium-105.0.5195.125. This package only has minor changes... ah, just kidding. Here is the pile of security issues it fixes: CVE-2022-2007 CVE-2022-2008 CVE-2022-2010 CVE-2022-2011 CVE-2022-2603 CVE-2022-2604 CVE-2022-2605 CVE-2022-2606 CVE-2022-2607 CVE-2022-2608 CVE-2022-2609 CVE-2022-2610 CVE-2022-2611 CVE-2022-2612 CVE-2022-2613 CVE-2022-2614 CVE-2022-2615 CVE-2022-2616 CVE-2022-2617 CVE-2022-2618 CVE-2022-2619 CVE-2022-2620 CVE-2022-2621 CVE-2022-2622 CVE-2022-2623 CVE-2022-2624 CVE-2022-2852 CVE-2022-2854 CVE-2022-2855 CVE-2022-2857 CVE-2022-2858 CVE-2022-2853 CVE-2022-2856 CVE-2022-2859 CVE-2022-2860 CVE-2022-2861 CVE-2022-3038 CVE-2022-3039 CVE-2022-3040 CVE-2022-3041 CVE-2022-3042 CVE-2022-3043 CVE-2022-3044 CVE-2022-3045 CVE-2022-3046 CVE-2022-3071 CVE-2022-3047 CVE-2022-3048 CVE-2022-3049 CVE-2022-3050 CVE-2022-3051 CVE-2022-3052 CVE-2022-3053 CVE-2022-3054 CVE-2022-3055 CVE-2022-3056 CVE-2022-3057 CVE-2022-3058 CVE-2022-3075 CVE-2022-3195 CVE-2022-3196 CVE-2022-3197 CVE-2022-3198 CVE-2022-3199 CVE-2022-3200 CVE-2022-3201

Change Log

* Fri Sep 23 2022 Tom Callaway - 105.0.5195.125-2 - apply upstream fix for wayland menu misplacement bug * Mon Sep 19 2022 Tom Callaway - 105.0.5195.125-1 - update to 105.0.5195.125 * Thu Sep 1 2022 Tom Callaway - 105.0.5195.52-1 - update to 105.0.5195.52 * Thu Aug 18 2022 Tom Callaway - 104.0.5112.101-1 - update to 104.0.5112.101 * Wed Jul 20 2022 Fedora Release Engineering - 103.0.5060.114-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild

References

[ 1 ] Bug #2095757 - CVE-2022-2007 chromium-browser: Use after free in WebGPU https://bugzilla.redhat.com/show_bug.cgi?id=2095757 [ 2 ] Bug #2095759 - CVE-2022-2008 chromium-browser: Out of bounds memory access in WebGL https://bugzilla.redhat.com/show_bug.cgi?id=2095759 [ 3 ] Bug #2095760 - CVE-2022-2010 chromium-browser: Out of bounds read in compositing https://bugzilla.redhat.com/show_bug.cgi?id=2095760 [ 4 ] Bug #2095761 - CVE-2022-2011 chromium-browser: Use after free in ANGLE https://bugzilla.redhat.com/show_bug.cgi?id=2095761 [ 5 ] Bug #2114693 - CVE-2022-2603 chromium-browser: Use after free in Omnibox https://bugzilla.redhat.com/show_bug.cgi?id=2114693 [ 6 ] Bug #2114694 - CVE-2022-2604 chromium-browser: Use after free in Safe Browsing https://bugzilla.redhat.com/show_bug.cgi?id=2114694 [ 7 ] Bug #2114695 - CVE-2022-2605 chromium-browser: Out of bounds read in Dawn https://bugzilla.redhat.com/show_bug.cgi?id=2114695 [ 8 ] Bug #2114696 - CVE-2022-2606 chromium-browser: Use after free in Managed devices API https://bugzilla.redhat.com/show_bug.cgi?id=2114696 [ 9 ] Bug #2114697 - CVE-2022-2607 chromium-browser: Use after free in Tab Strip https://bugzilla.redhat.com/show_bug.cgi?id=2114697 [ 10 ] Bug #2114698 - CVE-2022-2608 chromium-browser: Use after free in Overview Mode https://bugzilla.redhat.com/show_bug.cgi?id=2114698 [ 11 ] Bug #2114699 - CVE-2022-2609 chromium-browser: Use after free in Nearby Share https://bugzilla.redhat.com/show_bug.cgi?id=2114699 [ 12 ] Bug #2114700 - CVE-2022-2610 chromium-browser: Insufficient policy enforcement in Background Fetch https://bugzilla.redhat.com/show_bug.cgi?id=2114700 [ 13 ] Bug #2114701 - CVE-2022-2611 chromium-browser: Inappropriate implementation in Fullscreen API https://bugzilla.redhat.com/show_bug.cgi?id=2114701 [ 14 ] Bug #2114702 - CVE-2022-2612 chromium-browser: Side-channel information leakage in Keyboard input https://bugzilla.redhat.com/show_bug.cgi?id=2114702 [ 15 ] Bug #2114703 - CVE-2022-2613 chromium-browser: Use after free in Input https://bugzilla.redhat.com/show_bug.cgi?id=2114703 [ 16 ] Bug #2114704 - CVE-2022-2614 chromium-browser: Use after free in Sign-In Flow https://bugzilla.redhat.com/show_bug.cgi?id=2114704 [ 17 ] Bug #2114705 - CVE-2022-2615 chromium-browser: Insufficient policy enforcement in Cookies https://bugzilla.redhat.com/show_bug.cgi?id=2114705 [ 18 ] Bug #2114706 - CVE-2022-2616 chromium-browser: Inappropriate implementation in Extensions API https://bugzilla.redhat.com/show_bug.cgi?id=2114706 [ 19 ] Bug #2114707 - CVE-2022-2617 chromium-browser: Use after free in Extensions API https://bugzilla.redhat.com/show_bug.cgi?id=2114707 [ 20 ] Bug #2114708 - CVE-2022-2618 chromium-browser: Insufficient validation of untrusted input in Internals https://bugzilla.redhat.com/show_bug.cgi?id=2114708 [ 21 ] Bug #2114709 - CVE-2022-2619 chromium-browser: Insufficient validation of untrusted input in Settings https://bugzilla.redhat.com/show_bug.cgi?id=2114709 [ 22 ] Bug #2114710 - CVE-2022-2620 chromium-browser: Use after free in WebUI https://bugzilla.redhat.com/show_bug.cgi?id=2114710 [ 23 ] Bug #2114711 - CVE-2022-2621 chromium-browser: Use after free in Extensions https://bugzilla.redhat.com/show_bug.cgi?id=2114711 [ 24 ] Bug #2114712 - CVE-2022-2622 chromium-browser: Insufficient validation of untrusted input in Safe Browsing https://bugzilla.redhat.com/show_bug.cgi?id=2114712 [ 25 ] Bug #2114713 - CVE-2022-2623 chromium-browser: Use after free in Offline https://bugzilla.redhat.com/show_bug.cgi?id=2114713 [ 26 ] Bug #2114714 - CVE-2022-2624 chromium-browser: Heap buffer overflow in PDF https://bugzilla.redhat.com/show_bug.cgi?id=2114714 [ 27 ] Bug #2118934 - CVE-2022-2852 chromium-browser: Use after free in FedCM https://bugzilla.redhat.com/show_bug.cgi?id=2118934 [ 28 ] Bug #2118935 - CVE-2022-2854 chromium-browser: Use after free in SwiftShader https://bugzilla.redhat.com/show_bug.cgi?id=2118935 [ 29 ] Bug #2118936 - CVE-2022-2855 chromium-browser: Use after free in ANGLE https://bugzilla.redhat.com/show_bug.cgi?id=2118936 [ 30 ] Bug #2118937 - CVE-2022-2857 chromium-browser: Use after free in Blink https://bugzilla.redhat.com/show_bug.cgi?id=2118937 [ 31 ] Bug #2118938 - CVE-2022-2858 chromium-browser: Use after free in Sign-In Flow https://bugzilla.redhat.com/show_bug.cgi?id=2118938 [ 32 ] Bug #2118939 - CVE-2022-2853 chromium-browser: Heap buffer overflow in Downloads https://bugzilla.redhat.com/show_bug.cgi?id=2118939 [ 33 ] Bug #2118941 - CVE-2022-2856 chromium-browser: Insufficient validation of untrusted input in Intents https://bugzilla.redhat.com/show_bug.cgi?id=2118941 [ 34 ] Bug #2118942 - CVE-2022-2859 chromium-browser: Use after free in Chrome OS Shell https://bugzilla.redhat.com/show_bug.cgi?id=2118942 [ 35 ] Bug #2118943 - CVE-2022-2860 chromium-browser: Insufficient policy enforcement in Cookies https://bugzilla.redhat.com/show_bug.cgi?id=2118943 [ 36 ] Bug #2118944 - CVE-2022-2861 chromium-browser: Inappropriate implementation in Extensions API https://bugzilla.redhat.com/show_bug.cgi?id=2118944 [ 37 ] Bug #2123660 - CVE-2022-3038 chromium-browser: Use after free in Network Service https://bugzilla.redhat.com/show_bug.cgi?id=2123660 [ 38 ] Bug #2123661 - CVE-2022-3039 chromium-browser: Use after free in WebSQL https://bugzilla.redhat.com/show_bug.cgi?id=2123661 [ 39 ] Bug #2123662 - CVE-2022-3040 chromium-browser: Use after free in Layout https://bugzilla.redhat.com/show_bug.cgi?id=2123662 [ 40 ] Bug #2123664 - CVE-2022-3041 chromium-browser: Use after free in WebSQL https://bugzilla.redhat.com/show_bug.cgi?id=2123664 [ 41 ] Bug #2123665 - CVE-2022-3042 chromium-browser: Use after free in PhoneHub https://bugzilla.redhat.com/show_bug.cgi?id=2123665 [ 42 ] Bug #2123666 - CVE-2022-3043 chromium-browser: Heap buffer overflow in Screen Capture https://bugzilla.redhat.com/show_bug.cgi?id=2123666 [ 43 ] Bug #2123667 - CVE-2022-3044 chromium-browser: Inappropriate implementation in Site Isolation https://bugzilla.redhat.com/show_bug.cgi?id=2123667 [ 44 ] Bug #2123668 - CVE-2022-3045 chromium-browser: Insufficient validation of untrusted input in V8 https://bugzilla.redhat.com/show_bug.cgi?id=2123668 [ 45 ] Bug #2123669 - CVE-2022-3046 chromium-browser: Use after free in Browser Tag https://bugzilla.redhat.com/show_bug.cgi?id=2123669 [ 46 ] Bug #2123670 - CVE-2022-3071 chromium-browser: Use after free in Tab Strip https://bugzilla.redhat.com/show_bug.cgi?id=2123670 [ 47 ] Bug #2123671 - CVE-2022-3047 chromium-browser: Insufficient policy enforcement in Extensions API https://bugzilla.redhat.com/show_bug.cgi?id=2123671 [ 48 ] Bug #2123672 - CVE-2022-3048 chromium-browser: Inappropriate implementation in Chrome OS lockscreen https://bugzilla.redhat.com/show_bug.cgi?id=2123672 [ 49 ] Bug #2123673 - CVE-2022-3049 chromium-browser: Use after free in SplitScreen https://bugzilla.redhat.com/show_bug.cgi?id=2123673 [ 50 ] Bug #2123674 - CVE-2022-3050 chromium-browser: Heap buffer overflow in WebUI https://bugzilla.redhat.com/show_bug.cgi?id=2123674 [ 51 ] Bug #2123675 - CVE-2022-3051 chromium-browser: Heap buffer overflow in Exosphere https://bugzilla.redhat.com/show_bug.cgi?id=2123675 [ 52 ] Bug #2123676 - CVE-2022-3052 chromium-browser: Heap buffer overflow in Window Manager https://bugzilla.redhat.com/show_bug.cgi?id=2123676 [ 53 ] Bug #2123677 - CVE-2022-3053 chromium-browser: Inappropriate implementation in Pointer Lock https://bugzilla.redhat.com/show_bug.cgi?id=2123677 [ 54 ] Bug #2123678 - CVE-2022-3054 chromium-browser: Insufficient policy enforcement in DevTools https://bugzilla.redhat.com/show_bug.cgi?id=2123678 [ 55 ] Bug #2123679 - CVE-2022-3055 chromium-browser: Use after free in Passwords https://bugzilla.redhat.com/show_bug.cgi?id=2123679 [ 56 ] Bug #2123680 - CVE-2022-3056 chromium-browser: Insufficient policy enforcement in Content Security Policy https://bugzilla.redhat.com/show_bug.cgi?id=2123680 [ 57 ] Bug #2123681 - CVE-2022-3057 chromium-browser: Inappropriate implementation in iframe Sandbox https://bugzilla.redhat.com/show_bug.cgi?id=2123681 [ 58 ] Bug #2123683 - CVE-2022-3058 chromium-browser: Use after free in Sign-In Flow https://bugzilla.redhat.com/show_bug.cgi?id=2123683 [ 59 ] Bug #2124154 - CVE-2022-3075 chromium-browser: Insufficient data validation in Mojo https://bugzilla.redhat.com/show_bug.cgi?id=2124154 [ 60 ] Bug #2126918 - CVE-2022-3195 chromium-browser: Out of bounds write in Storage https://bugzilla.redhat.com/show_bug.cgi?id=2126918 [ 61 ] Bug #2126919 - CVE-2022-3196 chromium-browser: Use after free in PDF https://bugzilla.redhat.com/show_bug.cgi?id=2126919 [ 62 ] Bug #2126920 - CVE-2022-3197 chromium-browser: Use after free in PDF https://bugzilla.redhat.com/show_bug.cgi?id=2126920 [ 63 ] Bug #2126921 - CVE-2022-3198 chromium-browser: Use after free in PDF https://bugzilla.redhat.com/show_bug.cgi?id=2126921 [ 64 ] Bug #2126922 - CVE-2022-3199 chromium-browser: Use after free in Frames https://bugzilla.redhat.com/show_bug.cgi?id=2126922 [ 65 ] Bug #2126923 - CVE-2022-3200 chromium-browser: Heap buffer overflow in Internals https://bugzilla.redhat.com/show_bug.cgi?id=2126923 [ 66 ] Bug #2126924 - CVE-2022-3201 chromium-browser: Insufficient validation of untrusted input in DevTools https://bugzilla.redhat.com/show_bug.cgi?id=2126924

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-3ca063941b' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
Name : chromium
Product : Fedora 35
Version : 105.0.5195.125
Release : 2.fc35
URL : https://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.