Fedora 35: chromium 2022-bcb096166f | LinuxSecurity.com

Advisories

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-bcb096166f
2022-07-01 01:16:02.429589
--------------------------------------------------------------------------------

Name        : chromium
Product     : Fedora 35
Version     : 102.0.5005.115
Release     : 1.fc35
URL         : https://www.chromium.org/Home
Summary     : A WebKit (Blink) powered web browser that Google doesn't want you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).

--------------------------------------------------------------------------------
Update Information:

Update to 102.0.5005.115.   Fixes: CVE-2022-1633 CVE-2022-1634 CVE-2022-1635
CVE-2022-1636 CVE-2022-1637 CVE-2022-1638 CVE-2022-1639 CVE-2022-1640
CVE-2022-1641 CVE-2022-1853 CVE-2022-1854 CVE-2022-1855 CVE-2022-1856
CVE-2022-1857 CVE-2022-1858 CVE-2022-1859 CVE-2022-1860 CVE-2022-1861
CVE-2022-1862 CVE-2022-1863 CVE-2022-1864 CVE-2022-1865 CVE-2022-1866
CVE-2022-1867 CVE-2022-1868 CVE-2022-1869 CVE-2022-1870 CVE-2022-1871
CVE-2022-1872 CVE-2022-1873 CVE-2022-1874 CVE-2022-1875 CVE-2022-1876
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jun 10 2022 Tom Callaway  - 102.0.5005.115-1
- update to 102.0.5005.115
* Fri Jun  3 2022 Tom Callaway  - 102.0.5005.61-1
- update to 102.0.5005.61
* Wed Apr 27 2022 Tom Callaway  - 101.0.4951.41-1
- update to 101.0.4951.41
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2084016 - CVE-2022-1633 chromium-browser: Use after free in Sharesheet
        https://bugzilla.redhat.com/show_bug.cgi?id=2084016
  [ 2 ] Bug #2084017 - CVE-2022-1634 chromium-browser: Use after free in Browser UI
        https://bugzilla.redhat.com/show_bug.cgi?id=2084017
  [ 3 ] Bug #2084018 - CVE-2022-1635 chromium-browser: Use after free in Permission Prompts
        https://bugzilla.redhat.com/show_bug.cgi?id=2084018
  [ 4 ] Bug #2084019 - CVE-2022-1636 chromium-browser: Use after free in Performance APIs
        https://bugzilla.redhat.com/show_bug.cgi?id=2084019
  [ 5 ] Bug #2084020 - CVE-2022-1637 chromium-browser: Inappropriate implementation in Web Contents
        https://bugzilla.redhat.com/show_bug.cgi?id=2084020
  [ 6 ] Bug #2084021 - CVE-2022-1638 chromium-browser: Heap buffer overflow in V8 Internationalization
        https://bugzilla.redhat.com/show_bug.cgi?id=2084021
  [ 7 ] Bug #2084022 - CVE-2022-1639 chromium-browser: Use after free in ANGLE
        https://bugzilla.redhat.com/show_bug.cgi?id=2084022
  [ 8 ] Bug #2084023 - CVE-2022-1640 chromium-browser: Use after free in Sharing
        https://bugzilla.redhat.com/show_bug.cgi?id=2084023
  [ 9 ] Bug #2084024 - CVE-2022-1641 chromium-browser: Use after free in Web UI Diagnostics
        https://bugzilla.redhat.com/show_bug.cgi?id=2084024
  [ 10 ] Bug #2090284 - CVE-2022-1853 chromium-browser: Use after free in Indexed DB
        https://bugzilla.redhat.com/show_bug.cgi?id=2090284
  [ 11 ] Bug #2090285 - CVE-2022-1854 chromium-browser: Use after free in ANGLE
        https://bugzilla.redhat.com/show_bug.cgi?id=2090285
  [ 12 ] Bug #2090286 - CVE-2022-1855 chromium-browser: Use after free in Messaging
        https://bugzilla.redhat.com/show_bug.cgi?id=2090286
  [ 13 ] Bug #2090287 - CVE-2022-1856 chromium-browser: Use after free in User Education
        https://bugzilla.redhat.com/show_bug.cgi?id=2090287
  [ 14 ] Bug #2090288 - CVE-2022-1857 chromium-browser: Insufficient policy enforcement in File System API
        https://bugzilla.redhat.com/show_bug.cgi?id=2090288
  [ 15 ] Bug #2090289 - CVE-2022-1858 chromium-browser: Out of bounds read in DevTools
        https://bugzilla.redhat.com/show_bug.cgi?id=2090289
  [ 16 ] Bug #2090290 - CVE-2022-1859 chromium-browser: Use after free in Performance Manager
        https://bugzilla.redhat.com/show_bug.cgi?id=2090290
  [ 17 ] Bug #2090291 - CVE-2022-1860 chromium-browser: Use after free in UI Foundations
        https://bugzilla.redhat.com/show_bug.cgi?id=2090291
  [ 18 ] Bug #2090292 - CVE-2022-1861 chromium-browser: Use after free in Sharing
        https://bugzilla.redhat.com/show_bug.cgi?id=2090292
  [ 19 ] Bug #2090293 - CVE-2022-1862 chromium-browser: Inappropriate implementation in Extensions
        https://bugzilla.redhat.com/show_bug.cgi?id=2090293
  [ 20 ] Bug #2090294 - CVE-2022-1863 chromium-browser: Use after free in Tab Groups
        https://bugzilla.redhat.com/show_bug.cgi?id=2090294
  [ 21 ] Bug #2090295 - CVE-2022-1864 chromium-browser: Use after free in WebApp Installs
        https://bugzilla.redhat.com/show_bug.cgi?id=2090295
  [ 22 ] Bug #2090296 - CVE-2022-1865 chromium-browser: Use after free in Bookmarks
        https://bugzilla.redhat.com/show_bug.cgi?id=2090296
  [ 23 ] Bug #2090297 - CVE-2022-1866 chromium-browser: Use after free in Tablet Mode
        https://bugzilla.redhat.com/show_bug.cgi?id=2090297
  [ 24 ] Bug #2090298 - CVE-2022-1867 chromium-browser: Insufficient validation of untrusted input in Data Transfer
        https://bugzilla.redhat.com/show_bug.cgi?id=2090298
  [ 25 ] Bug #2090299 - CVE-2022-1868 chromium-browser: Inappropriate implementation in Extensions API
        https://bugzilla.redhat.com/show_bug.cgi?id=2090299
  [ 26 ] Bug #2090300 - CVE-2022-1869 chromium-browser: Type Confusion in V8
        https://bugzilla.redhat.com/show_bug.cgi?id=2090300
  [ 27 ] Bug #2090303 - CVE-2022-1870 chromium-browser: Use after free in App Service
        https://bugzilla.redhat.com/show_bug.cgi?id=2090303
  [ 28 ] Bug #2090304 - CVE-2022-1871 chromium-browser: Insufficient policy enforcement in File System API
        https://bugzilla.redhat.com/show_bug.cgi?id=2090304
  [ 29 ] Bug #2090305 - CVE-2022-1872 chromium-browser: Insufficient policy enforcement in Extensions API
        https://bugzilla.redhat.com/show_bug.cgi?id=2090305
  [ 30 ] Bug #2090306 - CVE-2022-1873 chromium-browser: Insufficient policy enforcement in COOP
        https://bugzilla.redhat.com/show_bug.cgi?id=2090306
  [ 31 ] Bug #2090307 - CVE-2022-1874 chromium-browser: Insufficient policy enforcement in Safe Browsing
        https://bugzilla.redhat.com/show_bug.cgi?id=2090307
  [ 32 ] Bug #2090308 - CVE-2022-1875 chromium-browser: Inappropriate implementation in PDF
        https://bugzilla.redhat.com/show_bug.cgi?id=2090308
  [ 33 ] Bug #2090309 - CVE-2022-1876 chromium-browser: Heap buffer overflow in DevTools
        https://bugzilla.redhat.com/show_bug.cgi?id=2090309
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-bcb096166f' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

Fedora 35: chromium 2022-bcb096166f

June 30, 2022
Update to 102.0.5005.115

Summary

Chromium is an open-source web browser, powered by WebKit (Blink).

Update Information:

Update to 102.0.5005.115. Fixes: CVE-2022-1633 CVE-2022-1634 CVE-2022-1635 CVE-2022-1636 CVE-2022-1637 CVE-2022-1638 CVE-2022-1639 CVE-2022-1640 CVE-2022-1641 CVE-2022-1853 CVE-2022-1854 CVE-2022-1855 CVE-2022-1856 CVE-2022-1857 CVE-2022-1858 CVE-2022-1859 CVE-2022-1860 CVE-2022-1861 CVE-2022-1862 CVE-2022-1863 CVE-2022-1864 CVE-2022-1865 CVE-2022-1866 CVE-2022-1867 CVE-2022-1868 CVE-2022-1869 CVE-2022-1870 CVE-2022-1871 CVE-2022-1872 CVE-2022-1873 CVE-2022-1874 CVE-2022-1875 CVE-2022-1876

Change Log

* Fri Jun 10 2022 Tom Callaway - 102.0.5005.115-1 - update to 102.0.5005.115 * Fri Jun 3 2022 Tom Callaway - 102.0.5005.61-1 - update to 102.0.5005.61 * Wed Apr 27 2022 Tom Callaway - 101.0.4951.41-1 - update to 101.0.4951.41

References

[ 1 ] Bug #2084016 - CVE-2022-1633 chromium-browser: Use after free in Sharesheet https://bugzilla.redhat.com/show_bug.cgi?id=2084016 [ 2 ] Bug #2084017 - CVE-2022-1634 chromium-browser: Use after free in Browser UI https://bugzilla.redhat.com/show_bug.cgi?id=2084017 [ 3 ] Bug #2084018 - CVE-2022-1635 chromium-browser: Use after free in Permission Prompts https://bugzilla.redhat.com/show_bug.cgi?id=2084018 [ 4 ] Bug #2084019 - CVE-2022-1636 chromium-browser: Use after free in Performance APIs https://bugzilla.redhat.com/show_bug.cgi?id=2084019 [ 5 ] Bug #2084020 - CVE-2022-1637 chromium-browser: Inappropriate implementation in Web Contents https://bugzilla.redhat.com/show_bug.cgi?id=2084020 [ 6 ] Bug #2084021 - CVE-2022-1638 chromium-browser: Heap buffer overflow in V8 Internationalization https://bugzilla.redhat.com/show_bug.cgi?id=2084021 [ 7 ] Bug #2084022 - CVE-2022-1639 chromium-browser: Use after free in ANGLE https://bugzilla.redhat.com/show_bug.cgi?id=2084022 [ 8 ] Bug #2084023 - CVE-2022-1640 chromium-browser: Use after free in Sharing https://bugzilla.redhat.com/show_bug.cgi?id=2084023 [ 9 ] Bug #2084024 - CVE-2022-1641 chromium-browser: Use after free in Web UI Diagnostics https://bugzilla.redhat.com/show_bug.cgi?id=2084024 [ 10 ] Bug #2090284 - CVE-2022-1853 chromium-browser: Use after free in Indexed DB https://bugzilla.redhat.com/show_bug.cgi?id=2090284 [ 11 ] Bug #2090285 - CVE-2022-1854 chromium-browser: Use after free in ANGLE https://bugzilla.redhat.com/show_bug.cgi?id=2090285 [ 12 ] Bug #2090286 - CVE-2022-1855 chromium-browser: Use after free in Messaging https://bugzilla.redhat.com/show_bug.cgi?id=2090286 [ 13 ] Bug #2090287 - CVE-2022-1856 chromium-browser: Use after free in User Education https://bugzilla.redhat.com/show_bug.cgi?id=2090287 [ 14 ] Bug #2090288 - CVE-2022-1857 chromium-browser: Insufficient policy enforcement in File System API https://bugzilla.redhat.com/show_bug.cgi?id=2090288 [ 15 ] Bug #2090289 - CVE-2022-1858 chromium-browser: Out of bounds read in DevTools https://bugzilla.redhat.com/show_bug.cgi?id=2090289 [ 16 ] Bug #2090290 - CVE-2022-1859 chromium-browser: Use after free in Performance Manager https://bugzilla.redhat.com/show_bug.cgi?id=2090290 [ 17 ] Bug #2090291 - CVE-2022-1860 chromium-browser: Use after free in UI Foundations https://bugzilla.redhat.com/show_bug.cgi?id=2090291 [ 18 ] Bug #2090292 - CVE-2022-1861 chromium-browser: Use after free in Sharing https://bugzilla.redhat.com/show_bug.cgi?id=2090292 [ 19 ] Bug #2090293 - CVE-2022-1862 chromium-browser: Inappropriate implementation in Extensions https://bugzilla.redhat.com/show_bug.cgi?id=2090293 [ 20 ] Bug #2090294 - CVE-2022-1863 chromium-browser: Use after free in Tab Groups https://bugzilla.redhat.com/show_bug.cgi?id=2090294 [ 21 ] Bug #2090295 - CVE-2022-1864 chromium-browser: Use after free in WebApp Installs https://bugzilla.redhat.com/show_bug.cgi?id=2090295 [ 22 ] Bug #2090296 - CVE-2022-1865 chromium-browser: Use after free in Bookmarks https://bugzilla.redhat.com/show_bug.cgi?id=2090296 [ 23 ] Bug #2090297 - CVE-2022-1866 chromium-browser: Use after free in Tablet Mode https://bugzilla.redhat.com/show_bug.cgi?id=2090297 [ 24 ] Bug #2090298 - CVE-2022-1867 chromium-browser: Insufficient validation of untrusted input in Data Transfer https://bugzilla.redhat.com/show_bug.cgi?id=2090298 [ 25 ] Bug #2090299 - CVE-2022-1868 chromium-browser: Inappropriate implementation in Extensions API https://bugzilla.redhat.com/show_bug.cgi?id=2090299 [ 26 ] Bug #2090300 - CVE-2022-1869 chromium-browser: Type Confusion in V8 https://bugzilla.redhat.com/show_bug.cgi?id=2090300 [ 27 ] Bug #2090303 - CVE-2022-1870 chromium-browser: Use after free in App Service https://bugzilla.redhat.com/show_bug.cgi?id=2090303 [ 28 ] Bug #2090304 - CVE-2022-1871 chromium-browser: Insufficient policy enforcement in File System API https://bugzilla.redhat.com/show_bug.cgi?id=2090304 [ 29 ] Bug #2090305 - CVE-2022-1872 chromium-browser: Insufficient policy enforcement in Extensions API https://bugzilla.redhat.com/show_bug.cgi?id=2090305 [ 30 ] Bug #2090306 - CVE-2022-1873 chromium-browser: Insufficient policy enforcement in COOP https://bugzilla.redhat.com/show_bug.cgi?id=2090306 [ 31 ] Bug #2090307 - CVE-2022-1874 chromium-browser: Insufficient policy enforcement in Safe Browsing https://bugzilla.redhat.com/show_bug.cgi?id=2090307 [ 32 ] Bug #2090308 - CVE-2022-1875 chromium-browser: Inappropriate implementation in PDF https://bugzilla.redhat.com/show_bug.cgi?id=2090308 [ 33 ] Bug #2090309 - CVE-2022-1876 chromium-browser: Heap buffer overflow in DevTools https://bugzilla.redhat.com/show_bug.cgi?id=2090309

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-bcb096166f' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
Name : chromium
Product : Fedora 35
Version : 102.0.5005.115
Release : 1.fc35
URL : https://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.