Fedora 35: FEDORA-2022-bcb096166f Moderate: Chromium Use After Free

fedora

June 30, 2022

Update to 102.0.5005.115

Summary

Chromium is an open-source web browser, powered by WebKit (Blink).

Update to 102.0.5005.115. Fixes: CVE-2022-1633 CVE-2022-1634 CVE-2022-1635

CVE-2022-1636 CVE-2022-1637 CVE-2022-1638 CVE-2022-1639 CVE-2022-1640

CVE-2022-1641 CVE-2022-1853 CVE-2022-1854 CVE-2022-1855 CVE-2022-1856

CVE-2022-1857 CVE-2022-1858 CVE-2022-1859 CVE-2022-1860 CVE-2022-1861

CVE-2022-1862 CVE-2022-1863 CVE-2022-1864 CVE-2022-1865 CVE-2022-1866

CVE-2022-1867 CVE-2022-1868 CVE-2022-1869 CVE-2022-1870 CVE-2022-1871

CVE-2022-1872 CVE-2022-1873 CVE-2022-1874 CVE-2022-1875 CVE-2022-1876

* Fri Jun 10 2022 Tom Callaway - 102.0.5005.115-1

- update to 102.0.5005.115

* Fri Jun 3 2022 Tom Callaway - 102.0.5005.61-1

- update to 102.0.5005.61

* Wed Apr 27 2022 Tom Callaway - 101.0.4951.41-1

- update to 101.0.4951.41

[ 1 ] Bug #2084016 - CVE-2022-1633 chromium-browser: Use after free in Sharesheet

https://bugzilla.redhat.com/show_bug.cgi?id=2084016

[ 2 ] Bug #2084017 - CVE-2022-1634 chromium-browser: Use after free in Browser UI

https://bugzilla.redhat.com/show_bug.cgi?id=2084017

[ 3 ] Bug #2084018 - CVE-2022-1635 chromium-browser: Use after free in Permission Prompts

https://bugzilla.redhat.com/show_bug.cgi?id=2084018

[ 4 ] Bug #2084019 - CVE-2022-1636 chromium-browser: Use after free in Performance APIs

https://bugzilla.redhat.com/show_bug.cgi?id=2084019

[ 5 ] Bug #2084020 - CVE-2022-1637 chromium-browser: Inappropriate implementation in Web Contents

https://bugzilla.redhat.com/show_bug.cgi?id=2084020

[ 6 ] Bug #2084021 - CVE-2022-1638 chromium-browser: Heap buffer overflow in V8 Internationalization

https://bugzilla.redhat.com/show_bug.cgi?id=2084021

[ 7 ] Bug #2084022 - CVE-2022-1639 chromium-browser: Use after free in ANGLE

https://bugzilla.redhat.com/show_bug.cgi?id=2084022

[ 8 ] Bug #2084023 - CVE-2022-1640 chromium-browser: Use after free in Sharing

https://bugzilla.redhat.com/show_bug.cgi?id=2084023

[ 9 ] Bug #2084024 - CVE-2022-1641 chromium-browser: Use after free in Web UI Diagnostics

https://bugzilla.redhat.com/show_bug.cgi?id=2084024

[ 10 ] Bug #2090284 - CVE-2022-1853 chromium-browser: Use after free in Indexed DB

https://bugzilla.redhat.com/show_bug.cgi?id=2090284

[ 11 ] Bug #2090285 - CVE-2022-1854 chromium-browser: Use after free in ANGLE

https://bugzilla.redhat.com/show_bug.cgi?id=2090285

[ 12 ] Bug #2090286 - CVE-2022-1855 chromium-browser: Use after free in Messaging

https://bugzilla.redhat.com/show_bug.cgi?id=2090286

[ 13 ] Bug #2090287 - CVE-2022-1856 chromium-browser: Use after free in User Education

https://bugzilla.redhat.com/show_bug.cgi?id=2090287

[ 14 ] Bug #2090288 - CVE-2022-1857 chromium-browser: Insufficient policy enforcement in File System API

https://bugzilla.redhat.com/show_bug.cgi?id=2090288

[ 15 ] Bug #2090289 - CVE-2022-1858 chromium-browser: Out of bounds read in DevTools

https://bugzilla.redhat.com/show_bug.cgi?id=2090289

[ 16 ] Bug #2090290 - CVE-2022-1859 chromium-browser: Use after free in Performance Manager

https://bugzilla.redhat.com/show_bug.cgi?id=2090290

[ 17 ] Bug #2090291 - CVE-2022-1860 chromium-browser: Use after free in UI Foundations

https://bugzilla.redhat.com/show_bug.cgi?id=2090291

[ 18 ] Bug #2090292 - CVE-2022-1861 chromium-browser: Use after free in Sharing

https://bugzilla.redhat.com/show_bug.cgi?id=2090292

[ 19 ] Bug #2090293 - CVE-2022-1862 chromium-browser: Inappropriate implementation in Extensions

https://bugzilla.redhat.com/show_bug.cgi?id=2090293

[ 20 ] Bug #2090294 - CVE-2022-1863 chromium-browser: Use after free in Tab Groups

https://bugzilla.redhat.com/show_bug.cgi?id=2090294

[ 21 ] Bug #2090295 - CVE-2022-1864 chromium-browser: Use after free in WebApp Installs

https://bugzilla.redhat.com/show_bug.cgi?id=2090295

[ 22 ] Bug #2090296 - CVE-2022-1865 chromium-browser: Use after free in Bookmarks

https://bugzilla.redhat.com/show_bug.cgi?id=2090296

[ 23 ] Bug #2090297 - CVE-2022-1866 chromium-browser: Use after free in Tablet Mode

https://bugzilla.redhat.com/show_bug.cgi?id=2090297

[ 24 ] Bug #2090298 - CVE-2022-1867 chromium-browser: Insufficient validation of untrusted input in Data Transfer

https://bugzilla.redhat.com/show_bug.cgi?id=2090298

[ 25 ] Bug #2090299 - CVE-2022-1868 chromium-browser: Inappropriate implementation in Extensions API

https://bugzilla.redhat.com/show_bug.cgi?id=2090299

[ 26 ] Bug #2090300 - CVE-2022-1869 chromium-browser: Type Confusion in V8

https://bugzilla.redhat.com/show_bug.cgi?id=2090300

[ 27 ] Bug #2090303 - CVE-2022-1870 chromium-browser: Use after free in App Service

https://bugzilla.redhat.com/show_bug.cgi?id=2090303

[ 28 ] Bug #2090304 - CVE-2022-1871 chromium-browser: Insufficient policy enforcement in File System API

https://bugzilla.redhat.com/show_bug.cgi?id=2090304

[ 29 ] Bug #2090305 - CVE-2022-1872 chromium-browser: Insufficient policy enforcement in Extensions API

https://bugzilla.redhat.com/show_bug.cgi?id=2090305

[ 30 ] Bug #2090306 - CVE-2022-1873 chromium-browser: Insufficient policy enforcement in COOP

https://bugzilla.redhat.com/show_bug.cgi?id=2090306

[ 31 ] Bug #2090307 - CVE-2022-1874 chromium-browser: Insufficient policy enforcement in Safe Browsing

https://bugzilla.redhat.com/show_bug.cgi?id=2090307

[ 32 ] Bug #2090308 - CVE-2022-1875 chromium-browser: Inappropriate implementation in PDF

https://bugzilla.redhat.com/show_bug.cgi?id=2090308

[ 33 ] Bug #2090309 - CVE-2022-1876 chromium-browser: Heap buffer overflow in DevTools

https://bugzilla.redhat.com/show_bug.cgi?id=2090309

su -c 'dnf upgrade --advisory FEDORA-2022-bcb096166f' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

Topics Covered

security advisory moderate software update Fedora security fix browser flaw chromium

Change Log

References

Update Instructions

Product: Fedora 35

Version: 102.0.5005.115

Release: 1.fc35

URL: https://www.chromium.org/Home/

Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use

Topics Covered

security advisory moderate software update Fedora security fix browser flaw chromium

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Fedora 35: FEDORA-2022-bcb096166f Moderate: Chromium Use After Free

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Fedora 35: FEDORA-2022-bcb096166f Moderate: Chromium Use After Free

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!