Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Fedora 36: 2022-1d3d5a0341 Moderate: Chromium Buffer Overflow Fixes

fedora
Calendar Grey July 27, 2022
Dist Fedora Esm H88
A recent update for Fedora 36's Chromium has resolved multiple bugs, improving both the reliability and security functionalities of the browser.
Update to 103.0.5060.114

Summary

Chromium is an open-source web browser, powered by WebKit (Blink).

Update to 103.0.5060.114. Fixes: CVE-2022-2156 CVE-2022-2157 CVE-2022-2158

CVE-2022-2160 CVE-2022-2161 CVE-2022-2162 CVE-2022-2163 CVE-2022-2164

CVE-2022-2165 CVE-2022-2294 CVE-2022-2295 CVE-2022-2296

* Wed Jul 13 2022 Tom Callaway - 103.0.5060.114-1

- update to 103.0.5060.114

* Wed Jun 22 2022 Tom Callaway - 103.0.5060.53-1

- update to 103.0.5060.53

* Thu Jun 16 2022 Tom Callaway - 102.0.5005.115-2

- fix minizip Requires for EL9

[ 1 ] Bug #2099947 - CVE-2022-2156 chromium-browser: Use after free in Base

https://bugzilla.redhat.com/show_bug.cgi?id=2099947

[ 2 ] Bug #2099948 - CVE-2022-2157 chromium-browser: Use after free in Interest groups

https://bugzilla.redhat.com/show_bug.cgi?id=2099948

[ 3 ] Bug #2099949 - CVE-2022-2158 chromium-browser: Type Confusion in V8

https://bugzilla.redhat.com/show_bug.cgi?id=2099949

[ 4 ] Bug #2099950 - CVE-2022-2160 chromium-browser: Insufficient policy enforcement in DevTools

https://bugzilla.redhat.com/show_bug.cgi?id=2099950

[ 5 ] Bug #2099951 - CVE-2022-2161 chromium-browser: Use after free in WebApp Provider

https://bugzilla.redhat.com/show_bug.cgi?id=2099951

[ 6 ] Bug #2099952 - CVE-2022-2162 chromium-browser: Insufficient policy enforcement in File System API

https://bugzilla.redhat.com/show_bug.cgi?id=2099952

[ 7 ] Bug #2099953 - CVE-2022-2163 chromium-browser: Use after free in Cast UI and Toolbar

https://bugzilla.redhat.com/show_bug.cgi?id=2099953

[ 8 ] Bug #2099954 - CVE-2022-2164 chromium-browser: Inappropriate implementation in Extensions API

https://bugzilla.redhat.com/show_bug.cgi?id=2099954

[ 9 ] Bug #2099955 - CVE-2022-2165 chromium-browser: Insufficient data validation in URL formatting

https://bugzilla.redhat.com/show_bug.cgi?id=2099955

[ 10 ] Bug #2103854 - CVE-2022-2294 chromium-browser: Heap buffer overflow in WebRTC

https://bugzilla.redhat.com/show_bug.cgi?id=2103854

[ 11 ] Bug #2103855 - CVE-2022-2295 chromium-browser: Type Confusion in V8

https://bugzilla.redhat.com/show_bug.cgi?id=2103855

[ 12 ] Bug #2103856 - CVE-2022-2296 chromium-browser: Use after free in Chrome OS Shell

https://bugzilla.redhat.com/show_bug.cgi?id=2103856

su -c 'dnf upgrade --advisory FEDORA-2022-1d3d5a0341' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

Topics%20covered

Topics Covered

security advisory moderate fedora update buffer overflow web browser chromium

Change Log

References

Update Instructions

Product: Fedora 36
Version: 103.0.5060.114
Release: 1.fc36
URL: https://www.chromium.org/Home/
Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use

Topics%20covered

Topics Covered

security advisory moderate fedora update buffer overflow web browser chromium

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here