Fedora 36: chromium 2023-c1741c9724 | LinuxSecurity.com
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2023-c1741c9724
2023-04-21 01:23:34.069398
--------------------------------------------------------------------------------

Name        : chromium
Product     : Fedora 36
Version     : 112.0.5615.121
Release     : 2.fc36
URL         : https://www.chromium.org/Home
Summary     : A WebKit (Blink) powered web browser that Google doesn't want you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).

--------------------------------------------------------------------------------
Update Information:

update to 112.0.5615.121. Fixes the following security issues:  CVE-2023-2004
CVE-2023-2133 CVE-2023-2134 CVE-2023-2135 CVE-2023-2136 CVE-2023-2137
CVE-2023-2033
--------------------------------------------------------------------------------
ChangeLog:

* Mon Apr 17 2023 Than Ngo  - 112.0.5615.121-2
- fix vaapi issue on xwayland
- fix the build order, chrome_feed_response_metadata.pb.h file not found
- fix compiler flags and typo
* Sat Apr 15 2023 Than Ngo  - 112.0.5615.121-1
- update to 112.0.5615.121
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2186431 - CVE-2023-2004 chromium: freetype: integer overflowin in tt_hvadvance_adjust() in src/truetype/ttgxvar.c [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2186431
  [ 2 ] Bug #2186878 - CVE-2023-2033 chromium: chromium-browser: Type Confusion in V8 [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2186878
  [ 3 ] Bug #2186879 - CVE-2023-2033 chromium: chromium-browser: Type Confusion in V8 [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2186879
  [ 4 ] Bug #2186982 - [chromium] GPU process crashes on AMD
        https://bugzilla.redhat.com/show_bug.cgi?id=2186982
  [ 5 ] Bug #2187064 - Crash in chromium
        https://bugzilla.redhat.com/show_bug.cgi?id=2187064
  [ 6 ] Bug #2187346 - Lost ability to apply visual effects
        https://bugzilla.redhat.com/show_bug.cgi?id=2187346
  [ 7 ] Bug #2187772 - Hardware acceleration for chromium is not available, even when forcing it
        https://bugzilla.redhat.com/show_bug.cgi?id=2187772
  [ 8 ] Bug #2187900 - CVE-2023-2133 CVE-2023-2134 CVE-2023-2135 CVE-2023-2136 CVE-2023-2137 chromium: various flaws [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2187900
  [ 9 ] Bug #2187901 - CVE-2023-2133 CVE-2023-2134 CVE-2023-2135 CVE-2023-2136 CVE-2023-2137 chromium: various flaws [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2187901
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2023-c1741c9724' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue

Fedora 36: chromium 2023-c1741c9724

April 21, 2023
update to 112.0.5615.121

Summary

Chromium is an open-source web browser, powered by WebKit (Blink).

Update Information:

update to 112.0.5615.121. Fixes the following security issues: CVE-2023-2004 CVE-2023-2133 CVE-2023-2134 CVE-2023-2135 CVE-2023-2136 CVE-2023-2137 CVE-2023-2033

Change Log

* Mon Apr 17 2023 Than Ngo - 112.0.5615.121-2 - fix vaapi issue on xwayland - fix the build order, chrome_feed_response_metadata.pb.h file not found - fix compiler flags and typo * Sat Apr 15 2023 Than Ngo - 112.0.5615.121-1 - update to 112.0.5615.121

References

[ 1 ] Bug #2186431 - CVE-2023-2004 chromium: freetype: integer overflowin in tt_hvadvance_adjust() in src/truetype/ttgxvar.c [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2186431 [ 2 ] Bug #2186878 - CVE-2023-2033 chromium: chromium-browser: Type Confusion in V8 [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2186878 [ 3 ] Bug #2186879 - CVE-2023-2033 chromium: chromium-browser: Type Confusion in V8 [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2186879 [ 4 ] Bug #2186982 - [chromium] GPU process crashes on AMD https://bugzilla.redhat.com/show_bug.cgi?id=2186982 [ 5 ] Bug #2187064 - Crash in chromium https://bugzilla.redhat.com/show_bug.cgi?id=2187064 [ 6 ] Bug #2187346 - Lost ability to apply visual effects https://bugzilla.redhat.com/show_bug.cgi?id=2187346 [ 7 ] Bug #2187772 - Hardware acceleration for chromium is not available, even when forcing it https://bugzilla.redhat.com/show_bug.cgi?id=2187772 [ 8 ] Bug #2187900 - CVE-2023-2133 CVE-2023-2134 CVE-2023-2135 CVE-2023-2136 CVE-2023-2137 chromium: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2187900 [ 9 ] Bug #2187901 - CVE-2023-2133 CVE-2023-2134 CVE-2023-2135 CVE-2023-2136 CVE-2023-2137 chromium: various flaws [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2187901

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-c1741c9724' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
Name : chromium
Product : Fedora 36
Version : 112.0.5615.121
Release : 2.fc36
URL : https://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.