Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Fedora 37: 2023-1c6a20aa0a Critical: Chromium Browser Fixes

fedora
Calendar Grey October 14, 2023
Dist Fedora Esm H88
Essential patches for Fedora 37's Firefox: numerous security enhancements tackling critical vulnerabilities.
Update to 118.0.5993.70

Summary

Chromium is an open-source web browser, powered by WebKit (Blink).

Update Information:

Update to 118.0.5993.70. Include following security fixes: - CVE-2023-5218: Use after free in Site Isolation. - CVE-2023-5487: Inappropriate implementation in Fullscreen. - CVE-2023-5484: Inappropriate implementation in Navigation. - CVE-2023-5475: Inappropriate implementation in DevTools. - CVE-2023-5483: Inappropriate implementation in Intents. - CVE-2023-5481: Inappropriate implementation in Downloads. - CVE-2023-5476: Use after free in Blink History. - CVE-2023-5474: Heap buffer overflow in PDF. - CVE-2023-5479: Inappropriate implementation in Extensions API. - CVE-2023-5485: Inappropriate implementation in Autofill. - CVE-2023-5478: Inappropriate implementation in Autofill. - CVE-2023-5477: Inappropriate implementation in Installer. - CVE-2023-5486: Inappropriate implementation in Input. - CVE-2023-5473: Use after free in Cast.

Topics%20covered

Topics Covered

security advisory fedora update critical browser security chromium site isolation

Change Log

* Wed Oct 11 2023 Than Ngo - 118.0.5993.70-1 - update to 118.0.5993.70 - CVE-2023-5218: Use after free in Site Isolation. - CVE-2023-5487: Inappropriate implementation in Fullscreen. - CVE-2023-5484: Inappropriate implementation in Navigation. - CVE-2023-5475: Inappropriate implementation in DevTools. - CVE-2023-5483: Inappropriate implementation in Intents. - CVE-2023-5481: Inappropriate implementation in Downloads. - CVE-2023-5476: Use after free in Blink History. - CVE-2023-5474: Heap buffer overflow in PDF. - CVE-2023-5479: Inappropriate implementation in Extensions API. - CVE-2023-5485: Inappropriate implementation in Autofill. - CVE-2023-5478: Inappropriate implementation in Autofill. - CVE-2023-5477: Inappropriate implementation in Installer. - CVE-2023-5486: Inappropriate implementation in Input. - CVE-2023-5473: Use after free in Cast. * Sat Oct 7 2023 Than Ngo - 118.0.5993.54-1 - update to 118.0.5993.54 - drop use_gnome_keyring as it's removed by upstream

References

Fedora Update Notification FEDORA-2023-1c6a20aa0a 2023-10-14 01:26:08.208346 Name : chromium Product : Fedora 37 Version : 118.0.5993.70 Release : 1.fc37 URL : https://www.chromium.org/Home/ Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use Description : Chromium is an open-source web browser, powered by WebKit (Blink).

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-1c6a20aa0a' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: chromium
Product: Fedora 37
Version: 118.0.5993.70
Release: 1.fc37
URL: https://www.chromium.org/Home/
Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use

Topics%20covered

Topics Covered

security advisory fedora update critical browser security chromium site isolation

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here