Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora 37: 2023-8cc9731416 Moderate: Chromium Type Confusion Issues

fedora
Calendar Grey April 21, 2023
Dist Fedora Esm H88
A recent update to Chromium on Fedora 37 has resolved several critical security issues, enhancing both stability and overall protection. Noteworthy improvements have been implemented.
update to 112.0.5615.121

Summary

Chromium is an open-source web browser, powered by WebKit (Blink).

update to 112.0.5615.121. Fixes the following security issues: CVE-2023-2004

CVE-2023-2133 CVE-2023-2134 CVE-2023-2135 CVE-2023-2136 CVE-2023-2137

CVE-2023-2033

* Mon Apr 17 2023 Than Ngo - 112.0.5615.121-2

- fix vaapi issue on xwayland

- fix the build order, chrome_feed_response_metadata.pb.h file not found

- fix compiler flags and typo

* Sat Apr 15 2023 Than Ngo - 112.0.5615.121-1

- update to 112.0.5615.121

[ 1 ] Bug #2186431 - CVE-2023-2004 chromium: freetype: integer overflowin in tt_hvadvance_adjust() in src/truetype/ttgxvar.c [epel-all]

https://bugzilla.redhat.com/show_bug.cgi?id=2186431

[ 2 ] Bug #2186878 - CVE-2023-2033 chromium: chromium-browser: Type Confusion in V8 [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=2186878

[ 3 ] Bug #2186879 - CVE-2023-2033 chromium: chromium-browser: Type Confusion in V8 [epel-all]

https://bugzilla.redhat.com/show_bug.cgi?id=2186879

[ 4 ] Bug #2186982 - [chromium] GPU process crashes on AMD

https://bugzilla.redhat.com/show_bug.cgi?id=2186982

[ 5 ] Bug #2187064 - Crash in chromium

https://bugzilla.redhat.com/show_bug.cgi?id=2187064

[ 6 ] Bug #2187346 - Lost ability to apply visual effects

https://bugzilla.redhat.com/show_bug.cgi?id=2187346

[ 7 ] Bug #2187772 - Hardware acceleration for chromium is not available, even when forcing it

https://bugzilla.redhat.com/show_bug.cgi?id=2187772

[ 8 ] Bug #2187900 - CVE-2023-2133 CVE-2023-2134 CVE-2023-2135 CVE-2023-2136 CVE-2023-2137 chromium: various flaws [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=2187900

[ 9 ] Bug #2187901 - CVE-2023-2133 CVE-2023-2134 CVE-2023-2135 CVE-2023-2136 CVE-2023-2137 chromium: various flaws [epel-all]

https://bugzilla.redhat.com/show_bug.cgi?id=2187901

su -c 'dnf upgrade --advisory FEDORA-2023-8cc9731416' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Do not reply to spam, report it:

Topics%20covered

Topics Covered

security advisory security issue software update Fedora moderate severity browser security chromium

Change Log

References

Update Instructions

Product: Fedora 37
Version: 112.0.5615.121
Release: 2.fc37
URL: https://www.chromium.org/Home/
Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use

Topics%20covered

Topics Covered

security advisory security issue software update Fedora moderate severity browser security chromium

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here