Fedora 38: chromium 2023-df075a7f85 | LinuxSecurity.com

What Are You Looking For?

Popular Tags

Sign Up
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2023-df075a7f85
2023-04-20 04:40:58.216764
--------------------------------------------------------------------------------

Name        : chromium
Product     : Fedora 38
Version     : 112.0.5615.121
Release     : 2.fc38
URL         : https://www.chromium.org/Home
Summary     : A WebKit (Blink) powered web browser that Google doesn't want you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).

--------------------------------------------------------------------------------
Update Information:

update to 112.0.5615.121. Fixes the following security issues:  CVE-2023-2004
CVE-2023-2133 CVE-2023-2134 CVE-2023-2135 CVE-2023-2136 CVE-2023-2137
CVE-2023-2033
--------------------------------------------------------------------------------
ChangeLog:

* Mon Apr 17 2023 Than Ngo  - 112.0.5615.121-2
- fix vaapi issue on xwayland
- fix the build order, chrome_feed_response_metadata.pb.h file not found
- fix compiler flags and typo
* Sat Apr 15 2023 Than Ngo  - 112.0.5615.121-1
- update to 112.0.5615.121
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2186431 - CVE-2023-2004 chromium: freetype: integer overflowin in tt_hvadvance_adjust() in src/truetype/ttgxvar.c [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2186431
  [ 2 ] Bug #2186878 - CVE-2023-2033 chromium: chromium-browser: Type Confusion in V8 [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2186878
  [ 3 ] Bug #2186879 - CVE-2023-2033 chromium: chromium-browser: Type Confusion in V8 [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2186879
  [ 4 ] Bug #2186982 - [chromium] GPU process crashes on AMD
        https://bugzilla.redhat.com/show_bug.cgi?id=2186982
  [ 5 ] Bug #2187064 - Crash in chromium
        https://bugzilla.redhat.com/show_bug.cgi?id=2187064
  [ 6 ] Bug #2187346 - Lost ability to apply visual effects
        https://bugzilla.redhat.com/show_bug.cgi?id=2187346
  [ 7 ] Bug #2187772 - Hardware acceleration for chromium is not available, even when forcing it
        https://bugzilla.redhat.com/show_bug.cgi?id=2187772
  [ 8 ] Bug #2187900 - CVE-2023-2133 CVE-2023-2134 CVE-2023-2135 CVE-2023-2136 CVE-2023-2137 chromium: various flaws [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2187900
  [ 9 ] Bug #2187901 - CVE-2023-2133 CVE-2023-2134 CVE-2023-2135 CVE-2023-2136 CVE-2023-2137 chromium: various flaws [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2187901
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2023-df075a7f85' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue

Fedora 38: chromium 2023-df075a7f85

April 20, 2023
update to 112.0.5615.121

Summary

Chromium is an open-source web browser, powered by WebKit (Blink).

Update Information:

update to 112.0.5615.121. Fixes the following security issues: CVE-2023-2004 CVE-2023-2133 CVE-2023-2134 CVE-2023-2135 CVE-2023-2136 CVE-2023-2137 CVE-2023-2033

Change Log

* Mon Apr 17 2023 Than Ngo - 112.0.5615.121-2 - fix vaapi issue on xwayland - fix the build order, chrome_feed_response_metadata.pb.h file not found - fix compiler flags and typo * Sat Apr 15 2023 Than Ngo - 112.0.5615.121-1 - update to 112.0.5615.121

References

[ 1 ] Bug #2186431 - CVE-2023-2004 chromium: freetype: integer overflowin in tt_hvadvance_adjust() in src/truetype/ttgxvar.c [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2186431 [ 2 ] Bug #2186878 - CVE-2023-2033 chromium: chromium-browser: Type Confusion in V8 [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2186878 [ 3 ] Bug #2186879 - CVE-2023-2033 chromium: chromium-browser: Type Confusion in V8 [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2186879 [ 4 ] Bug #2186982 - [chromium] GPU process crashes on AMD https://bugzilla.redhat.com/show_bug.cgi?id=2186982 [ 5 ] Bug #2187064 - Crash in chromium https://bugzilla.redhat.com/show_bug.cgi?id=2187064 [ 6 ] Bug #2187346 - Lost ability to apply visual effects https://bugzilla.redhat.com/show_bug.cgi?id=2187346 [ 7 ] Bug #2187772 - Hardware acceleration for chromium is not available, even when forcing it https://bugzilla.redhat.com/show_bug.cgi?id=2187772 [ 8 ] Bug #2187900 - CVE-2023-2133 CVE-2023-2134 CVE-2023-2135 CVE-2023-2136 CVE-2023-2137 chromium: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2187900 [ 9 ] Bug #2187901 - CVE-2023-2133 CVE-2023-2134 CVE-2023-2135 CVE-2023-2136 CVE-2023-2137 chromium: various flaws [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2187901

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-df075a7f85' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
Name : chromium
Product : Fedora 38
Version : 112.0.5615.121
Release : 2.fc38
URL : https://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use

Related News

Linux Kernel DoS, Info Disclosure Bugs Fixed

The Secure Programmable Router Project Puts Your Network Back Under Your Control with a Raspberry Pi

Important runC Privilege Escalation Flaws Fixed

CISA Warns Several Old Linux Vulns Exploited in Attacks

News

Advisories

HOWTOs

Features

Linux Container Security Primer
Email Phishing Using Kali Linux
Is Linux A More Secure Option Than Windows For Businesses?
How Secure Is Linux?
How To Secure Against WordPress Vulnerabilities with Predictive Analysis Detection & Automated Remediation

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy