What Are You Looking For?

Sign Up
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2023-f29e9560a1
2023-11-14 01:55:09.715473
--------------------------------------------------------------------------------

Name        : chromium
Product     : Fedora 38
Version     : 119.0.6045.123
Release     : 1.fc38
URL         : https://www.chromium.org/Home
Summary     : A WebKit (Blink) powered web browser that Google doesn't want you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).

--------------------------------------------------------------------------------
Update Information:

update to 119.0.6045.123. Security fix for  CVE-2023-5996  ----  update to
119.0.6045.105. Security fixes:      High CVE-2023-5480: Inappropriate
implementation in Payments.     High CVE-2023-5482: Insufficient data validation
in USB.     High CVE-2023-5849: Integer overflow in USB.     Medium
CVE-2023-5850: Incorrect security UI in Downloads.     Medium CVE-2023-5851:
Inappropriate implementation in Downloads.     Medium CVE-2023-5852: Use after
free in Printing.     Medium CVE-2023-5853: Incorrect security UI in Downloads.
Medium CVE-2023-5854: Use after free in Profiles.     Medium CVE-2023-5855: Use
after free in Reading Mode.     Medium CVE-2023-5856: Use after free in Side
Panel.     Medium CVE-2023-5857: Inappropriate implementation in Downloads.
Low CVE-2023-5858: Inappropriate implementation in WebApp Provider.     Low
CVE-2023-5859: Incorrect security UI in Picture In Picture.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Nov  8 2023 Than Ngo  - 119.0.6045.123-1
- update to 119.0.6045.123, include following security fixes:
  high CVE-2023-5996: Use after free in WebAudio
* Tue Nov  7 2023 Than Ngo  - 119.0.6045.105-2
- enable debuginfo
* Wed Nov  1 2023 Than Ngo  - 119.0.6045.105-1
- update to 119.0.6045.105
* Fri Oct 27 2023 Than Ngo  - 119.0.6045.59-1
- update 119.0.6045.59
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2247403 - CVE-2023-5480 chromium: chromium-browser: Inappropriate implementation in Payments [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2247403
  [ 2 ] Bug #2247404 - CVE-2023-5480 chromium: chromium-browser: Inappropriate implementation in Payments [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2247404
  [ 3 ] Bug #2247405 - CVE-2023-5482 chromium: chromium-browser: Insufficient data validation in USB [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2247405
  [ 4 ] Bug #2247406 - CVE-2023-5482 chromium: chromium-browser: Insufficient data validation in USB [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2247406
  [ 5 ] Bug #2247408 - CVE-2023-5849 chromium: chromium-browser: Integer overflow in USB [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2247408
  [ 6 ] Bug #2247409 - CVE-2023-5849 chromium: chromium-browser: Integer overflow in USB [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2247409
  [ 7 ] Bug #2247410 - CVE-2023-5850 chromium: chromium-browser: Incorrect security UI in Downloads [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2247410
  [ 8 ] Bug #2247411 - CVE-2023-5850 chromium: chromium-browser: Incorrect security UI in Downloads [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2247411
  [ 9 ] Bug #2247412 - CVE-2023-5851 chromium: chromium-browser: Inappropriate implementation in Downloads [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2247412
  [ 10 ] Bug #2247413 - CVE-2023-5851 chromium: chromium-browser: Inappropriate implementation in Downloads [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2247413
  [ 11 ] Bug #2247414 - CVE-2023-5852 chromium: chromium-browser: Use after free in Printing [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2247414
  [ 12 ] Bug #2247415 - CVE-2023-5852 chromium: chromium-browser: Use after free in Printing [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2247415
  [ 13 ] Bug #2247416 - CVE-2023-5853 chromium: chromium-browser: Incorrect security UI in Downloads [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2247416
  [ 14 ] Bug #2247417 - CVE-2023-5853 chromium: chromium-browser: Incorrect security UI in Downloads [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2247417
  [ 15 ] Bug #2247418 - CVE-2023-5854 chromium: chromium-browser: Use after free in Profiles [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2247418
  [ 16 ] Bug #2247419 - CVE-2023-5855 chromium: chromium-browser: Use after free in Reading Mode [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2247419
  [ 17 ] Bug #2247420 - CVE-2023-5854 chromium: chromium-browser: Use after free in Profiles [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2247420
  [ 18 ] Bug #2247421 - CVE-2023-5855 chromium: chromium-browser: Use after free in Reading Mode [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2247421
  [ 19 ] Bug #2247422 - CVE-2023-5856 chromium: chromium-browser: Use after free in Side Panel [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2247422
  [ 20 ] Bug #2247423 - CVE-2023-5856 chromium: chromium-browser: Use after free in Side Panel [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2247423
  [ 21 ] Bug #2247424 - CVE-2023-5858 chromium: chromium-browser: Inappropriate implementation in WebApp Provider [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2247424
  [ 22 ] Bug #2247425 - CVE-2023-5859 chromium: chromium-browser: Incorrect security UI in Picture In Picture [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2247425
  [ 23 ] Bug #2247426 - CVE-2023-5858 chromium: chromium-browser: Inappropriate implementation in WebApp Provider [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2247426
  [ 24 ] Bug #2247429 - CVE-2023-5857 chromium: chromium-browser: Inappropriate implementation in Downloads [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2247429
  [ 25 ] Bug #2247430 - CVE-2023-5857 chromium: chromium-browser: Inappropriate implementation in Downloads [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2247430
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2023-f29e9560a1' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue

Fedora 38: chromium 2023-f29e9560a1

November 14, 2023
update to 119.0.6045.123

Summary

Chromium is an open-source web browser, powered by WebKit (Blink).

Update Information:

update to 119.0.6045.123. Security fix for CVE-2023-5996 ---- update to 119.0.6045.105. Security fixes: High CVE-2023-5480: Inappropriate implementation in Payments. High CVE-2023-5482: Insufficient data validation in USB. High CVE-2023-5849: Integer overflow in USB. Medium CVE-2023-5850: Incorrect security UI in Downloads. Medium CVE-2023-5851: Inappropriate implementation in Downloads. Medium CVE-2023-5852: Use after free in Printing. Medium CVE-2023-5853: Incorrect security UI in Downloads. Medium CVE-2023-5854: Use after free in Profiles. Medium CVE-2023-5855: Use after free in Reading Mode. Medium CVE-2023-5856: Use after free in Side Panel. Medium CVE-2023-5857: Inappropriate implementation in Downloads. Low CVE-2023-5858: Inappropriate implementation in WebApp Provider. Low CVE-2023-5859: Incorrect security UI in Picture In Picture.

Change Log

* Wed Nov 8 2023 Than Ngo - 119.0.6045.123-1 - update to 119.0.6045.123, include following security fixes: high CVE-2023-5996: Use after free in WebAudio * Tue Nov 7 2023 Than Ngo - 119.0.6045.105-2 - enable debuginfo * Wed Nov 1 2023 Than Ngo - 119.0.6045.105-1 - update to 119.0.6045.105 * Fri Oct 27 2023 Than Ngo - 119.0.6045.59-1 - update 119.0.6045.59

References

[ 1 ] Bug #2247403 - CVE-2023-5480 chromium: chromium-browser: Inappropriate implementation in Payments [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2247403 [ 2 ] Bug #2247404 - CVE-2023-5480 chromium: chromium-browser: Inappropriate implementation in Payments [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2247404 [ 3 ] Bug #2247405 - CVE-2023-5482 chromium: chromium-browser: Insufficient data validation in USB [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2247405 [ 4 ] Bug #2247406 - CVE-2023-5482 chromium: chromium-browser: Insufficient data validation in USB [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2247406 [ 5 ] Bug #2247408 - CVE-2023-5849 chromium: chromium-browser: Integer overflow in USB [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2247408 [ 6 ] Bug #2247409 - CVE-2023-5849 chromium: chromium-browser: Integer overflow in USB [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2247409 [ 7 ] Bug #2247410 - CVE-2023-5850 chromium: chromium-browser: Incorrect security UI in Downloads [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2247410 [ 8 ] Bug #2247411 - CVE-2023-5850 chromium: chromium-browser: Incorrect security UI in Downloads [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2247411 [ 9 ] Bug #2247412 - CVE-2023-5851 chromium: chromium-browser: Inappropriate implementation in Downloads [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2247412 [ 10 ] Bug #2247413 - CVE-2023-5851 chromium: chromium-browser: Inappropriate implementation in Downloads [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2247413 [ 11 ] Bug #2247414 - CVE-2023-5852 chromium: chromium-browser: Use after free in Printing [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2247414 [ 12 ] Bug #2247415 - CVE-2023-5852 chromium: chromium-browser: Use after free in Printing [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2247415 [ 13 ] Bug #2247416 - CVE-2023-5853 chromium: chromium-browser: Incorrect security UI in Downloads [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2247416 [ 14 ] Bug #2247417 - CVE-2023-5853 chromium: chromium-browser: Incorrect security UI in Downloads [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2247417 [ 15 ] Bug #2247418 - CVE-2023-5854 chromium: chromium-browser: Use after free in Profiles [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2247418 [ 16 ] Bug #2247419 - CVE-2023-5855 chromium: chromium-browser: Use after free in Reading Mode [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2247419 [ 17 ] Bug #2247420 - CVE-2023-5854 chromium: chromium-browser: Use after free in Profiles [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2247420 [ 18 ] Bug #2247421 - CVE-2023-5855 chromium: chromium-browser: Use after free in Reading Mode [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2247421 [ 19 ] Bug #2247422 - CVE-2023-5856 chromium: chromium-browser: Use after free in Side Panel [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2247422 [ 20 ] Bug #2247423 - CVE-2023-5856 chromium: chromium-browser: Use after free in Side Panel [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2247423 [ 21 ] Bug #2247424 - CVE-2023-5858 chromium: chromium-browser: Inappropriate implementation in WebApp Provider [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2247424 [ 22 ] Bug #2247425 - CVE-2023-5859 chromium: chromium-browser: Incorrect security UI in Picture In Picture [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2247425 [ 23 ] Bug #2247426 - CVE-2023-5858 chromium: chromium-browser: Inappropriate implementation in WebApp Provider [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2247426 [ 24 ] Bug #2247429 - CVE-2023-5857 chromium: chromium-browser: Inappropriate implementation in Downloads [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2247429 [ 25 ] Bug #2247430 - CVE-2023-5857 chromium: chromium-browser: Inappropriate implementation in Downloads [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2247430

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-f29e9560a1' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
Name : chromium
Product : Fedora 38
Version : 119.0.6045.123
Release : 1.fc38
URL : https://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use

Related News

Kali Linux 2023.4 Released With New Hacking Tools

Dec 6, 2023

Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits

Nov 25, 2023

Nitrux 3.2.0 Linux Distro Released with Enhanced Security and New Features

Nov 28, 2023

Severe Firefox, Thunderbird Bugs Could Lead to System Takeover

Dec 2, 2023

News

Advisories

HOWTOs

Features

Using Open Source to Ensure Compliance & Data Integrity through Data Governance
Critical Linux Kernel Bugs Lead to DoS, Privilege Escalation - Patch Now!
Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024

About Us

Powered By

Footer Logo