Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Fedora 39: FEDORA-2023-f83b5e84d3 High: Chromium Security Threats

fedora
Calendar Grey November 14, 2023
Dist Fedora Esm H88
Fedora 39 has rolled out an update aimed at boosting security for Chromium, addressing high and medium severity vulnerabilities crucial for protecting users' browsing experience
update to 119.0.6045.123

Summary

Chromium is an open-source web browser, powered by WebKit (Blink).

Update Information:

update to 119.0.6045.123. Security fix for CVE-2023-5996 ---- update to 119.0.6045.105. Security fixes: High CVE-2023-5480: Inappropriate implementation in Payments. High CVE-2023-5482: Insufficient data validation in USB. High CVE-2023-5849: Integer overflow in USB. Medium CVE-2023-5850: Incorrect security UI in Downloads. Medium CVE-2023-5851: Inappropriate implementation in Downloads. Medium CVE-2023-5852: Use after free in Printing. Medium CVE-2023-5853: Incorrect security UI in Downloads. Medium CVE-2023-5854: Use after free in Profiles. Medium CVE-2023-5855: Use after free in Reading Mode. Medium CVE-2023-5856: Use after free in Side Panel. Medium CVE-2023-5857: Inappropriate implementation in Downloads. Low CVE-2023-5858: Inappropriate implementation in WebApp Provider. Low CVE-2023-5859: Incorrect security UI in Picture In Picture.

Topics%20covered

Topics Covered

security advisory high severity fedora software update browser security chromium multi-issue

Change Log

* Wed Nov 8 2023 Than Ngo - 119.0.6045.123-1 - update to 119.0.6045.123, include following security fixes: high CVE-2023-5996: Use after free in WebAudio * Tue Nov 7 2023 Than Ngo - 119.0.6045.105-2 - enable debuginfo * Wed Nov 1 2023 Than Ngo - 119.0.6045.105-1 - update to 119.0.6045.105 * Fri Oct 27 2023 Than Ngo - 119.0.6045.59-1 - update 119.0.6045.59

References


[ 1 ] Bug #2247403 - CVE-2023-5480 chromium: chromium-browser: Inappropriate implementation in Payments [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2247403 [ 2 ] Bug #2247404 - CVE-2023-5480 chromium: chromium-browser: Inappropriate implementation in Payments [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2247404 [ 3 ] Bug #2247405 - CVE-2023-5482 chromium: chromium-browser: Insufficient data validation in USB [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2247405 [ 4 ] Bug #2247406 - CVE-2023-5482 chromium: chromium-browser: Insufficient data validation in USB [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2247406 [ 5 ] Bug #2247408 - CVE-2023-5849 chromium: chromium-browser: Integer overflow in USB [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2247408 [ 6 ] Bug #2247409 - CVE-2023-5849 chromium: chromium-browser: Integer overflow in USB [epel-all] https://bugzil...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-f83b5e84d3' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Name: chromium
Product: Fedora 39
Version: 119.0.6045.123
Release: 1.fc39
URL: https://www.chromium.org/Home/
Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use

Topics%20covered

Topics Covered

security advisory high severity fedora software update browser security chromium multi-issue

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here