Alerts This Week
Warning Icon 1 1,154
Alerts This Week
Warning Icon 1 1,154

Fedora 39: FEDORA-2024-7aba3c1531 high: chromium update critical flaws

fedora
Calendar Grey October 6, 2024
Dist Fedora Esm H88
Fedora 39 has released an update for Chromium that addresses severe vulnerabilities, including integer overflow and issues related to data validation.
update to 129.0.6668.89 High CVE-2024-7025: Integer overflow in Layout High CVE-2024-9369: Insufficient data validation in Mojo High CVE-2024-9370: Inappropriate implementation in ...

Summary

Chromium is an open-source web browser, powered by WebKit (Blink).

Update Information:

update to 129.0.6668.89 High CVE-2024-7025: Integer overflow in Layout High CVE-2024-9369: Insufficient data validation in Mojo High CVE-2024-9370: Inappropriate implementation in V8

Change Log

* Wed Oct 2 2024 Than Ngo - 129.0.6668.89-1 - update to 129.0.6668.89 * High CVE -2024-7025: Integer overflow in Layout * High CVE-2024-9369: Insufficient data validation in Mojo * High CVE-2024-9370: Inappropriate implementation in V8 * Mon Sep 30 2024 Than Ngo - 129.0.6668.70-3 - add clang-19 support * Fri Sep 27 2024 Dominik Mierzejewski - 129.0.6668.70-2 - Rebuilt for FFmpeg 7

References


[ 1 ] Bug #2314382 - CVE-2021-38023 chromium: Use after free in Extensions in Google Chrome [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2314382 [ 2 ] Bug #2314384 - CVE-2018-20072 chromium: Insufficient data validation in PDF in Google Chrome [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2314384 [ 3 ] Bug #2314582 - CVE-2024-9121 chromium: Inappropriate implementation in V8 [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2314582 [ 4 ] Bug #2314584 - CVE-2024-9120 chromium: Use after free in Dawn [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2314584 [ 5 ] Bug #2314589 - CVE-2024-9123 chromium: Integer overflow in Skia in Google Chrome [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2314589 [ 6 ] Bug #2314590 - CVE-2024-9122 chromium: Type Confusion in V8 [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2314590

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-7aba3c1531' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: chromium
Product: Fedora 39
Version: 129.0.6668.89
Release: 1.fc39
Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here