Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Fedora 41: chromium 2024-3a6f9ab958 Security Advisory Updates

fedora
Calendar Grey October 26, 2024
Dist Fedora Esm H88
Security advisory updates addressing critical issues in Chromium for Fedora 41 are essential for maintaining safety.
Update to 130.0.6723.58 * High CVE-2024-9954: Use after free in AI * Medium CVE-2024-9955: Use after free in Web Authentication * Medium CVE-2024-9956: Inappropriate implementat...

Summary

Chromium is an open-source web browser, powered by WebKit (Blink).

Update Information:

Update to 130.0.6723.58 * High CVE-2024-9954: Use after free in AI * Medium CVE-2024-9955: Use after free in Web Authentication * Medium CVE-2024-9956: Inappropriate implementation in Web Authentication * Medium CVE-2024-9957: Use after free in UI * Medium CVE-2024-9958: Inappropriate implementation in PictureInPicture * Medium CVE-2024-9959: Use after free in DevTools * Medium CVE-2024-9960: Use after free in Dawn * Medium CVE-2024-9961: Use after free in Parcel Tracking * Medium CVE-2024-9962: Inappropriate implementation in Permissions * Medium CVE-2024-9963: Insufficient data validation in Downloads * Low CVE-2024-9964: Inappropriate implementation in Payments * Low CVE-2024-9965: Insufficient data validation in DevTools * Low CVE-2024-9966: Inappropriate implementation in Navigations

Topics%20covered

Topics Covered

No topics assigned

Change Log

* Wed Oct 16 2024 Than Ngo - 130.0.6723.58-1 - update to 130.0.6723.58 * High CVE-2024-9954: Use after free in AI * Medium CVE-2024-9955: Use after free in Web Authentication * Medium CVE-2024-9956: Inappropriate implementation in Web Authentication * Medium CVE-2024-9957: Use after free in UI * Medium CVE-2024-9958: Inappropriate implementation in PictureInPicture * Medium CVE-2024-9959: Use after free in DevTools * Medium CVE-2024-9960: Use after free in Dawn * Medium CVE-2024-9961: Use after free in Parcel Tracking * Medium CVE-2024-9962: Inappropriate implementation in Permissions * Medium CVE-2024-9963: Insufficient data validation in Downloads * Low CVE-2024-9964: Inappropriate implementation in Payments * Low CVE-2024-9965: Insufficient data validation in DevTools * Low CVE-2024-9966: Inappropriate implementation in Navigations

References


[ 1 ] Bug #2318990 - CVE-2024-9957 chromium: Use after free in UI [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2318990 [ 2 ] Bug #2318991 - CVE-2024-9957 chromium: Use after free in UI [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2318991 [ 3 ] Bug #2318992 - CVE-2024-9961 chromium: Use after free in Parcel Tracking [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2318992 [ 4 ] Bug #2318993 - CVE-2024-9961 chromium: Use after free in Parcel Tracking [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2318993 [ 5 ] Bug #2318996 - CVE-2024-9959 chromium: Use after free in DevTools [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2318996 [ 6 ] Bug #2318998 - CVE-2024-9959 chromium: Use after free in DevTools [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2318998 [ 7 ] Bug #2318999 - CVE-2024-9963 chromium: Insufficient data validation in Downloads [epel-all] ...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-3a6f9ab958' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Name: chromium
Product: Fedora 41
Version: 130.0.6723.58
Release: 1.fc41
URL: http://www.chromium.org/Home
Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use

Topics%20covered

Topics Covered

No topics assigned

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here