MGASA-2022-0043 - Updated chromium-browser-stable packages fix security vulnerability

Publication date: 02 Feb 2022
URL: https://advisories.mageia.org/MGASA-2022-0043.html
Type: security
Affected Mageia releases: 8
CVE: CVE-2022-0096,
     CVE-2022-0097,
     CVE-2022-0098,
     CVE-2022-0099,
     CVE-2022-0100,
     CVE-2022-0101,
     CVE-2022-0102,
     CVE-2022-0103,
     CVE-2022-0104,
     CVE-2022-0105,
     CVE-2022-0106,
     CVE-2022-0107,
     CVE-2022-0108,
     CVE-2022-0109,
     CVE-2022-0110,
     CVE-2022-0111,
     CVE-2022-0112,
     CVE-2022-0113,
     CVE-2022-0114,
     CVE-2022-0115,
     CVE-2022-0116,
     CVE-2022-0117,
     CVE-2022-0118,
     CVE-2022-0120,
     CVE-2022-0289,
     CVE-2022-0290,
     CVE-2022-0291,
     CVE-2022-0292,
     CVE-2022-0293,
     CVE-2022-0294,
     CVE-2022-0295,
     CVE-2022-0296,
     CVE-2022-0297,
     CVE-2022-0298,
     CVE-2022-0300,
     CVE-2022-0301,
     CVE-2022-0302,
     CVE-2022-0304,
     CVE-2022-0305,
     CVE-2022-0306,
     CVE-2022-0307,
     CVE-2022-0308,
     CVE-2022-0309,
     CVE-2022-0310,
     CVE-2022-0311,
     CVE-2022-0337

CVE-2022-0096: Use after free in Storage.
CVE-2022-0097: Inappropriate implementation in DevTools.
CVE-2022-0098: Use after free in Screen Capture.
CVE-2022-0099: Use after free in Sign-in.
CVE-2022-0100: Heap buffer overflow in Media streams API.
CVE-2022-0101: Heap buffer overflow in Bookmarks.
CVE-2022-0102: Type Confusion in V8.
CVE-2022-0103: Use after free in SwiftShader.
CVE-2022-0104: Heap buffer overflow in ANGLE.
CVE-2022-0105: Use after free in PDF.
CVE-2022-0106: Use after free in Autofill.
CVE-2022-0107: Use after free in File Manager API.
CVE-2022-0108: Inappropriate implementation in Navigation.
CVE-2022-0109: Inappropriate implementation in Autofill.
CVE-2022-0110: Incorrect security UI in Autofill.
CVE-2022-0111: Inappropriate implementation in Navigation.
CVE-2022-0112: Incorrect security UI in Browser UI.
CVE-2022-0113: Inappropriate implementation in Blink.
CVE-2022-0114: Out of bounds memory access in Web Serial.
CVE-2022-0115: Uninitialized Use in File API.
CVE-2022-0116: Inappropriate implementation in Compositing.
CVE-2022-0117: Policy bypass in Service Workers.
CVE-2022-0118: Inappropriate implementation in WebShare.
CVE-2022-0120: Inappropriate implementation in Passwords.
CVE-2022-0289: Use after free in Safe browsing.
CVE-2022-0290: Use after free in Site isolation.
CVE-2022-0291: Inappropriate implementation in Storage.
CVE-2022-0292: Inappropriate implementation in Fenced Frames.
CVE-2022-0293: Use after free in Web packaging.
CVE-2022-0294: Inappropriate implementation in Push messaging.
CVE-2022-0295: Use after free in Omnibox.
CVE-2022-0296: Use after free in Printing.
CVE-2022-0297: Use after free in Vulkan.
CVE-2022-0298: Use after free in Scheduling.
CVE-2022-0300: Use after free in Text Input Method Editor.
CVE-2022-0301: Heap buffer overflow in DevTools.
CVE-2022-0302: Use after free in Omnibox.
CVE-2022-0304: Use after free in Bookmarks.
CVE-2022-0305: Inappropriate implementation in Service Worker API.
CVE-2022-0306: Heap buffer overflow in PDFium.
CVE-2022-0307: Use after free in Optimization Guide.
CVE-2022-0308: Use after free in Data Transfer.
CVE-2022-0309: Inappropriate implementation in Autofill.
CVE-2022-0310: Heap buffer overflow in Task Manager.
CVE-2022-0311: Heap buffer overflow in Task Manager.
CVE-2022-0337: Inappropriate implementation in File System API.

References:
- https://bugs.mageia.org/show_bug.cgi?id=29846
- https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html
- https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0096
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0097
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0098
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0099
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0100
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0101
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0102
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0103
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0104
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0105
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0106
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0107
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0108
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0109
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0110
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0111
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0112
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0113
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0114
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0115
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0116
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0117
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0118
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0120
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0289
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0290
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0291
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0292
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0293
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0294
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0295
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0296
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0297
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0298
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0300
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0301
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0302
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0304
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0305
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0306
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0307
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0308
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0309
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0310
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0311
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0337

SRPMS:
- 8/core/chromium-browser-stable-97.0.4692.99-1.mga8