MGASA-2022-0232 - Updated chromium-browser-stable packages fix security vulnerability

Publication date: 16 Jun 2022
URL: https://advisories.mageia.org/MGASA-2022-0232.html
Type: security
Affected Mageia releases: 8
CVE: CVE-2022-2007,
     CVE-2022-2008,
     CVE-2022-2010,
     CVE-2022-2011

The chromium-browser-stable package has been updated to the 102.0.5005.115
version, fixing many bugs and 7 CVE. Some of them are listed below:
Use after free in WebGPU. (CVE-2022-2007)
Out of bounds memory access in WebGL. (CVE-2022-2008)
Out of bounds read in compositing. (CVE-2022-2010)
Use after free in ANGLE. (CVE-2022-2011)

References:
- https://bugs.mageia.org/show_bug.cgi?id=30547
- https://chromereleases.googleblog.com/2022/06/stable-channel-update-for-desktop.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2007
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2008
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2010
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2011

SRPMS:
- 8/core/chromium-browser-stable-102.0.5005.115-1.mga8