MGASA-2022-0268 - Updated chromium-browser-stable packages fix security vulnerability Publication date: 29 Jul 2022 URL: https://advisories.mageia.org/MGASA-2022-0268.html Type: security Affected Mageia releases: 8 CVE: CVE-2022-2477, CVE-2022-2478, CVE-2022-2479, CVE-2022-2480, CVE-2022-2481, CVE-2022-2163 The chromium-browser-stable package has been updated to version 103.0.5060.134 branch, fixing many bugs and 11 CVE. Some of them are listed below. Use after free in Guest View. (CVE-2022-2477) Use after free in PDF. (CVE-2022-2478) Insufficient validation of untrusted input in File. (CVE-2022-2479) Use after free in Service Worker API. (CVE-2022-2480) Use after free in Views. (CVE-2022-2481) Use after free in Cast UI and Toolbar. (CVE-2022-2163) Various fixes from internal audits, fuzzing and other initiatives References: - https://bugs.mageia.org/show_bug.cgi?id=30655 - https://chromereleases.googleblog.com/2022/07/stable-channel-update-for-desktop_19.html - https://blog.chromium.org/2022/05/chrome-103-beta-early-navigation-hints.html - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2477 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2478 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2479 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2480 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2481 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2163 SRPMS: - 8/core/chromium-browser-stable-103.0.5060.134-1.mga8