Alerts This Week
Warning Icon 1 681
Alerts This Week
Warning Icon 1 681

Mageia 8: MGASA-2022-0357 High: Chromium-Browser-Stable Security Issues

mageia
Calendar Grey October 5, 2022
Dist Mageia Esm H88
MGASA-2022-0452 upgrades firefox to address several critical security flaws. Enhancements for user protection have been applied.
The chromium-browser-stable package has been updated to the new 106 branch with the 106.0.5249.61 version, fixing many bugs and 20 vulnerabilities; it brings as well some improveme...

Summary

The chromium-browser-stable package has been updated to the new 106 branch with the 106.0.5249.61 version, fixing many bugs and 20 vulnerabilities; it brings as well some improvements.
Some of the security fixes are:
High CVE-2022-3304: Use after free in CSS. High CVE-2022-3201: Insufficient validation of untrusted input in Developer Tools. Reported by NDevTK on 2022-07-09 High CVE-2022-3305: Use after free in Survey. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute on 2022-04-24 High CVE-2022-3306: Use after free in Survey. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Vulnerability Research Institute on 2022-04-27 High CVE-2022-3307: Use after free in Media. Reported by Anonymous Telecommunications Corp. Ltd. on 2022-05-08 Medium CVE-2022-3308: Insufficient policy enforcement in Developer Tools. Reported by Andrea Cappa (zi0Black) @ Shielder on 2022-07-08 Medium CVE-2022-3309: Use after free in Assistant. Reported by zh1x...

Read the Full Advisory

References

- https://bugs.mageia.org/show_bug.cgi?id=30905

- https://bugs.mageia.org/show_bug.cgi?id=30802

- https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_27.html

- https://blog.chromium.org/2022/09/chrome-106-beta-new-css-features.html

- https://www.cve.org/CVERecord?id=CVE-2022-3201

- https://www.cve.org/CVERecord?id=CVE-2022-3304

- https://www.cve.org/CVERecord?id=CVE-2022-3305

- https://www.cve.org/CVERecord?id=CVE-2022-3306

- https://www.cve.org/CVERecord?id=CVE-2022-3307

- https://www.cve.org/CVERecord?id=CVE-2022-3308

- https://www.cve.org/CVERecord?id=CVE-2022-3309

- https://www.cve.org/CVERecord?id=CVE-2022-3310

- https://www.cve.org/CVERecord?id=CVE-2022-3311

- https://www.cve.org/CVERecord?id=CVE-2022-3312

- https://www.cve.org/CVERecord?id=CVE-2022-3313

- https://www.cve.org/CVERecord?id=CVE-2022-3314

- https://www.cve.org/CVERecord?id=CVE-2022-3315

- https://www.cve.org/CVERecord?id=CVE-2022-3316

- https://www.cve.org/CVERecord?id=CVE-2022-3317

- https://www.cve.org/CVERecord?id=CVE-2022-3318

Topics%20covered

Topics Covered

security advisory update software fix browser security issues high risk Mageia

Resolution

SRPMS

- 8/core/chromium-browser-stable-106.0.5249.91-1.mga8

Publication date: 05 Oct 2022
URL: https://advisories.mageia.org/MGASA-2022-0357.html
Type: security
CVE: CVE-2022-3201, CVE-2022-3304, CVE-2022-3305, CVE-2022-3306, CVE-2022-3307, CVE-2022-3308, CVE-2022-3309, CVE-2022-3310, CVE-2022-3311, CVE-2022-3312, CVE-2022-3313, CVE-2022-3314, CVE-2022-3315, CVE-2022-3316, CVE-2022-3317, CVE-2022-3318

Topics%20covered

Topics Covered

security advisory update software fix browser security issues high risk Mageia

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here