Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 15 articles for you...
202
security advisorymoderateOpenSUSEopenSUSE Leap 16.0 chromium Moderate Implementation Issue CVE-2026-1504
An update that solves one vulnerability and has one bug fix can now be installed.. openSUSE security update: security update for chromium ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20156-1 Rating: moderate References: * bsc#1257404 Cross-References: * CVE-2026-1504 Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves one vulnerability and has one bug fix can now be installed. Description: This update for chromium fixes the following issues: - Chromium 144.0.7559.109 (boo#1257404) * CVE-2026-1504: Inappropriate implementation in Background Fetch API Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-packagehub-101=1 Package List: - openSUSE Leap 16.0: chromedriver-144.0.7559.109-bp160.1.1 chromium-144.0.7559.109-bp160.1.1 References: * https://www.suse.com/security/cve/CVE-2026-1504.html . Update for openSUSE addresses a moderate issue in chromium to enhance security and resolve bugs.. openSUSE security update, chromium security fix, browser security patch, moderate severity update. . LinuxSecurity.com Team
Feb 03, 2026
OpenSUSE
89
security advisoryfedorathreatFedora 43: Important Chromium Update for CVE-2025-9864-9867 Issues
Update to 140.0.7339.80 CVE-2025-9864: Use after free in V8 CVE-2025-9865: Inappropriate implementation in Toolbar CVE-2025-9866: Inappropriate implementation in Extensions CVE-2025-9867: Inappropriate implementation in Downloads. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-e8d34c61f8 2025-09-14 00:15:28.906623+00:00 -------------------------------------------------------------------------------- Name : chromium Product : Fedora 43 Version : 140.0.7339.80 Release : 1.fc43 URL : http://www.chromium.org/Home Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use Description : Chromium is an open-source web browser, powered by WebKit (Blink). -------------------------------------------------------------------------------- Update Information: Update to 140.0.7339.80 CVE-2025-9864: Use after free in V8 CVE-2025-9865: Inappropriate implementation in Toolbar CVE-2025-9866: Inappropriate implementation in Extensions CVE-2025-9867: Inappropriate implementation in Downloads Update to 139.0.7258.154 CVE-2025-9478: Use after free in ANGLE -------------------------------------------------------------------------------- ChangeLog: * Wed Sep 3 2025 Than Ngo - 140.0.7339.80-1 - Update to 140.0.7339.80 * CVE-2025-9864: Use after free in V8 * CVE-2025-9865: Inappropriate implementation in Toolbar * CVE-2025-9866: Inappropriate implementation in Extensions CVE-2025-9867: Inappropriate implementation in Downloads * Thu Aug 28 2025 Than Ngo - 139.0.7258.154-1 - Update to 139.0.7258.154 * CVE-2025-9478: Use after free in ANGLE -------------------------------------------------------------------------------- References: [ 1 ] Bug #2390724 - CVE-2025-4609 chromium: Incorrect handle provided in unspecified circumstances in Mojo [epel-10] https://bugzilla.redhat.com/show_bug.cgi?id=2390724 [ 2 ] Bug #2390727 - CVE-2025-4609chromium: Incorrect handle provided in unspecified circumstances in Mojo [epel-9] https://bugzilla.redhat.com/show_bug.cgi?id=2390727 [ 3 ] Bug #2390730 - CVE-2025-4609 chromium: Incorrect handle provided in unspecified circumstances in Mojo [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2390730 [ 4 ] Bug #2390732 - CVE-2025-4609 chromium: Incorrect handle provided in unspecified circumstances in Mojo [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2390732 [ 5 ] Bug #2392285 - CVE-2025-9478 chromium: Use after free in ANGLE [epel-10] https://bugzilla.redhat.com/show_bug.cgi?id=2392285 [ 6 ] Bug #2392288 - CVE-2025-9478 chromium: Use after free in ANGLE [epel-9] https://bugzilla.redhat.com/show_bug.cgi?id=2392288 [ 7 ] Bug #2392291 - CVE-2025-9478 chromium: Use after free in ANGLE [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2392291 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-e8d34c61f8' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Sep 14, 2025
•Important
Fedora
89
security advisoryupdateFedoraFedora 42: chromium 2025-7f3fdc548a critical: implementation issues
Update to 137.0.7151.55 CVE-2025-5063: Use after free in Compositing CVE-2025-5280: Out of bounds write in V8 CVE-2025-5064: Inappropriate implementation in Background Fetch API CVE-2025-5065: Inappropriate implementation in FileSystemAccess API. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-7f3fdc548a 2025-06-02 01:16:42.779682+00:00 -------------------------------------------------------------------------------- Name : chromium Product : Fedora 42 Version : 137.0.7151.55 Release : 1.fc42 URL : http://www.chromium.org/Home Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use Description : Chromium is an open-source web browser, powered by WebKit (Blink). -------------------------------------------------------------------------------- Update Information: Update to 137.0.7151.55 CVE-2025-5063: Use after free in Compositing CVE-2025-5280: Out of bounds write in V8 CVE-2025-5064: Inappropriate implementation in Background Fetch API CVE-2025-5065: Inappropriate implementation in FileSystemAccess API CVE-2025-5066: Inappropriate implementation in Messages CVE-2025-5281: Inappropriate implementation in BFCache CVE-2025-5283: Use after free in libvpx CVE-2025-5067: Inappropriate implementation in Tab Strip -------------------------------------------------------------------------------- ChangeLog: * Tue May 27 2025 Than Ngo - 137.0.7151.55-1 - Update to 137.0.7151.55 * CVE-2025-5063: Use after free in Compositing * CVE-2025-5280: Out of bounds write in V8 * CVE-2025-5064: Inappropriate implementation in Background Fetch API * CVE-2025-5065: Inappropriate implementation in FileSystemAccess API * CVE-2025-5066: Inappropriate implementation in Messages * CVE-2025-5281: Inappropriate implementation in BFCache * CVE-2025-5283: Use after free in libvpx * CVE-2025-5067: Inappropriate implementation in Tab Strip - Fix FTBFS causedby simdutf and pdfium-png_decoder - Remove chromium-135-gperf.patch and chromium-135-add-cfi-suppressions-for-pipewire-functions.patch, merged by upstream - Refresh ppc64le patches - Enable system simdutf for F43 * Tue May 27 2025 Jitka Plesnikova - 136.0.7103.113-2 - Rebuilt for flac 1.5.0 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-7f3fdc548a' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Jun 02, 2025
•Critical
Fedora
89
security advisoryfedoraheap overflowFedora 42: FEDORA-2025-eab322e215 critical: chromium memory issues
Update to 136.0.7103.59 * CVE-2025-4096: Heap buffer overflow in HTML * CVE-2025-4050: Out of bounds memory access in DevTools * CVE-2025-4051: Insufficient data validation in DevTools * CVE-2025-4052: Inappropriate implementation in DevTools. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-eab322e215 2025-05-03 02:07:27.616922+00:00 -------------------------------------------------------------------------------- Name : chromium Product : Fedora 42 Version : 136.0.7103.59 Release : 1.fc42 URL : http://www.chromium.org/Home Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use Description : Chromium is an open-source web browser, powered by WebKit (Blink). -------------------------------------------------------------------------------- Update Information: Update to 136.0.7103.59 * CVE-2025-4096: Heap buffer overflow in HTML * CVE-2025-4050: Out of bounds memory access in DevTools * CVE-2025-4051: Insufficient data validation in DevTools * CVE-2025-4052: Inappropriate implementation in DevTools -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 29 2025 Than Ngo - 136.0.7103.59-1 - Update to 136.0.7103.59 * CVE-2025-4096: Heap buffer overflow in HTML * CVE-2025-4050: Out of bounds memory access in DevTools * CVE-2025-4051: Insufficient data validation in DevTools * CVE-2025-4052: Inappropriate implementation in DevTools * Thu Apr 24 2025 Than Ngo - 136.0.7103.48-1 - Update to 136.0.7103.48 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-eab322e215' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages aresigned with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
May 03, 2025
•Critical
Fedora
203
security advisoryapplication securitybrowserMageia 9: 2025-0137 critical: chromium-browser-stable security flaws
Use after free in Site Isolation. (CVE-2025-3066) Inappropriate implementation in Custom Tabs. (CVE-2025-3067) Inappropriate implementation in Intents. (CVE-2025-3068) Inappropriate implementation in Extensions. (CVE-2025-3069) Insufficient validation of untrusted input in Extensions. . MGASA-2025-0137 - Updated chromium-browser-stable packages fix security vulnerabilities Publication date: 17 Apr 2025 URL: https://advisories.mageia.org/MGASA-2025-0137.html Type: security Affected Mageia releases: 9 CVE: CVE-2025-3066, CVE-2025-3067, CVE-2025-3068, CVE-2025-3069, CVE-2025-3070, CVE-2025-3071, CVE-2025-3072, CVE-2025-3073, CVE-2025-3074 Use after free in Site Isolation. (CVE-2025-3066) Inappropriate implementation in Custom Tabs. (CVE-2025-3067) Inappropriate implementation in Intents. (CVE-2025-3068) Inappropriate implementation in Extensions. (CVE-2025-3069) Insufficient validation of untrusted input in Extensions. (CVE-2025-3070) Inappropriate implementation in Navigations. (CVE-2025-3071) Inappropriate implementation in Custom Tabs. (CVE-2025-3072) Inappropriate implementation in Autofill. (CVE-2025-3073) Inappropriate implementation in Downloads. (CVE-2025-3074) References: - https://bugs.mageia.org/show_bug.cgi?id=34156 - https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop.html - https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop_8.html - https://www.cve.org/CVERecord?id=CVE-2025-3066 - https://www.cve.org/CVERecord?id=CVE-2025-3067 - https://www.cve.org/CVERecord?id=CVE-2025-3068 - https://www.cve.org/CVERecord?id=CVE-2025-3069 - https://www.cve.org/CVERecord?id=CVE-2025-3070 - https://www.cve.org/CVERecord?id=CVE-2025-3071 - https://www.cve.org/CVERecord?id=CVE-2025-3072 - https://www.cve.org/CVERecord?id=CVE-2025-3073 - https://www.cve.org/CVERecord?id=CVE-2025-3074 SRPMS: - 9/tainted/chromium-browser-stable-134.0.6998.165-1.mga9.tainted . The latest update for Mageia's firefox-browser-secureaddresses multiple security weaknesses that could compromise user protection and application reliability.. Chromium Browser, Mageia Security, Browser Update, Application Security, Information Exposure. . Severity: Critical. LinuxSecurity.com Team
Apr 17, 2025
•Critical
Mageia
89
security advisoryhigh severityFedoraFedora 40: FEDORA-2024-292aa2c246 high: chromium implementation issues
Update to 131.0.6778.85 * High CVE-2024-11395: Type Confusion in V8 * High CVE-2024-11110: Inappropriate implementation in Blink * Medium CVE-2024-11111: Inappropriate implementation in Autofill * Medium CVE-2024-11112: Use after free in Media. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-292aa2c246 2024-11-26 04:38:12.122783+00:00 -------------------------------------------------------------------------------- Name : chromium Product : Fedora 40 Version : 131.0.6778.85 Release : 2.fc40 URL : http://www.chromium.org/Home Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use Description : Chromium is an open-source web browser, powered by WebKit (Blink). -------------------------------------------------------------------------------- Update Information: Update to 131.0.6778.85 * High CVE-2024-11395: Type Confusion in V8 * High CVE-2024-11110: Inappropriate implementation in Blink * Medium CVE-2024-11111: Inappropriate implementation in Autofill * Medium CVE-2024-11112: Use after free in Media * Medium CVE-2024-11113: Use after free in Accessibility * Medium CVE-2024-11114: Inappropriate implementation in Views * Medium CVE-2024-11115: Insufficient policy enforcement in Navigation * Medium CVE-2024-11116: Inappropriate implementation in Paint * Low CVE-2024-11117: Inappropriate implementation in FileSystem -------------------------------------------------------------------------------- ChangeLog: * Sat Nov 23 2024 Than Ngo - 131.0.6778.85-2 - Enable qt-ui - Workaround for random crash * Wed Nov 20 2024 Than Ngo - 131.0.6778.85-1 - Update to 131.0.6778.85 * High CVE-2024-11395: Type Confusion in V8 * Tue Nov 12 2024 Than Ngo - 131.0.6778.69-1 - Update to 131.0.6778.69 * High CVE-2024-11110: Inappropriate implementation in Blink * Medium CVE-2024-11111: Inappropriate implementation in Autofill * MediumCVE-2024-11112: Use after free in Media * Medium CVE-2024-11113: Use after free in Accessibility * Medium CVE-2024-11114: Inappropriate implementation in Views * Medium CVE-2024-11115: Insufficient policy enforcement in Navigation * Medium CVE-2024-11116: Inappropriate implementation in Paint * Low CVE-2024-11117: Inappropriate implementation in FileSystem -------------------------------------------------------------------------------- References: [ 1 ] Bug #2325761 - CVE-2024-11110 chromium: Inappropriate implementation in Extensions [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2325761 [ 2 ] Bug #2325762 - CVE-2024-11110 chromium: Inappropriate implementation in Extensions [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2325762 [ 3 ] Bug #2325763 - CVE-2024-11111 chromium: Inappropriate implementation in Autofill [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2325763 [ 4 ] Bug #2325764 - CVE-2024-11111 chromium: Inappropriate implementation in Autofill [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2325764 [ 5 ] Bug #2325765 - CVE-2024-11113 chromium: Use after free in Accessibility [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2325765 [ 6 ] Bug #2325766 - CVE-2024-11113 chromium: Use after free in Accessibility [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2325766 [ 7 ] Bug #2325767 - CVE-2024-11116 chromium: Inappropriate implementation in Blink [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2325767 [ 8 ] Bug #2325768 - CVE-2024-11116 chromium: Inappropriate implementation in Blink [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2325768 [ 9 ] Bug #2325769 - CVE-2024-11117 chromium: Inappropriate implementation in FileSystem [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2325769 [ 10 ] Bug #2325770 - CVE-2024-11117 chromium: Inappropriate implementation in FileSystem [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2325770 [ 11 ] Bug #2327554 - CVE-2024-11395 chromium: Type Confusion in V8 [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2327554 [ 12 ] Bug #2327555 - CVE-2024-11395 chromium: Type Confusion in V8 [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2327555 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-292aa2c246' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Nov 26, 2024
Fedora
89
security advisoryfedoraupdateFedora 40: FEDORA-2024-4d80983af6 high: chromium use after free issues
Update to 130.0.6723.58 * High CVE-2024-9954: Use after free in AI * Medium CVE-2024-9955: Use after free in Web Authentication * Medium CVE-2024-9956: Inappropriate implementation in Web Authentication * Medium CVE-2024-9957: Use after free in UI. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-4d80983af6 2024-10-19 01:51:39.049981 -------------------------------------------------------------------------------- Name : chromium Product : Fedora 40 Version : 130.0.6723.58 Release : 1.fc40 URL : http://www.chromium.org/Home Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use Description : Chromium is an open-source web browser, powered by WebKit (Blink). -------------------------------------------------------------------------------- Update Information: Update to 130.0.6723.58 * High CVE-2024-9954: Use after free in AI * Medium CVE-2024-9955: Use after free in Web Authentication * Medium CVE-2024-9956: Inappropriate implementation in Web Authentication * Medium CVE-2024-9957: Use after free in UI * Medium CVE-2024-9958: Inappropriate implementation in PictureInPicture * Medium CVE-2024-9959: Use after free in DevTools * Medium CVE-2024-9960: Use after free in Dawn * Medium CVE-2024-9961: Use after free in Parcel Tracking * Medium CVE-2024-9962: Inappropriate implementation in Permissions * Medium CVE-2024-9963: Insufficient data validation in Downloads * Low CVE-2024-9964: Inappropriate implementation in Payments * Low CVE-2024-9965: Insufficient data validation in DevTools * Low CVE-2024-9966: Inappropriate implementation in Navigations -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 16 2024 Than Ngo - 130.0.6723.58-1 - update to 130.0.6723.58 * High CVE-2024-9954: Use after free in AI * Medium CVE-2024-9955: Use after free in Web Authentication *Medium CVE-2024-9956: Inappropriate implementation in Web Authentication * Medium CVE-2024-9957: Use after free in UI * Medium CVE-2024-9958: Inappropriate implementation in PictureInPicture * Medium CVE-2024-9959: Use after free in DevTools * Medium CVE-2024-9960: Use after free in Dawn * Medium CVE-2024-9961: Use after free in Parcel Tracking * Medium CVE-2024-9962: Inappropriate implementation in Permissions * Medium CVE-2024-9963: Insufficient data validation in Downloads * Low CVE-2024-9964: Inappropriate implementation in Payments * Low CVE-2024-9965: Insufficient data validation in DevTools * Low CVE-2024-9966: Inappropriate implementation in Navigations -------------------------------------------------------------------------------- References: [ 1 ] Bug #2318990 - CVE-2024-9957 chromium: Use after free in UI [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2318990 [ 2 ] Bug #2318991 - CVE-2024-9957 chromium: Use after free in UI [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2318991 [ 3 ] Bug #2318992 - CVE-2024-9961 chromium: Use after free in Parcel Tracking [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2318992 [ 4 ] Bug #2318993 - CVE-2024-9961 chromium: Use after free in Parcel Tracking [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2318993 [ 5 ] Bug #2318996 - CVE-2024-9959 chromium: Use after free in DevTools [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2318996 [ 6 ] Bug #2318998 - CVE-2024-9959 chromium: Use after free in DevTools [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2318998 [ 7 ] Bug #2318999 - CVE-2024-9963 chromium: Insufficient data validation in Downloads [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2318999 [ 8 ] Bug #2319000 - CVE-2024-9963 chromium: Insufficient data validation in Downloads [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2319000 [ 9 ] Bug #2319001 -CVE-2024-9962 chromium: Inappropriate implementation in Permissions [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2319001 [ 10 ] Bug #2319002 - CVE-2024-9962 chromium: Inappropriate implementation in Permissions [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2319002 [ 11 ] Bug #2319003 - CVE-2024-9964 chromium: Inappropriate implementation in Payments [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2319003 [ 12 ] Bug #2319004 - CVE-2024-9964 chromium: Inappropriate implementation in Payments [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2319004 [ 13 ] Bug #2319005 - CVE-2024-9960 chromium: Use after free in Dawn [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2319005 [ 14 ] Bug #2319006 - CVE-2024-9960 chromium: Use after free in Dawn [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2319006 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-4d80983af6' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Oct 19, 2024
Fedora
89
security advisoryupdateFedoraFedora 39: FEDORA-2024-7aba3c1531 high: chromium update critical flaws
update to 129.0.6668.89 High CVE-2024-7025: Integer overflow in Layout High CVE-2024-9369: Insufficient data validation in Mojo High CVE-2024-9370: Inappropriate implementation in V8. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-7aba3c1531 2024-10-06 01:25:35.527082 -------------------------------------------------------------------------------- Name : chromium Product : Fedora 39 Version : 129.0.6668.89 Release : 1.fc39 URL : http://www.chromium.org/Home Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use Description : Chromium is an open-source web browser, powered by WebKit (Blink). -------------------------------------------------------------------------------- Update Information: update to 129.0.6668.89 High CVE-2024-7025: Integer overflow in Layout High CVE-2024-9369: Insufficient data validation in Mojo High CVE-2024-9370: Inappropriate implementation in V8 -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 2 2024 Than Ngo - 129.0.6668.89-1 - update to 129.0.6668.89 * High CVE -2024-7025: Integer overflow in Layout * High CVE-2024-9369: Insufficient data validation in Mojo * High CVE-2024-9370: Inappropriate implementation in V8 * Mon Sep 30 2024 Than Ngo - 129.0.6668.70-3 - add clang-19 support * Fri Sep 27 2024 Dominik Mierzejewski - 129.0.6668.70-2 - Rebuilt for FFmpeg 7 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2314382 - CVE-2021-38023 chromium: Use after free in Extensions in Google Chrome [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2314382 [ 2 ] Bug #2314384 - CVE-2018-20072 chromium: Insufficient data validation in PDF in Google Chrome [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2314384 [ 3 ] Bug #2314582 - CVE-2024-9121 chromium: Inappropriateimplementation in V8 [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2314582 [ 4 ] Bug #2314584 - CVE-2024-9120 chromium: Use after free in Dawn [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2314584 [ 5 ] Bug #2314589 - CVE-2024-9123 chromium: Integer overflow in Skia in Google Chrome [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2314589 [ 6 ] Bug #2314590 - CVE-2024-9122 chromium: Type Confusion in V8 [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2314590 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-7aba3c1531' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Oct 06, 2024
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!