-------------------------------------------------------------------------------- Fedora EPEL Update Notification FEDORA-EPEL-2023-30f3deb00a 2023-05-02 00:46:19.196658 --------------------------------------------------------------------------------
Name : chromium Product : Fedora EPEL 7 Version : 112.0.5615.165 Release : 1.el7 URL : http://www.chromium.org/Home Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use Description : Chromium is an open-source web browser, powered by WebKit (Blink).
-------------------------------------------------------------------------------- Update Information:
update to 112.0.5615.165. Fixes the following security issues: CVE-2023-2004 CVE-2023-2133 CVE-2023-2134 CVE-2023-2135 CVE-2023-2136 CVE-2023-2137 CVE-2023-2033 CVE-2023-2136 ---- update to 112.0.5615.121. Fixes the following security issues: CVE-2023-2004 CVE-2023-2133 CVE-2023-2134 CVE-2023-2135 CVE-2023-2136 CVE-2023-2137 CVE-2023-2033 -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 20 2023 Than Ngo than@redhat.com - 112.0.5615.165-1 - update to 112.0.5615.165 * Mon Apr 17 2023 Than Ngo than@redhat.com - 112.0.5615.121-2 - fix vaapi issue on xwayland - fix the build order, chrome_feed_response_metadata.pb.h file not found - fix compiler flags and typo * Sat Apr 15 2023 Than Ngo than@redhat.com - 112.0.5615.121-1 - update to 112.0.5615.121 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2186431 - CVE-2023-2004 chromium: freetype: integer overflowin in tt_hvadvance_adjust() in src/truetype/ttgxvar.c [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2186431 [ 2 ] Bug #2186878 - CVE-2023-2033 chromium: chromium-browser: Type Confusion in V8 [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2186878 [ 3 ] Bug #2186879 - CVE-2023-2033 chromium: chromium-browser: Type Confusion in V8 [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2186879 [ 4 ] Bug #2186982 - [chromium] GPU process crashes on AMD https://bugzilla.redhat.com/show_bug.cgi?id=2186982 [ 5 ] Bug #2187064 - Crash in chromium https://bugzilla.redhat.com/show_bug.cgi?id=2187064 [ 6 ] Bug #2187346 - Lost ability to apply visual effects https://bugzilla.redhat.com/show_bug.cgi?id=2187346 [ 7 ] Bug #2187772 - Hardware acceleration for chromium is not available, even when forcing it https://bugzilla.redhat.com/show_bug.cgi?id=2187772 [ 8 ] Bug #2187900 - CVE-2023-2133 CVE-2023-2134 CVE-2023-2135 CVE-2023-2136 CVE-2023-2137 chromium: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2187900 [ 9 ] Bug #2187901 - CVE-2023-2133 CVE-2023-2134 CVE-2023-2135 CVE-2023-2136 CVE-2023-2137 chromium: various flaws [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2187901 --------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use su -c 'yum update chromium' at the command line. For more information, refer to "YUM", available at https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7%5C /html/System_Administrators_Guide/ch-yum.html
All packages are signed with the Fedora EPEL GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------
epel-package-announce@lists.fedoraproject.org