-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2022-bcb096166f 2022-07-01 01:16:02.429589 --------------------------------------------------------------------------------
Name : chromium Product : Fedora 35 Version : 102.0.5005.115 Release : 1.fc35 URL : http://www.chromium.org/Home Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use Description : Chromium is an open-source web browser, powered by WebKit (Blink).
-------------------------------------------------------------------------------- Update Information:
Update to 102.0.5005.115. Fixes: CVE-2022-1633 CVE-2022-1634 CVE-2022-1635 CVE-2022-1636 CVE-2022-1637 CVE-2022-1638 CVE-2022-1639 CVE-2022-1640 CVE-2022-1641 CVE-2022-1853 CVE-2022-1854 CVE-2022-1855 CVE-2022-1856 CVE-2022-1857 CVE-2022-1858 CVE-2022-1859 CVE-2022-1860 CVE-2022-1861 CVE-2022-1862 CVE-2022-1863 CVE-2022-1864 CVE-2022-1865 CVE-2022-1866 CVE-2022-1867 CVE-2022-1868 CVE-2022-1869 CVE-2022-1870 CVE-2022-1871 CVE-2022-1872 CVE-2022-1873 CVE-2022-1874 CVE-2022-1875 CVE-2022-1876 -------------------------------------------------------------------------------- ChangeLog:
* Fri Jun 10 2022 Tom Callaway spot@fedoraproject.org - 102.0.5005.115-1 - update to 102.0.5005.115 * Fri Jun 3 2022 Tom Callaway spot@fedoraproject.org - 102.0.5005.61-1 - update to 102.0.5005.61 * Wed Apr 27 2022 Tom Callaway spot@fedoraproject.org - 101.0.4951.41-1 - update to 101.0.4951.41 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2084016 - CVE-2022-1633 chromium-browser: Use after free in Sharesheet https://bugzilla.redhat.com/show_bug.cgi?id=2084016 [ 2 ] Bug #2084017 - CVE-2022-1634 chromium-browser: Use after free in Browser UI https://bugzilla.redhat.com/show_bug.cgi?id=2084017 [ 3 ] Bug #2084018 - CVE-2022-1635 chromium-browser: Use after free in Permission Prompts https://bugzilla.redhat.com/show_bug.cgi?id=2084018 [ 4 ] Bug #2084019 - CVE-2022-1636 chromium-browser: Use after free in Performance APIs https://bugzilla.redhat.com/show_bug.cgi?id=2084019 [ 5 ] Bug #2084020 - CVE-2022-1637 chromium-browser: Inappropriate implementation in Web Contents https://bugzilla.redhat.com/show_bug.cgi?id=2084020 [ 6 ] Bug #2084021 - CVE-2022-1638 chromium-browser: Heap buffer overflow in V8 Internationalization https://bugzilla.redhat.com/show_bug.cgi?id=2084021 [ 7 ] Bug #2084022 - CVE-2022-1639 chromium-browser: Use after free in ANGLE https://bugzilla.redhat.com/show_bug.cgi?id=2084022 [ 8 ] Bug #2084023 - CVE-2022-1640 chromium-browser: Use after free in Sharing https://bugzilla.redhat.com/show_bug.cgi?id=2084023 [ 9 ] Bug #2084024 - CVE-2022-1641 chromium-browser: Use after free in Web UI Diagnostics https://bugzilla.redhat.com/show_bug.cgi?id=2084024 [ 10 ] Bug #2090284 - CVE-2022-1853 chromium-browser: Use after free in Indexed DB https://bugzilla.redhat.com/show_bug.cgi?id=2090284 [ 11 ] Bug #2090285 - CVE-2022-1854 chromium-browser: Use after free in ANGLE https://bugzilla.redhat.com/show_bug.cgi?id=2090285 [ 12 ] Bug #2090286 - CVE-2022-1855 chromium-browser: Use after free in Messaging https://bugzilla.redhat.com/show_bug.cgi?id=2090286 [ 13 ] Bug #2090287 - CVE-2022-1856 chromium-browser: Use after free in User Education https://bugzilla.redhat.com/show_bug.cgi?id=2090287 [ 14 ] Bug #2090288 - CVE-2022-1857 chromium-browser: Insufficient policy enforcement in File System API https://bugzilla.redhat.com/show_bug.cgi?id=2090288 [ 15 ] Bug #2090289 - CVE-2022-1858 chromium-browser: Out of bounds read in DevTools https://bugzilla.redhat.com/show_bug.cgi?id=2090289 [ 16 ] Bug #2090290 - CVE-2022-1859 chromium-browser: Use after free in Performance Manager https://bugzilla.redhat.com/show_bug.cgi?id=2090290 [ 17 ] Bug #2090291 - CVE-2022-1860 chromium-browser: Use after free in UI Foundations https://bugzilla.redhat.com/show_bug.cgi?id=2090291 [ 18 ] Bug #2090292 - CVE-2022-1861 chromium-browser: Use after free in Sharing https://bugzilla.redhat.com/show_bug.cgi?id=2090292 [ 19 ] Bug #2090293 - CVE-2022-1862 chromium-browser: Inappropriate implementation in Extensions https://bugzilla.redhat.com/show_bug.cgi?id=2090293 [ 20 ] Bug #2090294 - CVE-2022-1863 chromium-browser: Use after free in Tab Groups https://bugzilla.redhat.com/show_bug.cgi?id=2090294 [ 21 ] Bug #2090295 - CVE-2022-1864 chromium-browser: Use after free in WebApp Installs https://bugzilla.redhat.com/show_bug.cgi?id=2090295 [ 22 ] Bug #2090296 - CVE-2022-1865 chromium-browser: Use after free in Bookmarks https://bugzilla.redhat.com/show_bug.cgi?id=2090296 [ 23 ] Bug #2090297 - CVE-2022-1866 chromium-browser: Use after free in Tablet Mode https://bugzilla.redhat.com/show_bug.cgi?id=2090297 [ 24 ] Bug #2090298 - CVE-2022-1867 chromium-browser: Insufficient validation of untrusted input in Data Transfer https://bugzilla.redhat.com/show_bug.cgi?id=2090298 [ 25 ] Bug #2090299 - CVE-2022-1868 chromium-browser: Inappropriate implementation in Extensions API https://bugzilla.redhat.com/show_bug.cgi?id=2090299 [ 26 ] Bug #2090300 - CVE-2022-1869 chromium-browser: Type Confusion in V8 https://bugzilla.redhat.com/show_bug.cgi?id=2090300 [ 27 ] Bug #2090303 - CVE-2022-1870 chromium-browser: Use after free in App Service https://bugzilla.redhat.com/show_bug.cgi?id=2090303 [ 28 ] Bug #2090304 - CVE-2022-1871 chromium-browser: Insufficient policy enforcement in File System API https://bugzilla.redhat.com/show_bug.cgi?id=2090304 [ 29 ] Bug #2090305 - CVE-2022-1872 chromium-browser: Insufficient policy enforcement in Extensions API https://bugzilla.redhat.com/show_bug.cgi?id=2090305 [ 30 ] Bug #2090306 - CVE-2022-1873 chromium-browser: Insufficient policy enforcement in COOP https://bugzilla.redhat.com/show_bug.cgi?id=2090306 [ 31 ] Bug #2090307 - CVE-2022-1874 chromium-browser: Insufficient policy enforcement in Safe Browsing https://bugzilla.redhat.com/show_bug.cgi?id=2090307 [ 32 ] Bug #2090308 - CVE-2022-1875 chromium-browser: Inappropriate implementation in PDF https://bugzilla.redhat.com/show_bug.cgi?id=2090308 [ 33 ] Bug #2090309 - CVE-2022-1876 chromium-browser: Heap buffer overflow in DevTools https://bugzilla.redhat.com/show_bug.cgi?id=2090309 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-bcb096166f' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------