[SECURITY] Fedora 35 Update: chromium-102.0.5005.115-1.fc35

1 Jul 2022


      --------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-bcb096166f
2022-07-01 01:16:02.429589
--------------------------------------------------------------------------------
Name        : chromium
Product     : Fedora 35
Version     : 102.0.5005.115
Release     : 1.fc35
URL         : http://www.chromium.org/Home
Summary     : A WebKit (Blink) powered web browser that Google doesn't want you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).
--------------------------------------------------------------------------------
Update Information:
Update to 102.0.5005.115.   Fixes: CVE-2022-1633 CVE-2022-1634 CVE-2022-1635
CVE-2022-1636 CVE-2022-1637 CVE-2022-1638 CVE-2022-1639 CVE-2022-1640
CVE-2022-1641 CVE-2022-1853 CVE-2022-1854 CVE-2022-1855 CVE-2022-1856
CVE-2022-1857 CVE-2022-1858 CVE-2022-1859 CVE-2022-1860 CVE-2022-1861
CVE-2022-1862 CVE-2022-1863 CVE-2022-1864 CVE-2022-1865 CVE-2022-1866
CVE-2022-1867 CVE-2022-1868 CVE-2022-1869 CVE-2022-1870 CVE-2022-1871
CVE-2022-1872 CVE-2022-1873 CVE-2022-1874 CVE-2022-1875 CVE-2022-1876
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jun 10 2022 Tom Callaway spot@fedoraproject.org - 102.0.5005.115-1
- update to 102.0.5005.115
* Fri Jun  3 2022 Tom Callaway spot@fedoraproject.org - 102.0.5005.61-1
- update to 102.0.5005.61
* Wed Apr 27 2022 Tom Callaway spot@fedoraproject.org - 101.0.4951.41-1
- update to 101.0.4951.41
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2084016 - CVE-2022-1633 chromium-browser: Use after free in Sharesheet
        https://bugzilla.redhat.com/show_bug.cgi?id=2084016
  [ 2 ] Bug #2084017 - CVE-2022-1634 chromium-browser: Use after free in Browser UI
        https://bugzilla.redhat.com/show_bug.cgi?id=2084017
  [ 3 ] Bug #2084018 - CVE-2022-1635 chromium-browser: Use after free in Permission Prompts
        https://bugzilla.redhat.com/show_bug.cgi?id=2084018
  [ 4 ] Bug #2084019 - CVE-2022-1636 chromium-browser: Use after free in Performance APIs
        https://bugzilla.redhat.com/show_bug.cgi?id=2084019
  [ 5 ] Bug #2084020 - CVE-2022-1637 chromium-browser: Inappropriate implementation in Web Contents
        https://bugzilla.redhat.com/show_bug.cgi?id=2084020
  [ 6 ] Bug #2084021 - CVE-2022-1638 chromium-browser: Heap buffer overflow in V8 Internationalization
        https://bugzilla.redhat.com/show_bug.cgi?id=2084021
  [ 7 ] Bug #2084022 - CVE-2022-1639 chromium-browser: Use after free in ANGLE
        https://bugzilla.redhat.com/show_bug.cgi?id=2084022
  [ 8 ] Bug #2084023 - CVE-2022-1640 chromium-browser: Use after free in Sharing
        https://bugzilla.redhat.com/show_bug.cgi?id=2084023
  [ 9 ] Bug #2084024 - CVE-2022-1641 chromium-browser: Use after free in Web UI Diagnostics
        https://bugzilla.redhat.com/show_bug.cgi?id=2084024
  [ 10 ] Bug #2090284 - CVE-2022-1853 chromium-browser: Use after free in Indexed DB
        https://bugzilla.redhat.com/show_bug.cgi?id=2090284
  [ 11 ] Bug #2090285 - CVE-2022-1854 chromium-browser: Use after free in ANGLE
        https://bugzilla.redhat.com/show_bug.cgi?id=2090285
  [ 12 ] Bug #2090286 - CVE-2022-1855 chromium-browser: Use after free in Messaging
        https://bugzilla.redhat.com/show_bug.cgi?id=2090286
  [ 13 ] Bug #2090287 - CVE-2022-1856 chromium-browser: Use after free in User Education
        https://bugzilla.redhat.com/show_bug.cgi?id=2090287
  [ 14 ] Bug #2090288 - CVE-2022-1857 chromium-browser: Insufficient policy enforcement in File System API
        https://bugzilla.redhat.com/show_bug.cgi?id=2090288
  [ 15 ] Bug #2090289 - CVE-2022-1858 chromium-browser: Out of bounds read in DevTools
        https://bugzilla.redhat.com/show_bug.cgi?id=2090289
  [ 16 ] Bug #2090290 - CVE-2022-1859 chromium-browser: Use after free in Performance Manager
        https://bugzilla.redhat.com/show_bug.cgi?id=2090290
  [ 17 ] Bug #2090291 - CVE-2022-1860 chromium-browser: Use after free in UI Foundations
        https://bugzilla.redhat.com/show_bug.cgi?id=2090291
  [ 18 ] Bug #2090292 - CVE-2022-1861 chromium-browser: Use after free in Sharing
        https://bugzilla.redhat.com/show_bug.cgi?id=2090292
  [ 19 ] Bug #2090293 - CVE-2022-1862 chromium-browser: Inappropriate implementation in Extensions
        https://bugzilla.redhat.com/show_bug.cgi?id=2090293
  [ 20 ] Bug #2090294 - CVE-2022-1863 chromium-browser: Use after free in Tab Groups
        https://bugzilla.redhat.com/show_bug.cgi?id=2090294
  [ 21 ] Bug #2090295 - CVE-2022-1864 chromium-browser: Use after free in WebApp Installs
        https://bugzilla.redhat.com/show_bug.cgi?id=2090295
  [ 22 ] Bug #2090296 - CVE-2022-1865 chromium-browser: Use after free in Bookmarks
        https://bugzilla.redhat.com/show_bug.cgi?id=2090296
  [ 23 ] Bug #2090297 - CVE-2022-1866 chromium-browser: Use after free in Tablet Mode
        https://bugzilla.redhat.com/show_bug.cgi?id=2090297
  [ 24 ] Bug #2090298 - CVE-2022-1867 chromium-browser: Insufficient validation of untrusted input in Data Transfer
        https://bugzilla.redhat.com/show_bug.cgi?id=2090298
  [ 25 ] Bug #2090299 - CVE-2022-1868 chromium-browser: Inappropriate implementation in Extensions API
        https://bugzilla.redhat.com/show_bug.cgi?id=2090299
  [ 26 ] Bug #2090300 - CVE-2022-1869 chromium-browser: Type Confusion in V8
        https://bugzilla.redhat.com/show_bug.cgi?id=2090300
  [ 27 ] Bug #2090303 - CVE-2022-1870 chromium-browser: Use after free in App Service
        https://bugzilla.redhat.com/show_bug.cgi?id=2090303
  [ 28 ] Bug #2090304 - CVE-2022-1871 chromium-browser: Insufficient policy enforcement in File System API
        https://bugzilla.redhat.com/show_bug.cgi?id=2090304
  [ 29 ] Bug #2090305 - CVE-2022-1872 chromium-browser: Insufficient policy enforcement in Extensions API
        https://bugzilla.redhat.com/show_bug.cgi?id=2090305
  [ 30 ] Bug #2090306 - CVE-2022-1873 chromium-browser: Insufficient policy enforcement in COOP
        https://bugzilla.redhat.com/show_bug.cgi?id=2090306
  [ 31 ] Bug #2090307 - CVE-2022-1874 chromium-browser: Insufficient policy enforcement in Safe Browsing
        https://bugzilla.redhat.com/show_bug.cgi?id=2090307
  [ 32 ] Bug #2090308 - CVE-2022-1875 chromium-browser: Inappropriate implementation in PDF
        https://bugzilla.redhat.com/show_bug.cgi?id=2090308
  [ 33 ] Bug #2090309 - CVE-2022-1876 chromium-browser: Heap buffer overflow in DevTools
        https://bugzilla.redhat.com/show_bug.cgi?id=2090309
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-bcb096166f' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[SECURITY] Fedora 35 Update: chromium-102.0.5005.115-1.fc35