-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-5416cd3040 2023-08-27 00:50:00.561471 --------------------------------------------------------------------------------
Name : chromium Product : Fedora 37 Version : 116.0.5845.96 Release : 1.fc37 URL : http://www.chromium.org/Home Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use Description : Chromium is an open-source web browser, powered by WebKit (Blink).
-------------------------------------------------------------------------------- Update Information:
update to 116.0.5845.96. Fixes following security issues: CVE-2023-2312 CVE-2023-4349 CVE-2023-4350 CVE-2023-4351 CVE-2023-4352 CVE-2023-4353 CVE-2023-4354 CVE-2023-4355 CVE-2023-4356 CVE-2023-4357 CVE-2023-4358 CVE-2023-4359 CVE-2023-4360 CVE-2023-4361 CVE-2023-4362 -------------------------------------------------------------------------------- ChangeLog:
* Tue Aug 15 2023 Than Ngo than@redhat.com - 116.0.5845.96-1 - update to 116.0.5845.96 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2232176 - CVE-2023-2312 chromium-browser: Use after free in Offline https://bugzilla.redhat.com/show_bug.cgi?id=2232176 [ 2 ] Bug #2232177 - CVE-2023-4349 chromium-browser: Use after free in Device Trust Connectors https://bugzilla.redhat.com/show_bug.cgi?id=2232177 [ 3 ] Bug #2232178 - CVE-2023-4350 chromium-browser: Inappropriate implementation in Fullscreen https://bugzilla.redhat.com/show_bug.cgi?id=2232178 [ 4 ] Bug #2232179 - CVE-2023-4351 chromium-browser: Use after free in Network https://bugzilla.redhat.com/show_bug.cgi?id=2232179 [ 5 ] Bug #2232180 - CVE-2023-4352 chromium-browser: Type Confusion in V8 https://bugzilla.redhat.com/show_bug.cgi?id=2232180 [ 6 ] Bug #2232181 - CVE-2023-4353 chromium-browser: Heap buffer overflow in ANGLE https://bugzilla.redhat.com/show_bug.cgi?id=2232181 [ 7 ] Bug #2232182 - CVE-2023-4354 chromium-browser: Heap buffer overflow in Skia https://bugzilla.redhat.com/show_bug.cgi?id=2232182 [ 8 ] Bug #2232183 - CVE-2023-4355 chromium-browser: Out of bounds memory access in V8 https://bugzilla.redhat.com/show_bug.cgi?id=2232183 [ 9 ] Bug #2232184 - CVE-2023-4356 chromium-browser: Use after free in Audio https://bugzilla.redhat.com/show_bug.cgi?id=2232184 [ 10 ] Bug #2232185 - CVE-2023-4357 chromium-browser: Insufficient validation of untrusted input in XML https://bugzilla.redhat.com/show_bug.cgi?id=2232185 [ 11 ] Bug #2232186 - CVE-2023-4358 chromium-browser: Use after free in DNS https://bugzilla.redhat.com/show_bug.cgi?id=2232186 [ 12 ] Bug #2232187 - CVE-2023-4359 chromium-browser: Inappropriate implementation in App Launcher https://bugzilla.redhat.com/show_bug.cgi?id=2232187 [ 13 ] Bug #2232188 - CVE-2023-4360 chromium-browser: Inappropriate implementation in Color https://bugzilla.redhat.com/show_bug.cgi?id=2232188 [ 14 ] Bug #2232189 - CVE-2023-4361 chromium-browser: Inappropriate implementation in Autofill https://bugzilla.redhat.com/show_bug.cgi?id=2232189 [ 15 ] Bug #2232190 - CVE-2023-4362 chromium-browser: Heap buffer overflow in Mojom IDL https://bugzilla.redhat.com/show_bug.cgi?id=2232190 [ 16 ] Bug #2232191 - CVE-2023-4363 chromium-browser: Inappropriate implementation in WebShare https://bugzilla.redhat.com/show_bug.cgi?id=2232191 [ 17 ] Bug #2232192 - CVE-2023-4364 chromium-browser: Inappropriate implementation in Permission Prompts https://bugzilla.redhat.com/show_bug.cgi?id=2232192 [ 18 ] Bug #2232193 - CVE-2023-4365 chromium-browser: Inappropriate implementation in Fullscreen https://bugzilla.redhat.com/show_bug.cgi?id=2232193 [ 19 ] Bug #2232194 - CVE-2023-4366 chromium-browser: Use after free in Extensions https://bugzilla.redhat.com/show_bug.cgi?id=2232194 [ 20 ] Bug #2232195 - CVE-2023-4367 chromium-browser: Insufficient policy enforcement in Extensions API https://bugzilla.redhat.com/show_bug.cgi?id=2232195 [ 21 ] Bug #2232196 - CVE-2023-4368 chromium-browser: Insufficient policy enforcement in Extensions API https://bugzilla.redhat.com/show_bug.cgi?id=2232196 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-5416cd3040' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------