-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2019-a1af621faf 2019-07-25 01:50:47.363555 --------------------------------------------------------------------------------
Name : chromium Product : Fedora 29 Version : 75.0.3770.100 Release : 3.fc29 URL : http://www.chromium.org/Home Summary : A WebKit (Blink) powered web browser Description : Chromium is an open-source web browser, powered by WebKit (Blink).
-------------------------------------------------------------------------------- Update Information:
Fix itinerant crashes. ---- Update to Chromium 75.0.3770.100. The usual pile of bugs and CVE fixes. vaapi support disabled, just too broken. :( Fixes CVE-2019-5805 CVE-2019-5806 CVE-2019-5807 CVE-2019-5808 CVE-2019-5809 CVE-2019-5810 CVE-2019-5811 CVE-2019-5813 CVE-2019-5814 CVE-2019-5815 CVE-2019-5818 CVE-2019-5819 CVE-2019-5820 CVE-2019-5821 CVE-2019-5822 CVE-2019-5824 CVE-2019-5825 CVE-2019-5826 CVE-2019-5827 CVE-2019-5828 CVE-2019-5829 CVE-2019-5830 CVE-2019-5831 CVE-2019-5832 CVE-2019-5833 CVE-2019-5834 CVE-2019-5835 CVE-2019-5836 CVE-2019-5837 CVE-2019-5838 CVE-2019-5839 CVE-2019-5840 CVE-2019-5842 -------------------------------------------------------------------------------- ChangeLog:
* Tue Jul 2 2019 Tom Callaway spot@fedoraproject.org - 75.0.3770.100-3 - apply upstream fix to resolve issue where it is dangerous to post a task with a RenderProcessHost pointer because the RenderProcessHost can go away before the task is run (causing a segfault). * Tue Jun 25 2019 Tom Callaway spot@fedoraproject.org - 75.0.3770.100-2 - fix v8 compile with gcc * Thu Jun 20 2019 Tom Callaway spot@fedoraproject.org - 75.0.3770.100-1 - update to 75.0.3770.100 * Fri Jun 14 2019 Tom Callaway spot@fedoraproject.org - 75.0.3770.90-1 - update to 75.0.3770.90 * Wed Jun 5 2019 Tom Callaway spot@fedoraproject.org - 75.0.3770.80-1 - update to 75.0.3770.80 - disable vaapi (via conditional), too broken * Fri May 31 2019 Tom Callaway spot@fedoraproject.org - 74.0.3729.169-1 - update to 74.0.3729.169 * Thu Apr 11 2019 Tom Callaway spot@fedoraproject.org - 73.0.3683.103-1 - update to 73.0.3683.103 - add CLONE_VFORK logic to seccomp filter for linux to handle glibc 2.29 change * Wed Mar 27 2019 Tom Callaway spot@fedoraproject.org - 73.0.3683.86-2 - remove lang macro from en-US.pak* because Chromium crashes if it is not present (bz1692660) * Fri Mar 22 2019 Tom Callaway spot@fedoraproject.org - 73.0.3683.86-1 - update to 73.0.3683.86 * Tue Mar 19 2019 Tom Callaway spot@fedoraproject.org - 73.0.3683.75-2 - do not include pyproto/protoc files in package * Tue Mar 12 2019 Tom Callaway spot@fedoraproject.org - 73.0.3683.75-1 - update to 73.0.3683.75 * Sat Mar 9 2019 Tom Callaway spot@fedoraproject.org - 72.0.3626.121-1 - update to 72.0.3626.121 * Tue Feb 26 2019 Tom Callaway spot@fedoraproject.org - 71.0.3578.98-5 - rebuild for libva api change * Thu Jan 31 2019 Fedora Release Engineering releng@fedoraproject.org - 71.0.3578.98-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Mon Jan 21 2019 Tom Callaway spot@fedoraproject.org - 71.0.3578.98-3 - rebuild with widevine fix * Tue Jan 8 2019 Tom Callaway spot@fedoraproject.org - 71.0.3578.98-2 - drop rsp clobber, which breaks gcc9 (thanks to Jeff Law) * Fri Dec 14 2018 Tom Callaway spot@fedoraproject.org - 71.0.3578.98-1 - update to 71.0.3578.98 * Tue Nov 27 2018 Tom Callaway spot@fedoraproject.org - 70.0.3538.110-2 - enable vaapi support (thanks to Akarshan Biswas for doing the hard work here) * Mon Nov 26 2018 Tom Callaway spot@fedoraproject.org - 70.0.3538.110-1 - update to .110 * Wed Nov 7 2018 Tom Callaway spot@fedoraproject.org - 70.0.3538.77-4 - fix library requires filtering * Tue Nov 6 2018 Tom Callaway spot@fedoraproject.org - 70.0.3538.77-3 - fix build with harfbuzz2 in rawhide * Mon Nov 5 2018 Tom Callaway spot@fedoraproject.org - 70.0.3538.77-2 - drop jumbo_file_merge_limit to 8 to (hopefully) avoid OOMs on aarch64 * Fri Nov 2 2018 Tom Callaway spot@fedoraproject.org - 70.0.3538.77-1 - .77 came out while I was working on this. :/ * Fri Nov 2 2018 Tom Callaway spot@fedoraproject.org - 70.0.3538.67-1 - update to 70 * Tue Oct 16 2018 Tom Callaway spot@fedoraproject.org - 69.0.3497.100-2 - do not play with fonts on freeworld builds * Thu Oct 4 2018 Tom Callaway spot@fedoraproject.org - 69.0.3497.100-1 - update to 69.0.3497.100 * Wed Sep 12 2018 Tom Callaway spot@fedoraproject.org - 69.0.3497.92-1 - update to 69.0.3497.92 * Wed Sep 5 2018 Tom Callaway spot@fedoraproject.org - 69.0.3497.81-1 - update to 69.0.3497.81 * Tue Aug 28 2018 Patrik Novotn�� panovotn@redhat.com - 68.0.3440.106-4 - change requires to minizip-compat(-devel), rhbz#1609830, rhbz#1615381 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1720544 - CVE-2019-5842 chromium-browser: Use-after-free in Blink https://bugzilla.redhat.com/show_bug.cgi?id=1720544 [ 2 ] Bug #1718269 - CVE-2019-5840 chromium-browser: Popup blocker bypass https://bugzilla.redhat.com/show_bug.cgi?id=1718269 [ 3 ] Bug #1718268 - CVE-2019-5839 chromium-browser: Incorrect handling of certain code points in Blink https://bugzilla.redhat.com/show_bug.cgi?id=1718268 [ 4 ] Bug #1718267 - CVE-2019-5838 chromium-browser: Overly permissive tab access in Extensions https://bugzilla.redhat.com/show_bug.cgi?id=1718267 [ 5 ] Bug #1718266 - CVE-2019-5837 chromium-browser: Cross-origin resources size disclosure in Appcache https://bugzilla.redhat.com/show_bug.cgi?id=1718266 [ 6 ] Bug #1718264 - CVE-2019-5836 chromium-browser: Heap buffer overflow in Angle https://bugzilla.redhat.com/show_bug.cgi?id=1718264 [ 7 ] Bug #1718263 - CVE-2019-5835 chromium-browser: Out of bounds read in Swiftshader https://bugzilla.redhat.com/show_bug.cgi?id=1718263 [ 8 ] Bug #1718262 - CVE-2019-5834 chromium-browser: URL spoof in Omnibox on iOS https://bugzilla.redhat.com/show_bug.cgi?id=1718262 [ 9 ] Bug #1718261 - CVE-2019-5833 chromium-browser: Inconsistent security UI placement https://bugzilla.redhat.com/show_bug.cgi?id=1718261 [ 10 ] Bug #1718260 - CVE-2019-5832 chromium-browser: Incorrect CORS handling in XHR https://bugzilla.redhat.com/show_bug.cgi?id=1718260 [ 11 ] Bug #1718259 - CVE-2019-5831 chromium-browser: Incorrect map processing in V8 https://bugzilla.redhat.com/show_bug.cgi?id=1718259 [ 12 ] Bug #1718258 - CVE-2019-5830 chromium-browser: Incorrectly credentialed requests in CORS https://bugzilla.redhat.com/show_bug.cgi?id=1718258 [ 13 ] Bug #1718257 - CVE-2019-5829 chromium-browser: Use after free in Download Manager https://bugzilla.redhat.com/show_bug.cgi?id=1718257 [ 14 ] Bug #1718256 - CVE-2019-5828 chromium-browser: Use after free in ServiceWorker https://bugzilla.redhat.com/show_bug.cgi?id=1718256 [ 15 ] Bug #1706805 - CVE-2019-5827 chromium-browser: out-of-bounds access in SQLite https://bugzilla.redhat.com/show_bug.cgi?id=1706805 [ 16 ] Bug #1706812 - CVE-2019-5824 chromium-browser: parameter passing error in media player leading to unauthorized access https://bugzilla.redhat.com/show_bug.cgi?id=1706812 [ 17 ] Bug #1707248 - CVE-2019-5826 chromium-browser: Use-after-free in IndexedDB https://bugzilla.redhat.com/show_bug.cgi?id=1707248 [ 18 ] Bug #1707247 - CVE-2019-5825 chromium-browser: Out-of-bounds write in V8 https://bugzilla.redhat.com/show_bug.cgi?id=1707247 [ 19 ] Bug #1702913 - CVE-2019-5823 chromium-browser: Forced navigation from service worker https://bugzilla.redhat.com/show_bug.cgi?id=1702913 [ 20 ] Bug #1702912 - CVE-2019-5822 chromium-browser: CORS bypass in download manager https://bugzilla.redhat.com/show_bug.cgi?id=1702912 [ 21 ] Bug #1702911 - CVE-2019-5821 chromium-browser: Integer overflow in PDFium https://bugzilla.redhat.com/show_bug.cgi?id=1702911 [ 22 ] Bug #1702910 - CVE-2019-5820 chromium-browser: Integer overflow in PDFium https://bugzilla.redhat.com/show_bug.cgi?id=1702910 [ 23 ] Bug #1702909 - CVE-2019-5819 chromium-browser: Incorrect escaping in developer tools https://bugzilla.redhat.com/show_bug.cgi?id=1702909 [ 24 ] Bug #1702908 - CVE-2019-5818 chromium-browser: Uninitialized value in media reader https://bugzilla.redhat.com/show_bug.cgi?id=1702908 [ 25 ] Bug #1702907 - CVE-2019-5817 chromium-browser: Heap buffer overflow in Angle on Windows https://bugzilla.redhat.com/show_bug.cgi?id=1702907 [ 26 ] Bug #1702906 - CVE-2019-5816 chromium-browser: Exploit persistence extension on Android https://bugzilla.redhat.com/show_bug.cgi?id=1702906 [ 27 ] Bug #1702905 - CVE-2019-5815 chromium-browser: Heap buffer overflow in Blink https://bugzilla.redhat.com/show_bug.cgi?id=1702905 [ 28 ] Bug #1702904 - CVE-2019-5814 chromium-browser: CORS bypass in Blink https://bugzilla.redhat.com/show_bug.cgi?id=1702904 [ 29 ] Bug #1702903 - CVE-2019-5813 chromium-browser: Out of bounds read in V8 https://bugzilla.redhat.com/show_bug.cgi?id=1702903 [ 30 ] Bug #1702902 - CVE-2019-5812 chromium-browser: URL spoof in Omnibox on iOS https://bugzilla.redhat.com/show_bug.cgi?id=1702902 [ 31 ] Bug #1702901 - CVE-2019-5811 chromium-browser: CORS bypass in Blink https://bugzilla.redhat.com/show_bug.cgi?id=1702901 [ 32 ] Bug #1702900 - CVE-2019-5810 chromium-browser: User information disclosure in Autofill https://bugzilla.redhat.com/show_bug.cgi?id=1702900 [ 33 ] Bug #1702899 - CVE-2019-5809 chromium-browser: Use after free in Blink https://bugzilla.redhat.com/show_bug.cgi?id=1702899 [ 34 ] Bug #1702898 - CVE-2019-5808 chromium-browser: Use after free in Blink https://bugzilla.redhat.com/show_bug.cgi?id=1702898 [ 35 ] Bug #1702897 - CVE-2019-5807 chromium-browser: Memory corruption in V8 https://bugzilla.redhat.com/show_bug.cgi?id=1702897 [ 36 ] Bug #1702896 - CVE-2019-5806 chromium-browser: Integer overflow in Angle https://bugzilla.redhat.com/show_bug.cgi?id=1702896 [ 37 ] Bug #1702895 - CVE-2019-5805 chromium-browser: Use after free in PDFium https://bugzilla.redhat.com/show_bug.cgi?id=1702895 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-a1af621faf' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------