[SECURITY] Fedora 39 Update: chromium-124.0.6367.60-2.fc39

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-12edb9dec8 2024-04-23 01:19:23.700926 -------------------------------------------------------------------------------- Name : chromium Product : Fedora 39 Version : 124.0.6367.60 Release : 2.fc39 URL : http://www.chromium.org/Home Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use Description : Chromium is an open-source web browser, powered by WebKit (Blink). -------------------------------------------------------------------------------- Update Information: update to 124.0.6367.60 High CVE-2024-3832: Object corruption in V8 High CVE-2024-3833: Object corruption in WebAssembly High CVE-2024-3914: Use after free in V8 High CVE-2024-3834: Use after free in Downloads Medium CVE-2024-3837: Use after free in QUIC Medium CVE-2024-3838: Inappropriate implementation in Autofill Medium CVE-2024-3839: Out of bounds read in Fonts Medium CVE-2024-3840: Insufficient policy enforcement in Site Isolation Medium CVE-2024-3841: Insufficient data validation in Browser Switcher Medium CVE-2024-3843: Insufficient data validation in Downloads Low CVE-2024-3844: Inappropriate implementation in Extensions Low CVE-2024-3845: Inappropriate implementation in Network Low CVE-2024-3846: Inappropriate implementation in Prompts Low CVE-2024-3847: Insufficient policy enforcement in WebUI -------------------------------------------------------------------------------- ChangeLog: * Sat Apr 20 2024 Than Ngo <than(a)redhat.com&gt; - 124.0.6367.60-2 - fix waylang regression * Tue Apr 16 2024 Than Ngo <than(a)redhat.com&gt; - 124.0.6367.60-1 - update to 124.0.6367.60 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2275546 - CVE-2024-3833 CVE-2024-3834 CVE-2024-3837 CVE-2024-3839 CVE-2024-3840 CVE-2024-3841 CVE-2024-3843 CVE-2024-3844 CVE-2024-3845 CVE-2024-3846 CVE-2024-3847 chromium: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2275546 [ 2 ] Bug #2275816 - CVE-2024-3914 chromium: chromium-browser: use after free in V8 [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2275816 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-12edb9dec8' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------