On Mon, 2020-11-16 at 10:40 -0500, Todd Zullinger wrote:
Patrick O'Callaghan wrote:
On Mon, 2020-11-16 at 07:01 -0500, Neal Becker wrote:
There are widely reported zero-days related to chrome, and chrome is telling me "update" in the top right corner. If I do update outside of dnf, will the next dnf update still be effective?
I've seen Chrome (when installed via the official rpm packaging from Google) report that it needs restarted to pick up an update that's been installed, but I've never seen it update itself on Linux. (Not that I can't be wrong about that, of course.)
The google-chrome repo managed by Google is generally kept up to date. Are you positive that you haven't installed an update to Chrome since the last time you restarted the app?
I know that several vulnerabilities discussed recently have already been patched and shipped to the google-chrome repo. The latest stable version on the Chrome release page is 86.0.4240.198, which is what's been in the google-chrome package repo since the middle of last week.
AFAIK the built-in updater is not going to coordinate with the RPM database, so I wouldn't do this myself. It may not even install to the same location.
You can always try:
# dnf --enablerepo=updates-testing update google-chrome
to see if there's a more recent version in the testing repo.
Since google-chrome is not in the Fedora repos, it won't be in updates or updates-testing. ;)
Oops, good point. Make that the Chrome repo(s) :-)
poc