FEDORA-2017-c2645aa935 — security update for chromium

stable

chromium-63.0.3239.108-1.fc27

FEDORA-2017-c2645aa935 created by tpopela 7 years ago for Fedora 27

Security fix for CVE-2017-15412 CVE-2017-15422 CVE-2017-15407 CVE-2017-15408 CVE-2017-15409 CVE-2017-15410 CVE-2017-15411 CVE-2017-15413 CVE-2017-15415 CVE-2017-15416 CVE-2017-15417 CVE-2017-15418 CVE-2017-15419 CVE-2017-15420 CVE-2017-15423 CVE-2017-15424 CVE-2017-15425 CVE-2017-15426 CVE-2017-15427 CVE-2017-15429

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2017-c2645aa935

This update has been submitted for testing by tpopela.

7 years ago

tpopela edited this update.

7 years ago

This update has been pushed to testing.

7 years ago

imabug provided feedback 7 years ago

karma

renault commented & provided feedback 7 years ago

karma

Works fine

g6avk commented & provided feedback 7 years ago

karma

Works for me..

This update has reached the stable karma threshold and can be pushed to stable now if the maintainer wishes.

7 years ago

churchyard commented & provided feedback 7 years ago

The freeworld package is on it's way.

@tpopela May I push this one to stable when the freeworld package is ready?

tpopela commented & provided feedback 7 years ago

@churchyard yes please.. do that with F26 once it get some karma..

alciregi commented & provided feedback 7 years ago

karma

It looks good

kparal commented & provided feedback 7 years ago

karma

opened up a few pages, seems to work

This update has been submitted for batched by churchyard.

7 years ago

This update has been submitted for stable by churchyard.

7 years ago

This update has been pushed to stable.

7 years ago

Please login to add feedback.

Metadata

Type

security

Severity

high

Karma

Signed

Content Type

RPM

Test Gating

None

Autopush Settings

Unstable by Karma

-3

Stable by Karma

disabled

Stable by Time

disabled

Dates

submitted

7 years ago

in testing

7 years ago

in stable

7 years ago

modified

7 years ago

Builds

chromium-63.0.3239.108-1.fc27

BZ#1523123 CVE-2017-15407 chromium-browser: out of bounds write in quic

BZ#1523124 CVE-2017-15408 chromium-browser: heap buffer overflow in pdfium

BZ#1523125 CVE-2017-15409 chromium-browser: out of bounds write in skia

BZ#1523126 CVE-2017-15410 chromium-browser: use after free in pdfium

BZ#1523127 CVE-2017-15411 chromium-browser: use after free in pdfium

BZ#1523128 CVE-2017-15412 chromium-browser: use after free in libxml

BZ#1523129 CVE-2017-15413 chromium-browser: type confusion in webassembly

BZ#1523130 CVE-2017-15415 chromium-browser: pointer information disclosure in ipc call

BZ#1523131 CVE-2017-15416 chromium-browser: out of bounds read in blink

BZ#1523132 CVE-2017-15417 chromium-browser: cross origin information disclosure in skia

BZ#1523133 CVE-2017-15418 chromium-browser: use of uninitialized value in skia

BZ#1523134 CVE-2017-15419 chromium-browser: cross origin leak of redirect url in blink

BZ#1523135 CVE-2017-15420 chromium-browser: url spoofing in omnibox

BZ#1523136 CVE-2017-15422 chromium-browser: integer overflow in icu

BZ#1523137 CVE-2017-15423 chromium-browser: issue with spake implementation in boringssl

BZ#1523138 CVE-2017-15424 chromium-browser: url spoof in omnibox

BZ#1523139 CVE-2017-15425 chromium-browser: url spoof in omnibox

BZ#1523140 CVE-2017-15426 chromium-browser: url spoof in omnibox

BZ#1523141 CVE-2017-15427 chromium-browser: insufficient blocking of javascript in omnibox

BZ#1523145 CVE-2017-15407 CVE-2017-15408 CVE-2017-15409 CVE-2017-15410 CVE-2017-15411 CVE-2017-15412 CVE-2017-15413 CVE-2017-15415 CVE-2017-15416 CVE-2017-15417 CVE-2017-15418 CVE-2017-15419 CVE-2017-15420 CVE-2017-15422 ... chromium: various flaws [fedora-all]

BZ#1526405 CVE-2017-15429 chromium-browser: uxss in v8

BZ#1526406 CVE-2017-15429 chromium: chromium-browser: uxss in v8 [fedora-all]

chromium-63.0.3239.108-1.fc27

Automated Test Results

None