FEDORA-2018-010396b4a2

security update in Fedora 26 for chromium

Status: obsolete

Update to Chromium 65. For EPEL7, it has been a long time since a successful build has been possible, so this will fix a LOT of CVEs.

CVE-2017-15396 CVE-2017-15407 CVE-2017-15408 CVE-2017-15409 CVE-2017-15410 CVE-2017-15411 CVE-2017-15412 CVE-2017-15413 CVE-2017-15415 CVE-2017-15416 CVE-2017-15417 CVE-2017-15418 CVE-2017-15419 CVE-2017-15420 CVE-2017-15422 CVE-2018-6056 CVE-2018-6406 CVE-2018-6057 CVE-2018-6058 CVE-2018-6059 CVE-2018-6060 CVE-2018-6061 CVE-2018-6062 CVE-2018-6063 CVE-2018-6064 CVE-2018-6065 CVE-2018-6066 CVE-2018-6067 CVE-2018-6068 CVE-2018-6069 CVE-2018-6070 CVE-2018-6071

Comments 4

This update has been submitted for testing by spot.

This update has been pushed to testing.

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

This update has been obsoleted by chromium-66.0.3359.181-2.fc26.

Content Type
RPM
Status
obsolete
Test Gating
Submitted by
Update Type
security
Update Severity
unspecified
Karma
0
stable threshold: 3
unstable threshold: -3
Autopush
Enabled
Dates
submitted a year ago
in testing a year ago

Related Bugs 58

00 #1506944 CVE-2017-15396 chromium: chromium-browser: stack overflow in v8 [fedora-all]
00 #1516479 chromium package missing NSS version dependency
00 #1523123 CVE-2017-15407 chromium-browser: out of bounds write in quic
00 #1523124 CVE-2017-15408 chromium-browser: heap buffer overflow in pdfium
00 #1523125 CVE-2017-15409 chromium-browser: out of bounds write in skia
00 #1523126 CVE-2017-15410 chromium-browser: use after free in pdfium
00 #1523127 CVE-2017-15411 chromium-browser: use after free in pdfium
00 #1523128 CVE-2017-15412 chromium-browser: use after free in libxml
00 #1523129 CVE-2017-15413 chromium-browser: type confusion in webassembly
00 #1523130 CVE-2017-15415 chromium-browser: pointer information disclosure in ipc call
00 #1523131 CVE-2017-15416 chromium-browser: out of bounds read in blink
00 #1523132 CVE-2017-15417 chromium-browser: cross origin information disclosure in skia
00 #1523133 CVE-2017-15418 chromium-browser: use of uninitialized value in skia
00 #1523134 CVE-2017-15419 chromium-browser: cross origin leak of redirect url in blink
00 #1523135 CVE-2017-15420 chromium-browser: url spoofing in omnibox
00 #1523136 CVE-2017-15422 chromium-browser: integer overflow in icu
00 #1523137 CVE-2017-15423 chromium-browser: issue with spake implementation in boringssl
00 #1523138 CVE-2017-15424 chromium-browser: url spoof in omnibox
00 #1523139 CVE-2017-15425 chromium-browser: url spoof in omnibox
00 #1523140 CVE-2017-15426 chromium-browser: url spoof in omnibox
00 #1523141 CVE-2017-15427 chromium-browser: insufficient blocking of javascript in omnibox
00 #1523143 CVE-2017-15407 CVE-2017-15408 CVE-2017-15409 CVE-2017-15410 CVE-2017-15411 CVE-2017-15412 CVE-2017-15413 CVE-2017-15415 CVE-2017-15416 CVE-2017-15417 CVE-2017-15418 CVE-2017-15419 CVE-2017-15420 CVE-2017-15422 ... chromium: various flaws [epel-7]
00 #1545062 CVE-2018-6056 chromium-browser: incorrect derived class instantiation in v8
00 #1545064 CVE-2018-6056 chromium: chromium-browser: incorrect derived class instantiation in v8 [epel-7]
00 #1545066 CVE-2018-6056 chromium: chromium-browser: incorrect derived class instantiation in v8 [fedora-all]
00 #1545241 Startup Notification not supported by Chromium
00 #1547349 CVE-2018-6406 libwebm: Out of bounds read in libwebm_util.cc:ParseVP9SuperFrameIndex() can lead to information leak or potential denial of service
00 #1547350 CVE-2018-6406 chromium: chromium-browser: Out of bounds read in libwebm_util.cc:ParseVP9SuperFrameIndex() can lead to information leak or potential denial of service [epel-7]
00 #1547351 CVE-2018-6406 chromium: chromium-browser: Out of bounds read in libwebm_util.cc:ParseVP9SuperFrameIndex() can lead to information leak or potential denial of service [fedora-all]
00 #1552474 CVE-2018-6058 chromium-browser: use-after-free in flash
00 #1552475 CVE-2018-6059 chromium-browser: use-after-free in flash
00 #1552476 CVE-2018-6060 chromium-browser: use-after-free in blink
00 #1552477 CVE-2018-6061 chromium-browser: race condition in v8
00 #1552478 CVE-2018-6062 chromium-browser: heap buffer overflow in skia
00 #1552479 CVE-2018-6057 chromium-browser: incorrect permissions on shared memory
00 #1552480 CVE-2018-6063 chromium-browser: incorrect permissions on shared memory
00 #1552481 CVE-2018-6064 chromium-browser: type confusion in v8
00 #1552482 CVE-2018-6065 chromium-browser: integer overflow in v8
00 #1552483 CVE-2018-6066 chromium-browser: same origin bypass via canvas
00 #1552484 CVE-2018-6067 chromium-browser: buffer overflow in skia
00 #1552485 CVE-2018-6068 chromium-browser: object lifecycle issues in chrome custom tab
00 #1552486 CVE-2018-6069 chromium-browser: stack buffer overflow in skia
00 #1552487 CVE-2018-6070 chromium-browser: csp bypass through extensions
00 #1552488 CVE-2018-6071 chromium-browser: heap bufffer overflow in skia
00 #1552489 CVE-2018-6072 chromium-browser: integer overflow in pdfium
00 #1552490 CVE-2018-6073 chromium-browser: heap bufffer overflow in webgl
00 #1552491 CVE-2018-6074 chromium-browser: mark-of-the-web bypass
00 #1552492 CVE-2018-6075 chromium-browser: overly permissive cross origin downloads
00 #1552493 CVE-2018-6076 chromium-browser: incorrect handling of url fragment identifiers in blink
00 #1552494 CVE-2018-6077 chromium-browser: timing attack using svg filters
00 #1552495 CVE-2018-6078 chromium-browser: url spoof in omnibox
00 #1552496 CVE-2018-6079 chromium-browser: information disclosure via texture data in webgl
00 #1552497 CVE-2018-6080 chromium-browser: information disclosure in ipc call
00 #1552498 CVE-2018-6081 chromium-browser: xss in interstitials
00 #1552499 CVE-2018-6082 chromium-browser: circumvention of port blocking
00 #1552500 CVE-2018-6083 chromium-browser: incorrect processing of appmanifests
00 #1552502 CVE-2018-6057 CVE-2018-6060 CVE-2018-6061 CVE-2018-6062 CVE-2018-6063 CVE-2018-6064 CVE-2018-6065 CVE-2018-6066 CVE-2018-6067 CVE-2018-6069 CVE-2018-6070 CVE-2018-6071 CVE-2018-6072 CVE-2018-6073 CVE-2018-6074 ... chromium: various flaws [fedora-all]
00 #1552504 CVE-2018-6057 CVE-2018-6060 CVE-2018-6061 CVE-2018-6062 CVE-2018-6063 CVE-2018-6064 CVE-2018-6065 CVE-2018-6066 CVE-2018-6067 CVE-2018-6069 CVE-2018-6070 CVE-2018-6071 CVE-2018-6072 CVE-2018-6073 CVE-2018-6074 ... chromium: various flaws [epel-7]

Automated Test Results