FEDORA-2018-1f83cbeb3c created by spot 2 years ago for Fedora 26
obsolete

Update to 66.0.3359.181. Security fix for CVE-2018-6085 CVE-2018-6086 CVE-2018-6087 CVE-2018-6088 CVE-2018-6089 CVE-2018-6090 CVE-2018-6091 CVE-2018-6092 CVE-2018-6093 CVE-2018-6094 CVE-2018-6095 CVE-2018-6096 CVE-2018-6097 CVE-2018-6098 CVE-2018-6099 CVE-2018-6100 CVE-2018-6101 CVE-2018-6102 CVE-2018-6103 CVE-2018-6104 CVE-2018-6105 CVE-2018-6106 CVE-2018-6107 CVE-2018-6108 CVE-2018-6109 CVE-2018-6110 CVE-2018-6111 CVE-2018-6112 CVE-2018-6113 CVE-2018-6114 CVE-2018-6116 CVE-2018-6117 CVE-2018-6118 CVE-2018-6121 CVE-2018-6122 CVE-2018-6120


Update to Chromium 65. For EPEL7, it has been a long time since a successful build has been possible, so this will fix a LOT of CVEs.

CVE-2017-15396 CVE-2017-15407 CVE-2017-15408 CVE-2017-15409 CVE-2017-15410 CVE-2017-15411 CVE-2017-15412 CVE-2017-15413 CVE-2017-15415 CVE-2017-15416 CVE-2017-15417 CVE-2017-15418 CVE-2017-15419 CVE-2017-15420 CVE-2017-15422 CVE-2018-6056 CVE-2018-6406 CVE-2018-6057 CVE-2018-6058 CVE-2018-6059 CVE-2018-6060 CVE-2018-6061 CVE-2018-6062 CVE-2018-6063 CVE-2018-6064 CVE-2018-6065 CVE-2018-6066 CVE-2018-6067 CVE-2018-6068 CVE-2018-6069 CVE-2018-6070 CVE-2018-6071

This update has been submitted for testing by spot.

2 years ago

This update has obsoleted chromium-65.0.3325.181-1.fc26, and has inherited its bugs and notes.

2 years ago

This update has been pushed to testing.

2 years ago

Hello spot, The releases for Fedora 28, 27 and EPEL 7 seem to to fix the same issues however the release for Fedora 26 seems to fix more, is this right? I am confused as the previous fedora release was chromium-65.0.3325.181-1.fc26 just like for Fedora 27, 28 and EPEL 7.

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

2 years ago

Please login to add feedback.

Metadata
Type
security
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Dates
submitted
2 years ago
in testing
2 years ago
BZ#1506944 CVE-2017-15396 chromium: chromium-browser: stack overflow in v8 [fedora-all]
0
0
BZ#1516479 chromium package missing NSS version dependency
0
0
BZ#1523123 CVE-2017-15407 chromium-browser: out of bounds write in quic
0
0
BZ#1523124 CVE-2017-15408 chromium-browser: heap buffer overflow in pdfium
0
0
BZ#1523125 CVE-2017-15409 chromium-browser: out of bounds write in skia
0
0
BZ#1523126 CVE-2017-15410 chromium-browser: use after free in pdfium
0
0
BZ#1523127 CVE-2017-15411 chromium-browser: use after free in pdfium
0
0
BZ#1523128 CVE-2017-15412 chromium-browser: use after free in libxml
0
0
BZ#1523129 CVE-2017-15413 chromium-browser: type confusion in webassembly
0
0
BZ#1523130 CVE-2017-15415 chromium-browser: pointer information disclosure in ipc call
0
0
BZ#1523131 CVE-2017-15416 chromium-browser: out of bounds read in blink
0
0
BZ#1523132 CVE-2017-15417 chromium-browser: cross origin information disclosure in skia
0
0
BZ#1523133 CVE-2017-15418 chromium-browser: use of uninitialized value in skia
0
0
BZ#1523134 CVE-2017-15419 chromium-browser: cross origin leak of redirect url in blink
0
0
BZ#1523135 CVE-2017-15420 chromium-browser: url spoofing in omnibox
0
0
BZ#1523136 CVE-2017-15422 chromium-browser: integer overflow in icu
0
0
BZ#1523137 CVE-2017-15423 chromium-browser: issue with spake implementation in boringssl
0
0
BZ#1523138 CVE-2017-15424 chromium-browser: url spoof in omnibox
0
0
BZ#1523139 CVE-2017-15425 chromium-browser: url spoof in omnibox
0
0
BZ#1523140 CVE-2017-15426 chromium-browser: url spoof in omnibox
0
0
BZ#1523141 CVE-2017-15427 chromium-browser: insufficient blocking of javascript in omnibox
0
0
BZ#1523143 CVE-2017-15407 CVE-2017-15408 CVE-2017-15409 CVE-2017-15410 CVE-2017-15411 CVE-2017-15412 CVE-2017-15413 CVE-2017-15415 CVE-2017-15416 CVE-2017-15417 CVE-2017-15418 CVE-2017-15419 CVE-2017-15420 CVE-2017-15422 ... chromium: various flaws [epel-7]
0
0
BZ#1545062 CVE-2018-6056 chromium-browser: incorrect derived class instantiation in v8
0
0
BZ#1545064 CVE-2018-6056 chromium: chromium-browser: incorrect derived class instantiation in v8 [epel-7]
0
0
BZ#1545066 CVE-2018-6056 chromium: chromium-browser: incorrect derived class instantiation in v8 [fedora-all]
0
0
BZ#1545241 Startup Notification not supported by Chromium
0
0
BZ#1547349 CVE-2018-6406 libwebm: Out of bounds read in libwebm_util.cc:ParseVP9SuperFrameIndex() can lead to information leak or potential denial of service
0
0
BZ#1547350 CVE-2018-6406 chromium: chromium-browser: Out of bounds read in libwebm_util.cc:ParseVP9SuperFrameIndex() can lead to information leak or potential denial of service [epel-7]
0
0
BZ#1547351 CVE-2018-6406 chromium: chromium-browser: Out of bounds read in libwebm_util.cc:ParseVP9SuperFrameIndex() can lead to information leak or potential denial of service [fedora-all]
0
0
BZ#1552474 CVE-2018-6058 chromium-browser: use-after-free in flash
0
0
BZ#1552475 CVE-2018-6059 chromium-browser: use-after-free in flash
0
0
BZ#1552476 CVE-2018-6060 chromium-browser: use-after-free in blink
0
0
BZ#1552477 CVE-2018-6061 chromium-browser: race condition in v8
0
0
BZ#1552478 CVE-2018-6062 chromium-browser: heap buffer overflow in skia
0
0
BZ#1552479 CVE-2018-6057 chromium-browser: incorrect permissions on shared memory
0
0
BZ#1552480 CVE-2018-6063 chromium-browser: incorrect permissions on shared memory
0
0
BZ#1552481 CVE-2018-6064 chromium-browser: type confusion in v8
0
0
BZ#1552482 CVE-2018-6065 chromium-browser: integer overflow in v8
0
0
BZ#1552483 CVE-2018-6066 chromium-browser: same origin bypass via canvas
0
0
BZ#1552484 CVE-2018-6067 chromium-browser: buffer overflow in skia
0
0
BZ#1552485 CVE-2018-6068 chromium-browser: object lifecycle issues in chrome custom tab
0
0
BZ#1552486 CVE-2018-6069 chromium-browser: stack buffer overflow in skia
0
0
BZ#1552487 CVE-2018-6070 chromium-browser: csp bypass through extensions
0
0
BZ#1552488 CVE-2018-6071 chromium-browser: heap bufffer overflow in skia
0
0
BZ#1552489 CVE-2018-6072 chromium-browser: integer overflow in pdfium
0
0
BZ#1552490 CVE-2018-6073 chromium-browser: heap bufffer overflow in webgl
0
0
BZ#1552491 CVE-2018-6074 chromium-browser: mark-of-the-web bypass
0
0
BZ#1552492 CVE-2018-6075 chromium-browser: overly permissive cross origin downloads
0
0
BZ#1552493 CVE-2018-6076 chromium-browser: incorrect handling of url fragment identifiers in blink
0
0
BZ#1552494 CVE-2018-6077 chromium-browser: timing attack using svg filters
0
0
BZ#1552495 CVE-2018-6078 chromium-browser: url spoof in omnibox
0
0
BZ#1552496 CVE-2018-6079 chromium-browser: information disclosure via texture data in webgl
0
0
BZ#1552497 CVE-2018-6080 chromium-browser: information disclosure in ipc call
0
0
BZ#1552498 CVE-2018-6081 chromium-browser: xss in interstitials
0
0
BZ#1552499 CVE-2018-6082 chromium-browser: circumvention of port blocking
0
0
BZ#1552500 CVE-2018-6083 chromium-browser: incorrect processing of appmanifests
0
0
BZ#1552502 CVE-2018-6057 CVE-2018-6060 CVE-2018-6061 CVE-2018-6062 CVE-2018-6063 CVE-2018-6064 CVE-2018-6065 CVE-2018-6066 CVE-2018-6067 CVE-2018-6069 CVE-2018-6070 CVE-2018-6071 CVE-2018-6072 CVE-2018-6073 CVE-2018-6074 ... chromium: various flaws [fedora-all]
0
0
BZ#1552504 CVE-2018-6057 CVE-2018-6060 CVE-2018-6061 CVE-2018-6062 CVE-2018-6063 CVE-2018-6064 CVE-2018-6065 CVE-2018-6066 CVE-2018-6067 CVE-2018-6069 CVE-2018-6070 CVE-2018-6071 CVE-2018-6072 CVE-2018-6073 CVE-2018-6074 ... chromium: various flaws [epel-7]
0
0
BZ#1568761 CVE-2018-6085 chromium-browser: Use after free in Disk Cache
0
0
BZ#1568762 CVE-2018-6086 chromium-browser: Use after free in Disk Cache
0
0
BZ#1568763 CVE-2018-6087 chromium-browser: Use after free in WebAssembly
0
0
BZ#1568764 CVE-2018-6088 chromium-browser: Use after free in PDFium
0
0
BZ#1568765 CVE-2018-6089 chromium-browser: Same origin policy bypass in Service Worker
0
0
BZ#1568766 CVE-2018-6090 chromium-browser: Heap buffer overflow in Skia
0
0
BZ#1568767 CVE-2018-6091 chromium-browser: Incorrect handling of plug-ins by Service Worker
0
0
BZ#1568769 CVE-2018-6092 chromium-browser: Integer overflow in WebAssembly
0
0
BZ#1568770 CVE-2018-6093 chromium-browser: Same origin bypass in Service Worker
0
0
BZ#1568771 CVE-2018-6094 chromium-browser: Exploit hardening regression in Oilpan
0
0
BZ#1568773 CVE-2018-6095 chromium-browser: Lack of meaningful user interaction requirement before file upload
0
0
BZ#1568774 CVE-2018-6096 chromium-browser: Fullscreen UI spoof
0
0
BZ#1568775 CVE-2018-6097 chromium-browser: Fullscreen UI spoof
0
0
BZ#1568776 CVE-2018-6098 chromium-browser: URL spoof in Omnibox
0
0
BZ#1568777 CVE-2018-6099 chromium-browser: CORS bypass in ServiceWorker
0
0
BZ#1568778 CVE-2018-6100 chromium-browser: URL spoof in Omnibox
0
0
BZ#1568779 CVE-2018-6101 chromium-browser: Insufficient protection of remote debugging prototol in DevTools
0
0
BZ#1568780 CVE-2018-6102 chromium-browser: URL spoof in Omnibox
0
0
BZ#1568781 CVE-2018-6103 chromium-browser: UI spoof in Permissions
0
0
BZ#1568782 CVE-2018-6104 chromium-browser: URL spoof in Omnibox
0
0
BZ#1568785 CVE-2018-6105 chromium-browser: URL spoof in Omnibox
0
0
BZ#1568786 CVE-2018-6106 chromium-browser: Incorrect handling of promises in V8
0
0
BZ#1568787 CVE-2018-6107 chromium-browser: URL spoof in Omnibox
0
0
BZ#1568788 CVE-2018-6108 chromium-browser: URL spoof in Omnibox
0
0
BZ#1568789 CVE-2018-6109 chromium-browser: Incorrect handling of files by FileAPI
0
0
BZ#1568790 CVE-2018-6110 chromium-browser: Incorrect handling of plaintext files via file://
0
0
BZ#1568791 CVE-2018-6111 chromium-browser: Heap-use-after-free in DevTools
0
0
BZ#1568792 CVE-2018-6112 chromium-browser: Incorrect URL handling in DevTools
0
0
BZ#1568793 CVE-2018-6113 chromium-browser: URL spoof in Navigation
0
0
BZ#1568794 CVE-2018-6114 chromium-browser: CSP bypass
0
0
BZ#1568795 CVE-2018-6115 chromium-browser: SmartScreen bypass in downloads
0
0
BZ#1568796 CVE-2018-6116 chromium-browser: Incorrect low memory handling in WebAssembly
0
0
BZ#1568797 CVE-2018-6117 chromium-browser: Confusing autofill settings
0
0
BZ#1568801 CVE-2018-6085 CVE-2018-6086 CVE-2018-6087 CVE-2018-6088 CVE-2018-6089 CVE-2018-6090 CVE-2018-6091 CVE-2018-6092 CVE-2018-6093 CVE-2018-6094 CVE-2018-6095 CVE-2018-6096 CVE-2018-6097 CVE-2018-6098 CVE-2018-6099 ... chromium: various flaws [fedora-all]
0
0
BZ#1573856 CVE-2018-6118 chromium-browser: Use after free in Media Cache
0
0
BZ#1573857 CVE-2018-6118 chromium: chromium-browser: Use after free in Media Cache [fedora-all]
0
0
BZ#1577113 CVE-2018-6121 chromium-browser: Privilege Escalation in extensions
0
0
BZ#1577114 CVE-2018-6122 chromium-browser: Type confusion in V8
0
0
BZ#1577115 CVE-2018-6120 chromium-browser: Heap buffer overflow in PDFium
0
0
BZ#1577119 CVE-2018-6120 CVE-2018-6121 CVE-2018-6122 chromium: various flaws [fedora-all]
0
0

Automated Test Results