FEDORA-2018-39be36e9fc created by spot 2 years ago for Fedora 29
stable

Security fixes for CVE-2018-6055 CVE-2018-6119 CVE-2018-16429 CVE-2018-16428


Update to Chromium 69. (EPEL-7 update is blocked by a GCC bug: 1629813, so as soon as devtoolset-8 arrives...)

Fixes a lot of security issues, like every major release of Chromium, including CVE-2018-16087 CVE-2018-16088 CVE-2018-16086CVE-2018-16065 CVE-2018-16066 CVE-2018-16067 CVE-2018-16068 CVE-2018-16069 CVE-2018-16070 CVE-2018-16071 CVE-2018-16072 CVE-2018-16073 CVE-2018-16074 CVE-2018-16075 CVE-2018-16076 CVE-2018-16077 CVE-2018-16078

How to install

sudo dnf upgrade --advisory=FEDORA-2018-39be36e9fc

This update has been submitted for testing by spot.

2 years ago

This update has obsoleted chromium-69.0.3497.92-1.fc29, and has inherited its bugs and notes.

2 years ago
User Icon churchyard commented & provided feedback 2 years ago
karma

Sent from 69.0.3497.100.

This update has been pushed to testing.

2 years ago
User Icon davisclick provided feedback 2 years ago
karma
User Icon davisclick commented & provided feedback 2 years ago
karma

work for me.

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

2 years ago

This update has been submitted for batched by spot.

2 years ago

This update has been submitted for stable by bodhi.

2 years ago
User Icon hellbangerkarna commented & provided feedback 2 years ago
karma

Works

User Icon hellbangerkarna commented & provided feedback 2 years ago
karma

Works

This update has been submitted for batched by spot.

2 years ago

This update has been submitted for stable by bodhi.

2 years ago

This update has been pushed to stable.

2 years ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
3
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
disabled
Dates
submitted
2 years ago
in testing
2 years ago
in stable
2 years ago
BZ#1625466 CVE-2018-16065 chromium-browser: Out of bounds write in V8
0
0
BZ#1625467 CVE-2018-16066 chromium-browser: Out of bounds read in Blink
0
0
BZ#1625469 CVE-2018-16067 chromium-browser: Out of bounds read in WebAudio
0
0
BZ#1625470 CVE-2018-16068 chromium-browser: Out of bounds write in Mojo
0
0
BZ#1625471 CVE-2018-16069 chromium-browser: Out of bounds read in SwiftShader
0
0
BZ#1625472 CVE-2018-16070 chromium-browser: Integer overflow in Skia
0
0
BZ#1625473 CVE-2018-16071 chromium-browser: Use after free in WebRTC
0
0
BZ#1625474 CVE-2018-16072 chromium-browser: Cross origin pixel leak in Chrome's interaction with Android's MediaPlayer
0
0
BZ#1625475 CVE-2018-16073 chromium-browser: Site Isolation bypass after tab restore
0
0
BZ#1625476 CVE-2018-16074 chromium-browser: Site Isolation bypass using Blob URLS
0
0
BZ#1625477 CVE-2018-16075 chromium-browser: Local file access in Blink
0
0
BZ#1625478 CVE-2018-16076 chromium-browser: Out of bounds read in PDFium
0
0
BZ#1625479 CVE-2018-16077 chromium-browser: Content security policy bypass in Blink
0
0
BZ#1625480 CVE-2018-16078 chromium-browser: Credit card information leak in Autofill
0
0
BZ#1625481 CVE-2018-16079 chromium-browser: URL spoof in permission dialogs
0
0
BZ#1625482 CVE-2018-16080 chromium-browser: URL spoof in full screen mode
0
0
BZ#1625484 CVE-2018-16081 chromium-browser: Local file access in DevTools
0
0
BZ#1625485 CVE-2018-16082 chromium-browser: Stack buffer overflow in SwiftShader
0
0
BZ#1625486 CVE-2018-16083 chromium-browser: Out of bounds read in WebRTC
0
0
BZ#1625487 CVE-2018-16084 chromium-browser: User confirmation bypass in external protocol handling
0
0
BZ#1625488 CVE-2018-16085 chromium-browser: Use after free in Memory Instrumentation
0
0
BZ#1625491 CVE-2018-16065 CVE-2018-16066 CVE-2018-16067 CVE-2018-16068 CVE-2018-16069 CVE-2018-16070 CVE-2018-16071 CVE-2018-16072 CVE-2018-16073 CVE-2018-16074 CVE-2018-16075 CVE-2018-16076 CVE-2018-16077 CVE-2018-16078 ... chromium: various flaws [fedora-all]
0
0
BZ#1626164 CVE-2018-16428 chromium: glib2: NULL pointer dereference in g_markup_parse_context_end_parse() function in gmarkup.c [fedora-all]
0
0
BZ#1626173 CVE-2018-16429 chromium: glib2: Out-of-bounds read in g_markup_parse_context_parse() in gmarkup.c [fedora-all]
0
0
BZ#1628078 CVE-2018-17458 chromium-browser: Function signature mismatch in WebAssembly
0
0
BZ#1628080 CVE-2018-17459 chromium-browser: URL Spoofing in Omnibox
0
0
BZ#1628084 CVE-2018-17458 CVE-2018-17459 chromium: various flaws [fedora-all]
0
0
BZ#1633391 CVE-2018-6119 chromium: chromium-browser: Spoof of contents of the Omnibox (URL bar) via a crafted HTML page [fedora-all]
0
0
BZ#1633394 CVE-2018-6055 chromium: chromium-browser: Insufficient policy enforcement in Catalog Service [fedora-all]
0
0

Automated Test Results