FEDORA-2018-4a16e37c81 — security update for chromium

stable

chromium-69.0.3497.92-1.fc27

FEDORA-2018-4a16e37c81 created by spot 5 years ago for Fedora 27

Update to Chromium 69. (EPEL-7 update is blocked by a GCC bug: 1629813, so as soon as devtoolset-8 arrives...)

Fixes a lot of security issues, like every major release of Chromium, including CVE-2018-16087 CVE-2018-16088 CVE-2018-16086CVE-2018-16065 CVE-2018-16066 CVE-2018-16067 CVE-2018-16068 CVE-2018-16069 CVE-2018-16070 CVE-2018-16071 CVE-2018-16072 CVE-2018-16073 CVE-2018-16074 CVE-2018-16075 CVE-2018-16076 CVE-2018-16077 CVE-2018-16078

Update to Chromium 68. Security fix for CVE-2018-4117 CVE-2018-6044 CVE-2018-6150 CVE-2018-6151 CVE-2018-6152 CVE-2018-6153 CVE-2018-6154 CVE-2018-6155 CVE-2018-6156 CVE-2018-6157 CVE-2018-6158 CVE-2018-6159 CVE-2018-6161 CVE-2018-6162 CVE-2018-6163 CVE-2018-6149

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2018-4a16e37c81

This update has been submitted for testing by spot.

5 years ago

This update has obsoleted chromium-68.0.3440.106-3.fc27, and has inherited its bugs and notes.

5 years ago

This update has been pushed to testing.

5 years ago

kwizart commented & provided feedback 5 years ago

karma

To be updated along chromium-*freeworld whatever

BZ#1590682 CVE-2018-6149 chromium: chromium-browser: Out of bounds write in V8 [fedora-all]

BZ#1628084 CVE-2018-17458 CVE-2018-17459 chromium: various flaws [fedora-all]

vascom commented & provided feedback 5 years ago

karma

Work good.

leigh123linux commented & provided feedback 5 years ago

karma

WFM

This update has been submitted for batched by bodhi.

5 years ago

leigh123linux commented & provided feedback 5 years ago

karma

WFM

This update has been submitted for batched by bodhi.

5 years ago

leigh123linux commented & provided feedback 5 years ago

karma

WFM

This update has been submitted for batched by bodhi.

5 years ago

leigh123linux commented & provided feedback 5 years ago

karma

WFM

This update has been submitted for batched by bodhi.

5 years ago

This update has been submitted for stable by bodhi.

5 years ago

This update has been pushed to stable.

5 years ago

Please login to add feedback.

Metadata

Type

security

Karma

Signed

Content Type

RPM

Test Gating

ignored

Builds

chromium-69.0.3497.92-1.fc27

Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

disabled

Dates

submitted

5 years ago

in testing

5 years ago

in stable

5 years ago

BZ#1590682 CVE-2018-6149 chromium: chromium-browser: Out of bounds write in V8 [fedora-all]

BZ#1590683 CVE-2018-6149 chromium: chromium-browser: Out of bounds write in V8 [epel-7]

BZ#1608177 CVE-2018-6153 chromium-browser: Stack buffer overflow in Skia

BZ#1608178 CVE-2018-6154 chromium-browser: Heap buffer overflow in WebGL

BZ#1608179 CVE-2018-6155 chromium-browser: Use after free in WebRTC

BZ#1608180 CVE-2018-6156 chromium-browser: Heap buffer overflow in WebRTC

BZ#1608181 CVE-2018-6157 chromium-browser: Type confusion in WebRTC

BZ#1608182 CVE-2018-6158 chromium-browser: Use after free in Blink

BZ#1608183 CVE-2018-6159 chromium-browser: Same origin policy bypass in ServiceWorker

BZ#1608184 CVE-2018-6160 chromium-browser: URL spoof in Chrome on iOS

BZ#1608185 CVE-2018-6161 chromium-browser: Same origin policy bypass in WebAudio

BZ#1608186 CVE-2018-6162 chromium-browser: Heap buffer overflow in WebGL

BZ#1608187 CVE-2018-6163 chromium-browser: URL spoof in Omnibox

BZ#1608188 CVE-2018-6164 chromium-browser: Same origin policy bypass in ServiceWorker

BZ#1608189 CVE-2018-6165 chromium-browser: URL spoof in Omnibox

BZ#1608190 CVE-2018-6166 chromium-browser: URL spoof in Omnibox

BZ#1608191 CVE-2018-6167 chromium-browser: URL spoof in Omnibox

BZ#1608192 CVE-2018-6168 chromium-browser: CORS bypass in Blink

BZ#1608193 CVE-2018-6169 chromium-browser: Permissions bypass in extension installation

BZ#1608194 CVE-2018-6170 chromium-browser: Type confusion in PDFium

BZ#1608195 CVE-2018-6171 chromium-browser: Use after free in WebBluetooth

BZ#1608196 CVE-2018-6172 chromium-browser: URL spoof in Omnibox

BZ#1608197 CVE-2018-6173 chromium-browser: URL spoof in Omnibox

BZ#1608198 CVE-2018-6174 chromium-browser: Integer overflow in SwiftShader

BZ#1608199 CVE-2018-6175 chromium-browser: URL spoof in Omnibox

BZ#1608200 CVE-2018-6176 chromium-browser: Local user privilege escalation in Extensions

BZ#1608201 CVE-2018-6177 chromium-browser: Cross origin information leak in Blink

BZ#1608202 CVE-2018-6178 chromium-browser: UI spoof in Extensions

BZ#1608203 CVE-2018-6179 chromium-browser: Local file information leak in Extensions

BZ#1608204 CVE-2018-6044 chromium-browser: Request privilege escalation in Extensions

BZ#1608205 CVE-2018-4117 chromium-browser: Cross origin information leak in Blink

BZ#1608206 CVE-2018-6150 chromium-browser: Cross origin information disclosure in Service Workers

BZ#1608207 CVE-2018-6151 chromium-browser: Bad cast in DevTools

BZ#1608208 CVE-2018-6152 chromium-browser: Local file write in DevTools

BZ#1608210 CVE-2018-4117 CVE-2018-6044 CVE-2018-6150 CVE-2018-6151 CVE-2018-6152 CVE-2018-6153 CVE-2018-6154 CVE-2018-6155 CVE-2018-6156 CVE-2018-6157 CVE-2018-6158 CVE-2018-6159 CVE-2018-6161 CVE-2018-6162 CVE-2018-6163 ... chromium: various flaws [fedora-all]

BZ#1608211 CVE-2018-4117 CVE-2018-6044 CVE-2018-6150 CVE-2018-6151 CVE-2018-6152 CVE-2018-6153 CVE-2018-6154 CVE-2018-6155 CVE-2018-6156 CVE-2018-6157 CVE-2018-6158 CVE-2018-6159 CVE-2018-6161 CVE-2018-6162 CVE-2018-6163 ... chromium: various flaws [epel-7]

BZ#1625466 CVE-2018-16065 chromium-browser: Out of bounds write in V8

BZ#1625467 CVE-2018-16066 chromium-browser: Out of bounds read in Blink

BZ#1625469 CVE-2018-16067 chromium-browser: Out of bounds read in WebAudio

BZ#1625470 CVE-2018-16068 chromium-browser: Out of bounds write in Mojo

BZ#1625471 CVE-2018-16069 chromium-browser: Out of bounds read in SwiftShader

BZ#1625472 CVE-2018-16070 chromium-browser: Integer overflow in Skia

BZ#1625473 CVE-2018-16071 chromium-browser: Use after free in WebRTC

BZ#1625474 CVE-2018-16072 chromium-browser: Cross origin pixel leak in Chrome's interaction with Android's MediaPlayer

BZ#1625475 CVE-2018-16073 chromium-browser: Site Isolation bypass after tab restore

BZ#1625476 CVE-2018-16074 chromium-browser: Site Isolation bypass using Blob URLS

BZ#1625477 CVE-2018-16075 chromium-browser: Local file access in Blink

BZ#1625478 CVE-2018-16076 chromium-browser: Out of bounds read in PDFium

BZ#1625479 CVE-2018-16077 chromium-browser: Content security policy bypass in Blink

BZ#1625480 CVE-2018-16078 chromium-browser: Credit card information leak in Autofill

BZ#1625481 CVE-2018-16079 chromium-browser: URL spoof in permission dialogs

BZ#1625482 CVE-2018-16080 chromium-browser: URL spoof in full screen mode

BZ#1625484 CVE-2018-16081 chromium-browser: Local file access in DevTools

BZ#1625485 CVE-2018-16082 chromium-browser: Stack buffer overflow in SwiftShader

BZ#1625486 CVE-2018-16083 chromium-browser: Out of bounds read in WebRTC

BZ#1625487 CVE-2018-16084 chromium-browser: User confirmation bypass in external protocol handling

BZ#1625488 CVE-2018-16085 chromium-browser: Use after free in Memory Instrumentation

BZ#1625491 CVE-2018-16065 CVE-2018-16066 CVE-2018-16067 CVE-2018-16068 CVE-2018-16069 CVE-2018-16070 CVE-2018-16071 CVE-2018-16072 CVE-2018-16073 CVE-2018-16074 CVE-2018-16075 CVE-2018-16076 CVE-2018-16077 CVE-2018-16078 ... chromium: various flaws [fedora-all]

BZ#1628078 CVE-2018-17458 chromium-browser: Function signature mismatch in WebAssembly

BZ#1628080 CVE-2018-17459 chromium-browser: URL Spoofing in Omnibox

BZ#1628084 CVE-2018-17458 CVE-2018-17459 chromium: various flaws [fedora-all]

chromium-69.0.3497.92-1.fc27

Automated Test Results

ignored