FEDORA-2018-fd194a1f14 — security update for chromium

stable

chromium-70.0.3538.110-1.fc28

FEDORA-2018-fd194a1f14 created by spot 6 years ago for Fedora 28

Security fix for CVE-2018-17478 CVE-2018-17479. Update to 70.0.3538.110.

Update to chromium 70.0.3538.77. Fixes CVE-2018-16435 CVE-2018-17462 CVE-2018-17463 CVE-2018-17464 CVE-2018-17465 CVE-2018-17466 CVE-2018-17467 CVE-2018-17468 CVE-2018-17469 CVE-2018-17470 CVE-2018-17471 CVE-2018-17473 CVE-2018-17474 CVE-2018-17475 CVE-2018-17476 CVE-2018-5179 CVE-2018-17477

Logout Required

After installing this update it is required that you logout of your current user session and log back in to ensure the changes supplied by this update are applied properly.

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2018-fd194a1f14

This update has been submitted for testing by spot.

6 years ago

This update has obsoleted chromium-70.0.3538.77-4.fc28, and has inherited its bugs and notes.

6 years ago

This update has been pushed to testing.

6 years ago

augenauf provided feedback 6 years ago

karma

augenauf provided feedback 6 years ago

karma

lnie commented & provided feedback 6 years ago

karma

works as expected

imabug provided feedback 6 years ago

karma

This update has been submitted for batched by bodhi.

6 years ago

This update has been submitted for stable by bodhi.

6 years ago

This update has been pushed to stable.

6 years ago

Please login to add feedback.

Metadata

Type

security

Severity

low

Karma

Signed

Content Type

RPM

Test Gating

ignored

Autopush Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

disabled

Dates

submitted

6 years ago

in testing

6 years ago

in stable

6 years ago

Builds

chromium-70.0.3538.110-1.fc28

BZ#1640098 CVE-2018-17462 chromium-browser: Sandbox escape in AppCache

BZ#1640099 CVE-2018-17463 chromium-browser: Remote code execution in V8

BZ#1640100 CVE-2018-17464 chromium-browser: URL spoof in Omnibox

BZ#1640101 CVE-2018-17465 chromium-browser: Use after free in V8

BZ#1640102 CVE-2018-17466 chromium-browser, firefox: Memory corruption in Angle

BZ#1640103 CVE-2018-17467 chromium-browser: URL spoof in Omnibox

BZ#1640104 CVE-2018-17468 chromium-browser: Cross-origin URL disclosure in Blink

BZ#1640105 CVE-2018-17469 chromium-browser: Heap buffer overflow in PDFium

BZ#1640106 CVE-2018-17470 chromium-browser: Memory corruption in GPU Internals

BZ#1640107 CVE-2018-17471 chromium-browser: Security UI occlusion in full screen mode

BZ#1640108 CVE-2018-17472 chromium-browser: iframe sandbox escape on iOS

BZ#1640110 CVE-2018-17473 chromium-browser: URL spoof in Omnibox

BZ#1640111 CVE-2018-17474 chromium-browser: Use after free in Blink

BZ#1640112 CVE-2018-17475 chromium-browser: URL spoof in Omnibox

BZ#1640113 CVE-2018-17476 chromium-browser: Security UI occlusion in full screen mode

BZ#1640114 CVE-2018-5179 chromium-browser: Lack of limits on update() in ServiceWorker

BZ#1640115 CVE-2018-17477 chromium-browser: UI spoof in Extensions

BZ#1640118 chromium-browser: Heap buffer overflow in lcms in PDFium

BZ#1640121 CVE-2018-16435 CVE-2018-17462 CVE-2018-17463 CVE-2018-17464 CVE-2018-17465 CVE-2018-17466 CVE-2018-17467 CVE-2018-17468 CVE-2018-17469 CVE-2018-17470 CVE-2018-17471 CVE-2018-17473 CVE-2018-17474 CVE-2018-17475 ... chromium: various flaws [fedora-all]

BZ#1648855 CVE-2018-17478 chromium-browser: Out of bounds memory access in V8

BZ#1648857 CVE-2018-17478 chromium: chromium-browser: Out of bounds memory access in V8 [fedora-all]

BZ#1651487 CVE-2018-17479 chromium-browser: Use-after-free in GPU

BZ#1651489 CVE-2018-17479 chromium: chromium-browser: Use-after-free in GPU [fedora-all]

chromium-70.0.3538.110-1.fc28

Automated Test Results

ignored