FEDORA-2019-561eae4626 — security update for chromium

stable

chromium-73.0.3683.75-2.fc29

FEDORA-2019-561eae4626 created by spot 5 years ago for Fedora 29

Update to 73.0.3683.75. Fixes large bucket of CVEs.

CVE-2019-5754 CVE-2019-5782 CVE-2019-5755 CVE-2019-5756 CVE-2019-5757 CVE-2019-5758 CVE-2019-5759 CVE-2019-5760 CVE-2019-5761 CVE-2019-5762 CVE-2019-5763 CVE-2019-5764 CVE-2019-5765 CVE-2019-5766 CVE-2019-5767 CVE-2019-5768 CVE-2019-5769 CVE-2019-5770 CVE-2019-5771 CVE-2019-5772 CVE-2019-5773 CVE-2019-5774 CVE-2019-5775 CVE-2019-5776 CVE-2019-5777 CVE-2019-5778 CVE-2019-5779 CVE-2019-5780 CVE-2019-5781 CVE-2019-5784 CVE-2019-5786 CVE-2019-5787 CVE-2019-5788 CVE-2019-5789 CVE-2019-5790 CVE-2019-5791 CVE-2019-5792 CVE-2019-5793 CVE-2019-5794 CVE-2019-5795 CVE-2019-5796 CVE-2019-5797 CVE-2019-5798 CVE-2019-5799 CVE-2019-5800 CVE-2019-5802 CVE-2019-5803

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2019-561eae4626

This update has been submitted for testing by spot.

5 years ago

dustymabe commented & provided feedback 5 years ago

karma

worked for me this morning

ozeszty commented & provided feedback 5 years ago

karma

I've been using it from koji for some time, no issues spotted.

ozeszty commented & provided feedback 5 years ago

karma

I've been using it from koji for some time, no issues spotted.

w1kl4s provided feedback 5 years ago

karma

w1kl4s commented & provided feedback 5 years ago

karma

Just Works™

BZ#1688208 CVE-2019-5787 CVE-2019-5788 CVE-2019-5789 CVE-2019-5790 CVE-2019-5791 CVE-2019-5792 CVE-2019-5793 CVE-2019-5794 CVE-2019-5795 CVE-2019-5796 CVE-2019-5797 CVE-2019-5798 CVE-2019-5799 CVE-2019-5800 CVE-2019-5801 ... chromium: various flaws [fedora-all]

akarshanbiswas commented & provided feedback 5 years ago

karma

Works!

akarshanbiswas commented & provided feedback 5 years ago

karma

Works!

This update has been pushed to testing.

5 years ago

This update has been submitted for batched by bodhi.

5 years ago

augenauf commented & provided feedback 5 years ago

LANG=C sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2019-561eae4626

Last metadata expiration check: 0:00:33 ago on Fr 22 Mär 2019 23:14:35 EDT. No security updates needed, but 66 updates available Dependencies resolved. Nothing to do. Complete!

augenauf commented & provided feedback 5 years ago

LANG=C sudo dnf upgrade --refresh --enablerepo=updates-testing --advisory=FEDORA-2019-561eae4626

Last metadata expiration check: 0:00:33 ago on Fr 22 Mär 2019 23:14:35 EDT. No security updates needed, but 66 updates available Dependencies resolved. Nothing to do. Complete!

This update has been submitted for stable by bodhi.

5 years ago

imabug provided feedback 5 years ago

karma

imabug provided feedback 5 years ago

karma

imabug provided feedback 5 years ago

karma

This update has been pushed to stable.

5 years ago

Please login to add feedback.

Metadata

Type

security

Severity

high

Karma

Signed

Content Type

RPM

Test Gating

ignored

Autopush Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

disabled

Dates

submitted

5 years ago

in testing

5 years ago

in stable

5 years ago

Builds

chromium-73.0.3683.75-2.fc29

BZ#1670737 CVE-2019-5754 chromium-browser: Inappropriate implementation in QUIC Networking

BZ#1670738 CVE-2019-5782 chromium-browser: Inappropriate implementation in V8

BZ#1670739 CVE-2019-5755 chromium-browser: Inappropriate implementation in V8

BZ#1670740 CVE-2019-5756 chromium-browser: Use after free in PDFium

BZ#1670741 CVE-2019-5757 chromium-browser: Type Confusion in SVG

BZ#1670742 CVE-2019-5758 chromium-browser: Use after free in Blink

BZ#1670743 CVE-2019-5759 chromium-browser: Use after free in HTML select elements

BZ#1670744 CVE-2019-5760 chromium-browser: Use after free in WebRTC

BZ#1670745 CVE-2019-5761 chromium-browser: Use after free in SwiftShader

BZ#1670746 CVE-2019-5762 chromium-browser: Use after free in PDFium

BZ#1670747 CVE-2019-5763 chromium-browser: Insufficient validation of untrusted input in V8

BZ#1670748 CVE-2019-5764 chromium-browser: Use after free in WebRTC

BZ#1670749 CVE-2019-5765 chromium-browser: Insufficient policy enforcement in the browser

BZ#1670750 CVE-2019-5766 chromium-browser: Insufficient policy enforcement in Canvas

BZ#1670751 CVE-2019-5767 chromium-browser: Incorrect security UI in WebAPKs

BZ#1670752 CVE-2019-5768 chromium-browser: Insufficient policy enforcement in DevTools

BZ#1670753 CVE-2019-5769 chromium-browser: Insufficient validation of untrusted input in Blink

BZ#1670754 CVE-2019-5770 chromium-browser: Heap buffer overflow in WebGL

BZ#1670755 CVE-2019-5771 chromium-browser: Heap buffer overflow in SwiftShader

BZ#1670756 CVE-2019-5772 chromium-browser: Use after free in PDFium

BZ#1670757 CVE-2019-5773 chromium-browser: Insufficient data validation in IndexedDB

BZ#1670758 CVE-2019-5774 chromium-browser: Insufficient validation of untrusted input in SafeBrowsing

BZ#1670759 CVE-2019-5775 chromium-browser: Insufficient policy enforcement in Omnibox

BZ#1670760 CVE-2019-5776 chromium-browser: Insufficient policy enforcement in Omnibox

BZ#1670761 CVE-2019-5777 chromium-browser: Insufficient policy enforcement in Omnibox

BZ#1670762 CVE-2019-5778 chromium-browser: Insufficient policy enforcement in Extensions

BZ#1670763 CVE-2019-5779 chromium-browser: Insufficient policy enforcement in ServiceWorker

BZ#1670764 CVE-2019-5780 chromium-browser: Insufficient policy enforcement

BZ#1670766 CVE-2019-5754 CVE-2019-5755 CVE-2019-5756 CVE-2019-5757 CVE-2019-5758 CVE-2019-5759 CVE-2019-5760 CVE-2019-5761 CVE-2019-5762 CVE-2019-5763 CVE-2019-5764 CVE-2019-5765 CVE-2019-5766 CVE-2019-5767 CVE-2019-5768 ... chromium: various flaws [fedora-all]

BZ#1676527 CVE-2019-5784 chromium-browser: Inappropriate implementation in V8

BZ#1676529 CVE-2019-5784 chromium: chromium-browser: Inappropriate implementation in V8 [fedora-all]

BZ#1685162 CVE-2019-5786 chromium-browser: Use-after-free in FileReader

BZ#1685164 CVE-2019-5786 chromium: chromium-browser: Use-after-free in FileReader [fedora-all]

BZ#1688189 CVE-2019-5787 chromium-browser: Use after free in Canvas

BZ#1688190 CVE-2019-5788 chromium-browser: Use after free in FileAPI

BZ#1688191 CVE-2019-5789 chromium-browser: Use after free in WebMIDI

BZ#1688192 CVE-2019-5790 chromium-browser: Heap buffer overflow in V8

BZ#1688193 CVE-2019-5791 chromium-browser: Type confusion in V8

BZ#1688194 CVE-2019-5792 chromium-browser: Integer overflow in PDFium

BZ#1688195 CVE-2019-5793 chromium-browser: Excessive permissions for private API in Extensions

BZ#1688196 CVE-2019-5794 chromium-browser: Security UI spoofing

BZ#1688197 CVE-2019-5795 chromium-browser: Integer overflow in PDFium

BZ#1688198 CVE-2019-5796 chromium-browser: Race condition in Extensions

BZ#1688199 CVE-2019-5797 chromium-browser: Race condition in DOMStorage

BZ#1688200 CVE-2019-5798 chromium-browser: Out of bounds read in Skia

BZ#1688201 CVE-2019-5799 chromium-browser: CSP bypass with blob URL

BZ#1688202 CVE-2019-5800 chromium-browser: CSP bypass with blob URL

BZ#1688203 CVE-2019-5801 chromium-browser: Incorrect Omnibox display on iOS

BZ#1688204 CVE-2019-5802 chromium-browser: Security UI spoofing

BZ#1688205 CVE-2019-5803 chromium-browser: CSP bypass with Javascript URLs

BZ#1688206 CVE-2019-5804 chromium-browser: Command line command injection on Windows

chromium-73.0.3683.75-2.fc29

Automated Test Results

ignored