FEDORA-EPEL-2018-297fb7f6c0

security update in Fedora EPEL 7 for chromium

Status: obsolete

Update to 66.0.3359.181. Security fix for CVE-2018-6085 CVE-2018-6086 CVE-2018-6087 CVE-2018-6088 CVE-2018-6089 CVE-2018-6090 CVE-2018-6091 CVE-2018-6092 CVE-2018-6093 CVE-2018-6094 CVE-2018-6095 CVE-2018-6096 CVE-2018-6097 CVE-2018-6098 CVE-2018-6099 CVE-2018-6100 CVE-2018-6101 CVE-2018-6102 CVE-2018-6103 CVE-2018-6104 CVE-2018-6105 CVE-2018-6106 CVE-2018-6107 CVE-2018-6108 CVE-2018-6109 CVE-2018-6110 CVE-2018-6111 CVE-2018-6112 CVE-2018-6113 CVE-2018-6114 CVE-2018-6116 CVE-2018-6117 CVE-2018-6118 CVE-2018-6120 CVE-2018-6121 CVE-2018-6122

Comments 8

This update has been submitted for testing by spot.

This update has been pushed to testing.

Unfortunately update is not installable because of libfontconfig dependency issue in package.

package: chromium-66.0.3359.181-2.el7.x86_64

unresolved deps:

 libfontconfig.so()(64bit)

package: chromium-libs-66.0.3359.181-2.el7.x86_64

unresolved deps:

 libfontconfig.so()(64bit)

There seem to be bundled fontconfig in main package.

bundled(fontconfig) = 2.12.6

I guess bundled library means libfontconfig dep should be filtered out.

System fontconfig is 2.10.95-11.el7.

karma: -1

Bodhi is disabling automatic push to stable due to negative karma. The maintainer may push manually if they determine that the issue is not severe.

spot edited this update.

New build(s):

  • chromium-66.0.3359.181-3.el7

Removed build(s):

  • chromium-66.0.3359.181-2.el7

Karma has been reset.

This update has been submitted for testing by spot.

This update has been pushed to testing.

This update has been obsoleted by chromium-67.0.3396.79-1.el7.

Content Type
RPM
Status
obsolete
Test Gating
Submitted by
Update Type
security
Update Severity
unspecified
Karma
0
stable threshold: 3
unstable threshold: -3
Autopush
Disabled
Dates
submitted a year ago
in testing a year ago
modified a year ago

Related Bugs 40

00 #1568761 CVE-2018-6085 chromium-browser: Use after free in Disk Cache
00 #1568762 CVE-2018-6086 chromium-browser: Use after free in Disk Cache
00 #1568763 CVE-2018-6087 chromium-browser: Use after free in WebAssembly
00 #1568764 CVE-2018-6088 chromium-browser: Use after free in PDFium
00 #1568765 CVE-2018-6089 chromium-browser: Same origin policy bypass in Service Worker
00 #1568766 CVE-2018-6090 chromium-browser: Heap buffer overflow in Skia
00 #1568767 CVE-2018-6091 chromium-browser: Incorrect handling of plug-ins by Service Worker
00 #1568769 CVE-2018-6092 chromium-browser: Integer overflow in WebAssembly
00 #1568770 CVE-2018-6093 chromium-browser: Same origin bypass in Service Worker
00 #1568771 CVE-2018-6094 chromium-browser: Exploit hardening regression in Oilpan
00 #1568773 CVE-2018-6095 chromium-browser: Lack of meaningful user interaction requirement before file upload
00 #1568774 CVE-2018-6096 chromium-browser: Fullscreen UI spoof
00 #1568775 CVE-2018-6097 chromium-browser: Fullscreen UI spoof
00 #1568776 CVE-2018-6098 chromium-browser: URL spoof in Omnibox
00 #1568777 CVE-2018-6099 chromium-browser: CORS bypass in ServiceWorker
00 #1568778 CVE-2018-6100 chromium-browser: URL spoof in Omnibox
00 #1568779 CVE-2018-6101 chromium-browser: Insufficient protection of remote debugging prototol in DevTools
00 #1568780 CVE-2018-6102 chromium-browser: URL spoof in Omnibox
00 #1568781 CVE-2018-6103 chromium-browser: UI spoof in Permissions
00 #1568782 CVE-2018-6104 chromium-browser: URL spoof in Omnibox
00 #1568785 CVE-2018-6105 chromium-browser: URL spoof in Omnibox
00 #1568786 CVE-2018-6106 chromium-browser: Incorrect handling of promises in V8
00 #1568787 CVE-2018-6107 chromium-browser: URL spoof in Omnibox
00 #1568788 CVE-2018-6108 chromium-browser: URL spoof in Omnibox
00 #1568789 CVE-2018-6109 chromium-browser: Incorrect handling of files by FileAPI
00 #1568790 CVE-2018-6110 chromium-browser: Incorrect handling of plaintext files via file://
00 #1568791 CVE-2018-6111 chromium-browser: Heap-use-after-free in DevTools
00 #1568792 CVE-2018-6112 chromium-browser: Incorrect URL handling in DevTools
00 #1568793 CVE-2018-6113 chromium-browser: URL spoof in Navigation
00 #1568794 CVE-2018-6114 chromium-browser: CSP bypass
00 #1568795 CVE-2018-6115 chromium-browser: SmartScreen bypass in downloads
00 #1568796 CVE-2018-6116 chromium-browser: Incorrect low memory handling in WebAssembly
00 #1568797 CVE-2018-6117 chromium-browser: Confusing autofill settings
00 #1568800 CVE-2018-6085 CVE-2018-6086 CVE-2018-6087 CVE-2018-6088 CVE-2018-6089 CVE-2018-6090 CVE-2018-6091 CVE-2018-6092 CVE-2018-6093 CVE-2018-6094 CVE-2018-6095 CVE-2018-6096 CVE-2018-6097 CVE-2018-6098 CVE-2018-6099 ... chromium: various flaws [epel-7]
00 #1573856 CVE-2018-6118 chromium-browser: Use after free in Media Cache
00 #1573860 CVE-2018-6118 chromium: chromium-browser: Use after free in Media Cache [epel-7]
00 #1577113 CVE-2018-6121 chromium-browser: Privilege Escalation in extensions
00 #1577114 CVE-2018-6122 chromium-browser: Type confusion in V8
00 #1577115 CVE-2018-6120 chromium-browser: Heap buffer overflow in PDFium
00 #1577116 CVE-2018-6120 CVE-2018-6121 CVE-2018-6122 chromium: various flaws [epel-7]

Automated Test Results