FEDORA-EPEL-2019-6c3fb8b090

security update in Fedora EPEL 7 for chromium

Status: stable 9 months ago

Finally, a new chromium build for EL7. Hold on to your butts, this fixes so many CVEs.

Fixes CVE-2018-16065 CVE-2018-16066 CVE-2018-16067 CVE-2018-16068 CVE-2018-16069 CVE-2018-16070 CVE-2018-16071 CVE-2018-16073 CVE-2018-16074 CVE-2018-16075 CVE-2018-16076 CVE-2018-16077 CVE-2018-16078 CVE-2018-16079 CVE-2018-16080 CVE-2018-16081 CVE-2018-16082 CVE-2018-16083 CVE-2018-16084 CVE-2018-16085 CVE-2018-16088 CVE-2018-16087 CVE-2018-16086 CVE-2018-17458 CVE-2018-17459 CVE-2018-6119 CVE-2018-6055 CVE-2018-16435 CVE-2018-17462 CVE-2018-17463 CVE-2018-17464 CVE-2018-17465 CVE-2018-17466 CVE-2018-17467 CVE-2018-17468 CVE-2018-17469 CVE-2018-17470 CVE-2018-17471 CVE-2018-17473 CVE-2018-17474 CVE-2018-17475 CVE-2018-17476 CVE-2018-5179 CVE-2018-17477 CVE-2018-17478 CVE-2018-17479 CVE-2018-17480 CVE-2018-17481 CVE-2018-18335 CVE-2018-18336 CVE-2018-18337 CVE-2018-18338 CVE-2018-18339 CVE-2018-18340 CVE-2018-18341 CVE-2018-18342 CVE-2018-18343 CVE-2018-18344 CVE-2018-18345 CVE-2018-18346 CVE-2018-18347 CVE-2018-18348 CVE-2018-18349 CVE-2018-18350 CVE-2018-18351 CVE-2018-18352 CVE-2018-18353 CVE-2018-18354 CVE-2018-18355 CVE-2018-18356 CVE-2018-18357 CVE-2018-18358 CVE-2018-18359

Comments 6

This update has been submitted for testing by spot.

This update has been pushed to testing.

This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes

This update has been submitted for batched by spot.

This update has been submitted for stable by bodhi.

This update has been pushed to stable.

Add Comment & Feedback

Please login to add feedback.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
high
Karma
0
stable threshold: 3
unstable threshold: -3
Autopush (karma)
Enabled
Autopush (time)
Disabled
Dates
submitted 9 months ago
in testing 9 months ago
in stable 9 months ago

Related Bugs 80

00 #1625466 CVE-2018-16065 chromium-browser: Out of bounds write in V8
00 #1625467 CVE-2018-16066 chromium-browser: Out of bounds read in Blink
00 #1625469 CVE-2018-16067 chromium-browser: Out of bounds read in WebAudio
00 #1625470 CVE-2018-16068 chromium-browser: Out of bounds write in Mojo
00 #1625471 CVE-2018-16069 chromium-browser: Out of bounds read in SwiftShader
00 #1625472 CVE-2018-16070 chromium-browser: Integer overflow in Skia
00 #1625473 CVE-2018-16071 chromium-browser: Use after free in WebRTC
00 #1625474 CVE-2018-16072 chromium-browser: Cross origin pixel leak in Chrome's interaction with Android's MediaPlayer
00 #1625475 CVE-2018-16073 chromium-browser: Site Isolation bypass after tab restore
00 #1625476 CVE-2018-16074 chromium-browser: Site Isolation bypass using Blob URLS
00 #1625477 CVE-2018-16075 chromium-browser: Local file access in Blink
00 #1625478 CVE-2018-16076 chromium-browser: Out of bounds read in PDFium
00 #1625479 CVE-2018-16077 chromium-browser: Content security policy bypass in Blink
00 #1625480 CVE-2018-16078 chromium-browser: Credit card information leak in Autofill
00 #1625481 CVE-2018-16079 chromium-browser: URL spoof in permission dialogs
00 #1625482 CVE-2018-16080 chromium-browser: URL spoof in full screen mode
00 #1625484 CVE-2018-16081 chromium-browser: Local file access in DevTools
00 #1625485 CVE-2018-16082 chromium-browser: Stack buffer overflow in SwiftShader
00 #1625486 CVE-2018-16083 chromium-browser: Out of bounds read in WebRTC
00 #1625487 CVE-2018-16084 chromium-browser: User confirmation bypass in external protocol handling
00 #1625488 CVE-2018-16085 chromium-browser: Use after free in Memory Instrumentation
00 #1625492 CVE-2018-16065 CVE-2018-16066 CVE-2018-16067 CVE-2018-16068 CVE-2018-16069 CVE-2018-16070 CVE-2018-16071 CVE-2018-16072 CVE-2018-16073 CVE-2018-16074 CVE-2018-16075 CVE-2018-16076 CVE-2018-16077 CVE-2018-16078 ... chromium: various flaws [epel-7]
00 #1628078 CVE-2018-17458 chromium-browser: Function signature mismatch in WebAssembly
00 #1628080 CVE-2018-17459 chromium-browser: URL Spoofing in Omnibox
00 #1628085 CVE-2018-17458 CVE-2018-17459 chromium: various flaws [epel-7]
00 #1633390 CVE-2018-6119 chromium-browser: Spoof of contents of the Omnibox (URL bar) via a crafted HTML page
00 #1633392 CVE-2018-6119 chromium: chromium-browser: Spoof of contents of the Omnibox (URL bar) via a crafted HTML page [epel-7]
00 #1633393 CVE-2018-6055 chromium-browser: Insufficient policy enforcement in Catalog Service
00 #1633395 CVE-2018-6055 chromium: chromium-browser: Insufficient policy enforcement in Catalog Service [epel-7]
00 #1640098 CVE-2018-17462 chromium-browser: Sandbox escape in AppCache
00 #1640099 CVE-2018-17463 chromium-browser: Remote code execution in V8
00 #1640100 CVE-2018-17464 chromium-browser: URL spoof in Omnibox
00 #1640101 CVE-2018-17465 chromium-browser: Use after free in V8
00 #1640102 CVE-2018-17466 chromium-browser, firefox: Memory corruption in Angle
00 #1640103 CVE-2018-17467 chromium-browser: URL spoof in Omnibox
00 #1640104 CVE-2018-17468 chromium-browser: Cross-origin URL disclosure in Blink
00 #1640105 CVE-2018-17469 chromium-browser: Heap buffer overflow in PDFium
00 #1640106 CVE-2018-17470 chromium-browser: Memory corruption in GPU Internals
00 #1640107 CVE-2018-17471 chromium-browser: Security UI occlusion in full screen mode
00 #1640108 CVE-2018-17472 chromium-browser: iframe sandbox escape on iOS
00 #1640110 CVE-2018-17473 chromium-browser: URL spoof in Omnibox
00 #1640111 CVE-2018-17474 chromium-browser: Use after free in Blink
00 #1640112 CVE-2018-17475 chromium-browser: URL spoof in Omnibox
00 #1640113 CVE-2018-17476 chromium-browser: Security UI occlusion in full screen mode
00 #1640114 CVE-2018-5179 chromium-browser: Lack of limits on update() in ServiceWorker
00 #1640115 CVE-2018-17477 chromium-browser: UI spoof in Extensions
00 #1640118 chromium-browser: Heap buffer overflow in lcms in PDFium
00 #1640122 CVE-2018-16435 CVE-2018-17462 CVE-2018-17463 CVE-2018-17464 CVE-2018-17465 CVE-2018-17466 CVE-2018-17467 CVE-2018-17468 CVE-2018-17469 CVE-2018-17470 CVE-2018-17471 CVE-2018-17473 CVE-2018-17474 CVE-2018-17475 ... chromium: various flaws [epel-7]
00 #1648855 CVE-2018-17478 chromium-browser: Out of bounds memory access in V8
00 #1648858 CVE-2018-17478 chromium: chromium-browser: Out of bounds memory access in V8 [epel-7]
00 #1651487 CVE-2018-17479 chromium-browser: Use-after-free in GPU
00 #1651490 CVE-2018-17479 chromium: chromium-browser: Use-after-free in GPU [epel-7]
00 #1656547 CVE-2018-17480 chromium-browser: Out of bounds write in V8
00 #1656548 CVE-2018-17481 chromium-browser: Use after frees in PDFium
00 #1656549 CVE-2018-18335 chromium-browser: Heap buffer overflow in Skia
00 #1656550 CVE-2018-18336 chromium-browser: Use after free in PDFium
00 #1656551 CVE-2018-18337 chromium-browser: Use after free in Blink
00 #1656552 CVE-2018-18338 chromium-browser: Heap buffer overflow in Canvas
00 #1656553 CVE-2018-18339 chromium-browser: Use after free in WebAudio
00 #1656554 CVE-2018-18340 chromium-browser: Use after free in MediaRecorder
00 #1656555 CVE-2018-18341 chromium-browser: Heap buffer overflow in Blink
00 #1656556 CVE-2018-18342 chromium-browser: Out of bounds write in V8
00 #1656557 CVE-2018-18343 chromium-browser: Use after free in Skia
00 #1656558 CVE-2018-18344 chromium-browser: Inappropriate implementation in Extensions
00 #1656559 CVE-2018-18345 chromium-browser: Inappropriate implementation in Site Isolation
00 #1656560 CVE-2018-18346 chromium-browser: Incorrect security UI in Blink
00 #1656561 CVE-2018-18347 chromium-browser: Inappropriate implementation in Navigation
00 #1656562 CVE-2018-18348 chromium-browser: Inappropriate implementation in Omnibox
00 #1656563 CVE-2018-18349 chromium-browser: Insufficient policy enforcement in Blink
00 #1656564 CVE-2018-18350 chromium-browser: Insufficient policy enforcement in Blink
00 #1656565 CVE-2018-18351 chromium-browser: Insufficient policy enforcement in Navigation
00 #1656566 CVE-2018-18352 chromium-browser: Inappropriate implementation in Media
00 #1656567 CVE-2018-18353 chromium-browser: Inappropriate implementation in Network Authentication
00 #1656568 CVE-2018-18354 chromium-browser: Insufficient data validation in Shell Integration
00 #1656569 CVE-2018-18355 chromium-browser: Insufficient policy enforcement in URL Formatter
00 #1656570 CVE-2018-18356 chromium-browser: Use after free in Skia
00 #1656571 CVE-2018-18357 chromium-browser: Insufficient policy enforcement in URL Formatter
00 #1656572 CVE-2018-18358 chromium-browser: Insufficient policy enforcement in Proxy
00 #1656573 CVE-2018-18359 chromium-browser: Out of bounds read in V8
00 #1656576 CVE-2018-17480 CVE-2018-17481 CVE-2018-18335 CVE-2018-18336 CVE-2018-18337 CVE-2018-18338 CVE-2018-18339 CVE-2018-18340 CVE-2018-18341 CVE-2018-18342 CVE-2018-18343 CVE-2018-18344 CVE-2018-18345 CVE-2018-18346 ... chromium: various flaws [epel-7]

Automated Test Results