FEDORA-EPEL-2019-7bae341677

security update in Fedora EPEL 7 for chromium

Status: stable 5 months ago

Update to Chromium 73.0.3683.86.
Upstream changelog: https://chromium.googlesource.com/chromium/src/+log/73.0.3683.75..73.0.3683.86?pretty=fuller&n=10000 Also ensure that en_US locale pak is always installed.


Update to 73.0.3683.75. Fixes large bucket of CVEs.

CVE-2019-5754 CVE-2019-5782 CVE-2019-5755 CVE-2019-5756 CVE-2019-5757 CVE-2019-5758 CVE-2019-5759 CVE-2019-5760 CVE-2019-5761 CVE-2019-5762 CVE-2019-5763 CVE-2019-5764 CVE-2019-5765 CVE-2019-5766 CVE-2019-5767 CVE-2019-5768 CVE-2019-5769 CVE-2019-5770 CVE-2019-5771 CVE-2019-5772 CVE-2019-5773 CVE-2019-5774 CVE-2019-5775 CVE-2019-5776 CVE-2019-5777 CVE-2019-5778 CVE-2019-5779 CVE-2019-5780 CVE-2019-5781 CVE-2019-5784 CVE-2019-5786 CVE-2019-5787 CVE-2019-5788 CVE-2019-5789 CVE-2019-5790 CVE-2019-5791 CVE-2019-5792 CVE-2019-5793 CVE-2019-5794 CVE-2019-5795 CVE-2019-5796 CVE-2019-5797 CVE-2019-5798 CVE-2019-5799 CVE-2019-5800 CVE-2019-5802 CVE-2019-5803

Comments 7

This update has been submitted for testing by spot.

This update has obsoleted chromium-73.0.3683.75-2.el7, and has inherited its bugs and notes.

This update has been pushed to testing.

This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes

This update has been submitted for batched by spot.

This update has been submitted for stable by bodhi.

This update has been pushed to stable.

Add Comment & Feedback

Please login to add feedback.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
unspecified
Karma
0
stable threshold: 3
unstable threshold: -3
Autopush (karma)
Enabled
Autopush (time)
Disabled
Dates
submitted 6 months ago
in testing 6 months ago
in stable 5 months ago

Related Bugs 53

00 #1670737 CVE-2019-5754 chromium-browser: Inappropriate implementation in QUIC Networking
00 #1670738 CVE-2019-5782 chromium-browser: Inappropriate implementation in V8
00 #1670739 CVE-2019-5755 chromium-browser: Inappropriate implementation in V8
00 #1670740 CVE-2019-5756 chromium-browser: Use after free in PDFium
00 #1670741 CVE-2019-5757 chromium-browser: Type Confusion in SVG
00 #1670742 CVE-2019-5758 chromium-browser: Use after free in Blink
00 #1670743 CVE-2019-5759 chromium-browser: Use after free in HTML select elements
00 #1670744 CVE-2019-5760 chromium-browser: Use after free in WebRTC
00 #1670745 CVE-2019-5761 chromium-browser: Use after free in SwiftShader
00 #1670746 CVE-2019-5762 chromium-browser: Use after free in PDFium
00 #1670747 CVE-2019-5763 chromium-browser: Insufficient validation of untrusted input in V8
00 #1670748 CVE-2019-5764 chromium-browser: Use after free in WebRTC
00 #1670749 CVE-2019-5765 chromium-browser: Insufficient policy enforcement in the browser
00 #1670750 CVE-2019-5766 chromium-browser: Insufficient policy enforcement in Canvas
00 #1670751 CVE-2019-5767 chromium-browser: Incorrect security UI in WebAPKs
00 #1670752 CVE-2019-5768 chromium-browser: Insufficient policy enforcement in DevTools
00 #1670753 CVE-2019-5769 chromium-browser: Insufficient validation of untrusted input in Blink
00 #1670754 CVE-2019-5770 chromium-browser: Heap buffer overflow in WebGL
00 #1670755 CVE-2019-5771 chromium-browser: Heap buffer overflow in SwiftShader
00 #1670756 CVE-2019-5772 chromium-browser: Use after free in PDFium
00 #1670757 CVE-2019-5773 chromium-browser: Insufficient data validation in IndexedDB
00 #1670758 CVE-2019-5774 chromium-browser: Insufficient validation of untrusted input in SafeBrowsing
00 #1670759 CVE-2019-5775 chromium-browser: Insufficient policy enforcement in Omnibox
00 #1670760 CVE-2019-5776 chromium-browser: Insufficient policy enforcement in Omnibox
00 #1670761 CVE-2019-5777 chromium-browser: Insufficient policy enforcement in Omnibox
00 #1670762 CVE-2019-5778 chromium-browser: Insufficient policy enforcement in Extensions
00 #1670763 CVE-2019-5779 chromium-browser: Insufficient policy enforcement in ServiceWorker
00 #1670764 CVE-2019-5780 chromium-browser: Insufficient policy enforcement
00 #1670767 CVE-2019-5754 CVE-2019-5755 CVE-2019-5756 CVE-2019-5757 CVE-2019-5758 CVE-2019-5759 CVE-2019-5760 CVE-2019-5761 CVE-2019-5762 CVE-2019-5763 CVE-2019-5764 CVE-2019-5765 CVE-2019-5766 CVE-2019-5767 CVE-2019-5768 ... chromium: various flaws [epel-7]
00 #1676527 CVE-2019-5784 chromium-browser: Inappropriate implementation in V8
00 #1676530 CVE-2019-5784 chromium: chromium-browser: Inappropriate implementation in V8 [epel-7]
00 #1685162 CVE-2019-5786 chromium-browser: Use-after-free in FileReader
00 #1685165 CVE-2019-5786 chromium: chromium-browser: Use-after-free in FileReader [epel-7]
00 #1688189 CVE-2019-5787 chromium-browser: Use after free in Canvas
00 #1688190 CVE-2019-5788 chromium-browser: Use after free in FileAPI
00 #1688191 CVE-2019-5789 chromium-browser: Use after free in WebMIDI
00 #1688192 CVE-2019-5790 chromium-browser: Heap buffer overflow in V8
00 #1688193 CVE-2019-5791 chromium-browser: Type confusion in V8
00 #1688194 CVE-2019-5792 chromium-browser: Integer overflow in PDFium
00 #1688195 CVE-2019-5793 chromium-browser: Excessive permissions for private API in Extensions
00 #1688196 CVE-2019-5794 chromium-browser: Security UI spoofing
00 #1688197 CVE-2019-5795 chromium-browser: Integer overflow in PDFium
00 #1688198 CVE-2019-5796 chromium-browser: Race condition in Extensions
00 #1688199 CVE-2019-5797 chromium-browser: Race condition in DOMStorage
00 #1688200 CVE-2019-5798 chromium-browser: Out of bounds read in Skia
00 #1688201 CVE-2019-5799 chromium-browser: CSP bypass with blob URL
00 #1688202 CVE-2019-5800 chromium-browser: CSP bypass with blob URL
00 #1688203 CVE-2019-5801 chromium-browser: Incorrect Omnibox display on iOS
00 #1688204 CVE-2019-5802 chromium-browser: Security UI spoofing
00 #1688205 CVE-2019-5803 chromium-browser: CSP bypass with Javascript URLs
00 #1688206 CVE-2019-5804 chromium-browser: Command line command injection on Windows
00 #1688209 CVE-2019-5787 CVE-2019-5788 CVE-2019-5789 CVE-2019-5790 CVE-2019-5791 CVE-2019-5792 CVE-2019-5793 CVE-2019-5794 CVE-2019-5795 CVE-2019-5796 CVE-2019-5797 CVE-2019-5798 CVE-2019-5799 CVE-2019-5800 CVE-2019-5801 ... chromium: various flaws [epel-7]
00 #1692660 Ensure the en-US locale is always installed

Automated Test Results