FEDORA-EPEL-2019-8af470ea11 created by spot 4 days ago for Fedora EPEL 7
testing

Update to chromium 78.0.3904.87, fixes CVE-2019-13720 & CVE-2019-13721.

Also fixes zip compression support in EL8 builds.


Chromium 78.

Fixes these: CVE-2019-5870 CVE-2019-5871 CVE-2019-5872 CVE-2019-5874 CVE-2019-5875 CVE-2019-13691 CVE-2019-13692 CVE-2019-5876 CVE-2019-5877 CVE-2019-5878 CVE-2019-5879 CVE-2019-5880 CVE-2019-5881 CVE-2019-13659 CVE-2019-13660 CVE-2019-13661 CVE-2019-13662 CVE-2019-13663 CVE-2019-13664 CVE-2019-13665 CVE-2019-13666 CVE-2019-13667 CVE-2019-13668 CVE-2019-13669 CVE-2019-13670 CVE-2019-13671 CVE-2019-13673 CVE-2019-13674 CVE-2019-13675 CVE-2019-13676 CVE-2019-13677 CVE-2019-13678 CVE-2019-13679 CVE-2019-13680 CVE-2019-13681 CVE-2019-13682 CVE-2019-13683

This update has been submitted for testing by spot. 4 days ago
This update's test gating status has been changed to 'waiting'. 4 days ago
This update has obsoleted [chromium-78.0.3904.70-1.el7](https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-e6e7d521d9), and has inherited its bugs and notes. 4 days ago
This update's test gating status has been changed to 'ignored'. 4 days ago
This update has been pushed to testing. 2 days ago
User Icon robert provided feedback 2 days ago
karma
User Icon robert provided feedback 2 days ago
karma

Please login to add feedback.

Metadata
Type
security
Severity
high
Karma
1
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
14 days
Dates
submitted
4 days ago
in testing
2 days ago
days to stable
12
BZ#1762366 CVE-2019-5870 chromium-browser: Use-after-free in media
0
0
BZ#1762367 CVE-2019-5871 chromium-browser: Heap overflow in Skia
0
0
BZ#1762368 CVE-2019-5872 chromium-browser: Use-after-free in Mojo
0
0
BZ#1762370 CVE-2019-5874 chromium-browser: External URIs may trigger other browsers
0
0
BZ#1762371 CVE-2019-5875 chromium-browser: URL bar spoof via download redirect
0
0
BZ#1762372 CVE-2019-13691 chromium-browser: Omnibox spoof
0
0
BZ#1762373 CVE-2019-13692 chromium-browser: SOP bypass
0
0
BZ#1762374 CVE-2019-5876 chromium-browser: Use-after-free in media
0
0
BZ#1762375 CVE-2019-5877 chromium-browser: Out-of-bounds access in V8
0
0
BZ#1762376 CVE-2019-5878 chromium-browser: Use-after-free in V8
0
0
BZ#1762377 CVE-2019-5879 chromium-browser: Extensions can read some local files
0
0
BZ#1762378 CVE-2019-5880 chromium-browser: SameSite cookie bypass
0
0
BZ#1762379 CVE-2019-5881 chromium-browser: Arbitrary read in SwiftShader
0
0
BZ#1762380 CVE-2019-13659 chromium-browser: URL spoof
0
0
BZ#1762381 CVE-2019-13660 chromium-browser: Full screen notification overlap
0
0
BZ#1762382 CVE-2019-13661 chromium-browser: Full screen notification spoof
0
0
BZ#1762383 CVE-2019-13662 chromium-browser: CSP bypass
0
0
BZ#1762384 CVE-2019-13663 chromium-browser: IDN spoof
0
0
BZ#1762385 CVE-2019-13664 chromium-browser: CSRF bypass
0
0
BZ#1762386 CVE-2019-13665 chromium-browser: Multiple file download protection bypass
0
0
BZ#1762387 CVE-2019-13666 chromium-browser: Side channel using storage size estimate
0
0
BZ#1762388 CVE-2019-13667 chromium-browser: URI bar spoof when using external app URIs
0
0
BZ#1762389 CVE-2019-13668 chromium-browser: Global window leak via console
0
0
BZ#1762390 CVE-2019-13669 chromium-browser: HTTP authentication spoof
0
0
BZ#1762391 CVE-2019-13670 chromium-browser: V8 memory corruption in regex
0
0
BZ#1762392 CVE-2019-13671 chromium-browser: Dialog box fails to show origin
0
0
BZ#1762393 CVE-2019-13673 chromium-browser: Cross-origin information leak using devtools
0
0
BZ#1762394 CVE-2019-13674 chromium-browser: IDN spoofing
0
0
BZ#1762395 CVE-2019-13675 chromium-browser: Extensions can be disabled by trailing slash
0
0
BZ#1762396 CVE-2019-13676 chromium-browser: Google URI shown for certificate warning
0
0
BZ#1762397 CVE-2019-13677 chromium-browser: Chrome web store origin needs to be isolated
0
0
BZ#1762398 CVE-2019-13678 chromium-browser: Download dialog spoofing
0
0
BZ#1762399 CVE-2019-13679 chromium-browser: User gesture needed for printing
0
0
BZ#1762400 CVE-2019-13680 chromium-browser: IP address spoofing to servers
0
0
BZ#1762401 CVE-2019-13681 chromium-browser: Bypass on download restrictions
0
0
BZ#1762402 CVE-2019-13682 chromium-browser: Site isolation bypass
0
0
BZ#1762541 CVE-2019-13659 CVE-2019-13660 CVE-2019-13661 CVE-2019-13662 CVE-2019-13663 CVE-2019-13664 CVE-2019-13665 CVE-2019-13666 CVE-2019-13667 CVE-2019-13668 CVE-2019-13669 CVE-2019-13670 CVE-2019-13671 CVE-2019-13673 ... chromium: various flaws [epel-7]
0
0
BZ#1768578 CVE-2019-13721 chromium-browser: use-after-free in PDFium
0
0
BZ#1768581 CVE-2019-13721 chromium: chromium-browser: use-after-free in PDFium [epel-7]
0
0
BZ#1768586 CVE-2019-13720 chromium-browser: use-after-free in audio
0
0
BZ#1768588 CVE-2019-13720 chromium: chromium-browser: use-after-free in audio [epel-7]
0
0

Automated Test Results