FEDORA-EPEL-2020-2f9004588a created by spot a year ago for Fedora EPEL 7
stable

Update to 87.0.4280.88. Fixes bugs and security issues, including: CVE-2020-16037 CVE-2020-16038 CVE-2020-16039 CVE-2020-16040 CVE-2020-16041 CVE-2020-16042


Update to 87.0.4280.66. Fixes the following security issues:

CVE-2020-16012 CVE-2020-16018 CVE-2020-16019 CVE-2020-16020 CVE-2020-16021 CVE-2020-16022 CVE-2020-16015 CVE-2020-16014 CVE-2020-16023 CVE-2020-16024 CVE-2020-16025 CVE-2020-16026 CVE-2020-16027 CVE-2020-16028 CVE-2020-16029 CVE-2020-16030 CVE-2020-16031 CVE-2020-16032 CVE-2020-16033 CVE-2020-16034 CVE-2020-16035 CVE-2020-16036


Update to 86.0.4240.198. Fixes the following security issues:

CVE-2020-16013 CVE-2020-16016 CVE-2020-16017


Update to 86.0.4240.183.

Fixes the following security issues: CVE-2020-16004 CVE-2020-16005 CVE-2020-16006 CVE-2020-16008 CVE-2020-16009

Also disables the very verbose output going to stdout.


Update to Chromium 86. A few big things here:

  1. Upstream has made hardware accelerated video support (VAAPI) for Linux possible without patches. One key difference is that the patchset used previously in Fedora enabled it by default and upstream's approach disables it by default. To enable Hardware accelerated video in chromium, open this link in chromium:

chrome://flags/#enable-accelerated-video-decode

Be sure it is turned on. Note that not all GPUs are supported.

  1. All the security fixes you expect with a major release: CVE-2020-15967 CVE-2020-15968 CVE-2020-15969 CVE-2020-15970 CVE-2020-15971 CVE-2020-15972 CVE-2020-15990 CVE-2020-15991 CVE-2020-15973 CVE-2020-15974 CVE-2020-15975 CVE-2020-15976 CVE-2020-6557 CVE-2020-15977 CVE-2020-15978 CVE-2020-15979 CVE-2020-15980 CVE-2020-15981 CVE-2020-15982 CVE-2020-15983 CVE-2020-15984 CVE-2020-15985 CVE-2020-15986 CVE-2020-15987 CVE-2020-15992 CVE-2020-15988 CVE-2020-15989 CVE-2020-16000 CVE-2020-16001 CVE-2020-16002 CVE-2020-16003

  2. The EPEL-7 build no longer requires minizip, because Red Hat removed that package in RHEL 7.9.

  3. Without bats acting as pollinators, agave and cacao plants would struggle. That means that bats are responsible for tequila and chocolate.

This update has been submitted for testing by spot.

a year ago

This update's test gating status has been changed to 'ignored'.

a year ago

This update's test gating status has been changed to 'waiting'.

a year ago

This update has obsoleted chromium-87.0.4280.66-1.el7, and has inherited its bugs and notes.

a year ago

This update's test gating status has been changed to 'ignored'.

a year ago

This update has been pushed to testing.

a year ago

This update can be pushed to stable now if the maintainer wishes

11 months ago

This update has been submitted for stable by bodhi.

11 months ago

This update has been pushed to stable.

11 months ago

Please login to add feedback.

Metadata
Type
security
Severity
high
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
14 days
Dates
submitted
a year ago
in testing
a year ago
in stable
11 months ago
BZ#1885883 CVE-2020-15967 chromium-browser: Use after free in payments
0
0
BZ#1885884 CVE-2020-15968 chromium-browser: Use after free in Blink
0
0
BZ#1885885 CVE-2020-15969 chromium-browser: Use after free in WebRTC
0
0
BZ#1885886 CVE-2020-15970 chromium-browser: Use after free in NFC
0
0
BZ#1885887 CVE-2020-15971 chromium-browser: Use after free in printing
0
0
BZ#1885888 CVE-2020-15972 chromium-browser: Use after free in audio
0
0
BZ#1885889 CVE-2020-15990 chromium-browser: Use after free in autofill
0
0
BZ#1885890 CVE-2020-15991 chromium-browser: Use after free in password manager
0
0
BZ#1885891 CVE-2020-15973 chromium-browser: Insufficient policy enforcement in extensions
0
0
BZ#1885892 CVE-2020-15974 chromium-browser: Integer overflow in Blink
0
0
BZ#1885893 CVE-2020-15975 chromium-browser: Integer overflow in SwiftShader
0
0
BZ#1885894 CVE-2020-15976 chromium-browser: Use after free in WebXR
0
0
BZ#1885896 CVE-2020-6557 chromium-browser: Inappropriate implementation in networking
0
0
BZ#1885897 CVE-2020-15977 chromium-browser: Insufficient data validation in dialogs
0
0
BZ#1885899 CVE-2020-15978 chromium-browser: Insufficient data validation in navigation
0
0
BZ#1885901 CVE-2020-15979 chromium-browser: Inappropriate implementation in V8
0
0
BZ#1885902 CVE-2020-15980 chromium-browser: Insufficient policy enforcement in Intents
0
0
BZ#1885903 CVE-2020-15981 chromium-browser: Out of bounds read in audio
0
0
BZ#1885904 CVE-2020-15982 chromium-browser: Side-channel information leakage in cache
0
0
BZ#1885905 CVE-2020-15983 chromium-browser: Insufficient data validation in webUI
0
0
BZ#1885906 CVE-2020-15984 chromium-browser: Insufficient policy enforcement in Omnibox
0
0
BZ#1885907 CVE-2020-15985 chromium-browser: Inappropriate implementation in Blink
0
0
BZ#1885908 CVE-2020-15986 chromium-browser: Integer overflow in media
0
0
BZ#1885909 CVE-2020-15987 chromium-browser: Use after free in WebRTC
0
0
BZ#1885910 CVE-2020-15992 chromium-browser: Insufficient policy enforcement in networking
0
0
BZ#1885911 CVE-2020-15988 chromium-browser: Insufficient policy enforcement in downloads
0
0
BZ#1885912 CVE-2020-15989 chromium-browser: Uninitialized use in PDFium
0
0
BZ#1885917 CVE-2020-15967 CVE-2020-15968 CVE-2020-15969 CVE-2020-15970 CVE-2020-15971 CVE-2020-15972 CVE-2020-15973 CVE-2020-15974 CVE-2020-15975 CVE-2020-15976 CVE-2020-15977 CVE-2020-15978 CVE-2020-15979 CVE-2020-15980 ... chromium: various flaws [epel-all]
0
0
BZ#1889910 EPEL 7 - chromium.x86_64 0:85.0.4183.121-1.el7 missing libminizip.so and minizip(x86-64) dependencies on RHEL 7.9
0
0
BZ#1890266 CVE-2020-16000 chromium-browser: Inappropriate implementation in Blink
0
0
BZ#1890267 CVE-2020-16001 chromium-browser: Use after free in media
0
0
BZ#1890268 CVE-2020-16002 chromium-browser: Use after free in PDFium
0
0
BZ#1890269 CVE-2020-16003 chromium-browser: Use after free in printing
0
0
BZ#1890273 CVE-2020-16000 CVE-2020-16001 CVE-2020-16002 CVE-2020-16003 chromium: various flaws [epel-all]
0
0
BZ#1893427 Verbose debugging enabled by default
0
0
BZ#1894197 CVE-2020-16004 chromium-browser: Use after free in user interface
0
0
BZ#1894198 CVE-2020-16005 chromium-browser: Insufficient policy enforcement in ANGLE
0
0
BZ#1894199 CVE-2020-16006 chromium-browser: Inappropriate implementation in V8
0
0
BZ#1894201 CVE-2020-16008 chromium-browser: Stack buffer overflow in WebRTC
0
0
BZ#1894202 CVE-2020-16009 chromium-browser: Inappropriate implementation in V8
0
0
BZ#1894209 CVE-2020-16004 CVE-2020-16005 CVE-2020-16006 CVE-2020-16008 CVE-2020-16009 chromium: various flaws [epel-all]
0
0
BZ#1896641 CVE-2020-16016 chromium-browser: Inappropriate implementation in base
0
0
BZ#1896644 CVE-2020-16016 chromium: chromium-browser: Inappropriate implementation in base [epel-all]
0
0
BZ#1897206 CVE-2020-16013 chromium-browser: Inappropriate implementation in V8
0
0
BZ#1897207 CVE-2020-16017 chromium-browser: Use after free in site isolation
0
0
BZ#1897211 CVE-2020-16013 CVE-2020-16017 chromium: various flaws [epel-all]
0
0
BZ#1899222 CVE-2020-16018 chromium-browser: Use after free in payments
0
0
BZ#1899223 CVE-2020-16019 chromium-browser: Inappropriate implementation in filesystem
0
0
BZ#1899224 CVE-2020-16020 chromium-browser: Inappropriate implementation in cryptohome
0
0
BZ#1899225 CVE-2020-16021 chromium-browser: Race in ImageBurner
0
0
BZ#1899226 CVE-2020-16022 chromium-browser: Insufficient policy enforcement in networking
0
0
BZ#1899227 CVE-2020-16015 chromium-browser: Insufficient data validation in WASM
0
0
BZ#1899228 CVE-2020-16014 chromium-browser: Use after free in PPAPI
0
0
BZ#1899229 CVE-2020-16023 chromium-browser: Use after free in WebCodecs
0
0
BZ#1899230 CVE-2020-16024 chromium-browser: Heap buffer overflow in UI
0
0
BZ#1899231 CVE-2020-16025 chromium-browser: Heap buffer overflow in clipboard
0
0
BZ#1899232 CVE-2020-16026 chromium-browser: Use after free in WebRTC
0
0
BZ#1899233 CVE-2020-16027 chromium-browser: Insufficient policy enforcement in developer tools
0
0
BZ#1899234 CVE-2020-16028 chromium-browser: Heap buffer overflow in WebRTC
0
0
BZ#1899235 CVE-2020-16029 chromium-browser: Inappropriate implementation in PDFium
0
0
BZ#1899237 CVE-2020-16030 chromium-browser: Insufficient data validation in Blink
0
0
BZ#1899239 CVE-2019-8075 flash-plugin: Same origin policy bypass leading to information disclosure
0
0
BZ#1899240 CVE-2020-16031 chromium-browser: Incorrect security UI in tab preview
0
0
BZ#1899241 CVE-2020-16032 chromium-browser: Incorrect security UI in sharing
0
0
BZ#1899242 CVE-2020-16033 chromium-browser: Incorrect security UI in WebUSB
0
0
BZ#1899243 CVE-2020-16034 chromium-browser: Inappropriate implementation in WebRTC
0
0
BZ#1899244 CVE-2020-16035 chromium-browser: Insufficient data validation in cros-disks
0
0
BZ#1899245 CVE-2020-16036 chromium-browser: Inappropriate implementation in cookies
0
0
BZ#1899248 CVE-2020-16012 CVE-2020-16014 CVE-2020-16015 CVE-2020-16018 CVE-2020-16019 CVE-2020-16020 CVE-2020-16021 CVE-2020-16022 CVE-2020-16023 CVE-2020-16024 CVE-2020-16025 CVE-2020-16026 CVE-2020-16027 CVE-2020-16028 ... chromium: various flaws [epel-all]
0
0
BZ#1904510 CVE-2020-16037 chromium-browser: Use after free in clipboard
0
0
BZ#1904511 CVE-2020-16038 chromium-browser: Use after free in media
0
0
BZ#1904512 CVE-2020-16039 chromium-browser: Use after free in extensions
0
0
BZ#1904513 CVE-2020-16040 chromium-browser: Insufficient data validation in V8
0
0
BZ#1904514 CVE-2020-16041 chromium-browser: Out of bounds read in networking
0
0
BZ#1904515 CVE-2020-16042 chromium-browser: Uninitialized Use in V8
0
0
BZ#1904518 CVE-2020-16037 CVE-2020-16038 CVE-2020-16039 CVE-2020-16040 CVE-2020-16041 CVE-2020-16042 chromium: various flaws [epel-all]
0
0

Automated Test Results