Login
Newsletter
Werbung

Sicherheit: Mehrere Probleme in chromium
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in chromium
ID: FEDORA-2020-3e005ce2e0
Distribution: Fedora
Plattformen: Fedora 32
Datum: Di, 24. November 2020, 07:11
Referenzen: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16015
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16031
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16009
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16017
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16034
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16019
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16027
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16021
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8075
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16013
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16014
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16032
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16033
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16029
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16016
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16025
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16022
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16026
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16012
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16020
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16035
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16024
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16004
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16006
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16008
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16023
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16030
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16005
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16028
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16018
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16036
Applikationen: Chromium

Originalnachricht

-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2020-3e005ce2e0
2020-11-24 01:22:18.445344
-------------------------------------------------------------------------------
-

Name : chromium
Product : Fedora 32
Version : 87.0.4280.66
Release : 1.fc32
URL : http://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).

-------------------------------------------------------------------------------
-
Update Information:

Update to 87.0.4280.66. Fixes bugs and security holes. Yay! CVE-2020-16012
CVE-2020-16018 CVE-2020-16019 CVE-2020-16020 CVE-2020-16021 CVE-2020-16022
CVE-2020-16015 CVE-2020-16014 CVE-2020-16023 CVE-2020-16024 CVE-2020-16025
CVE-2020-16026 CVE-2020-16027 CVE-2020-16028 CVE-2020-16029 CVE-2020-16030
CVE-2020-16031 CVE-2020-16032 CVE-2020-16033 CVE-2020-16034 CVE-2020-16035
CVE-2020-16036 ---- Update to 86.0.4240.198. Fixes the following security
issues: CVE-2020-16013 CVE-2020-16016 CVE-2020-16017 ---- Update to
86.0.4240.183. Fixes the following security issues: CVE-2020-16004
CVE-2020-16005 CVE-2020-16006 CVE-2020-16008 CVE-2020-16009 Also disables the
very verbose output going to stdout.
-------------------------------------------------------------------------------
-
ChangeLog:

* Wed Nov 18 2020 Tom Callaway <spot@fedoraproject.org> - 87.0.4280.66-1
- update to 87.0.4280.66
* Thu Nov 12 2020 Jeff Law <law@fedoraproject.org> - 86.0.4240.198-1
- Fix missing #inclues for gcc-11
- Fix bogus volatile caught by gcc-11
* Thu Nov 12 2020 Tom Callaway <spot@fedoraproject.org> - 86.0.4240.198-1
- update to 86.0.4240.198
* Tue Nov 10 2020 Tom Callaway <spot@fedoraproject.org> - 86.0.4240.193-1
- update to 86.0.4240.193
* Wed Nov 4 2020 Tom Callaway <spot@fedoraproject.org> - 86.0.4240.183-1
- update to 86.0.4240.183
* Mon Nov 2 2020 Tom Callaway <spot@fedoraproject.org> - 86.0.4240.111-2
- fix conditional typo that was causing console logging to be turned on
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1894197 - CVE-2020-16004 chromium-browser: Use after free in user
interface
https://bugzilla.redhat.com/show_bug.cgi?id=1894197
[ 2 ] Bug #1894198 - CVE-2020-16005 chromium-browser: Insufficient policy
enforcement in ANGLE
https://bugzilla.redhat.com/show_bug.cgi?id=1894198
[ 3 ] Bug #1894199 - CVE-2020-16006 chromium-browser: Inappropriate
implementation in V8
https://bugzilla.redhat.com/show_bug.cgi?id=1894199
[ 4 ] Bug #1894201 - CVE-2020-16008 chromium-browser: Stack buffer overflow
in WebRTC
https://bugzilla.redhat.com/show_bug.cgi?id=1894201
[ 5 ] Bug #1894202 - CVE-2020-16009 chromium-browser: Inappropriate
implementation in V8
https://bugzilla.redhat.com/show_bug.cgi?id=1894202
[ 6 ] Bug #1896641 - CVE-2020-16016 chromium-browser: Inappropriate
implementation in base
https://bugzilla.redhat.com/show_bug.cgi?id=1896641
[ 7 ] Bug #1897206 - CVE-2020-16013 chromium-browser: Inappropriate
implementation in V8
https://bugzilla.redhat.com/show_bug.cgi?id=1897206
[ 8 ] Bug #1897207 - CVE-2020-16017 chromium-browser: Use after free in site
isolation
https://bugzilla.redhat.com/show_bug.cgi?id=1897207
[ 9 ] Bug #1899222 - CVE-2020-16018 chromium-browser: Use after free in
payments
https://bugzilla.redhat.com/show_bug.cgi?id=1899222
[ 10 ] Bug #1899223 - CVE-2020-16019 chromium-browser: Inappropriate
implementation in filesystem
https://bugzilla.redhat.com/show_bug.cgi?id=1899223
[ 11 ] Bug #1899224 - CVE-2020-16020 chromium-browser: Inappropriate
implementation in cryptohome
https://bugzilla.redhat.com/show_bug.cgi?id=1899224
[ 12 ] Bug #1899225 - CVE-2020-16021 chromium-browser: Race in ImageBurner
https://bugzilla.redhat.com/show_bug.cgi?id=1899225
[ 13 ] Bug #1899226 - CVE-2020-16022 chromium-browser: Insufficient policy
enforcement in networking
https://bugzilla.redhat.com/show_bug.cgi?id=1899226
[ 14 ] Bug #1899227 - CVE-2020-16015 chromium-browser: Insufficient data
validation in WASM
https://bugzilla.redhat.com/show_bug.cgi?id=1899227
[ 15 ] Bug #1899228 - CVE-2020-16014 chromium-browser: Use after free in
PPAPI
https://bugzilla.redhat.com/show_bug.cgi?id=1899228
[ 16 ] Bug #1899229 - CVE-2020-16023 chromium-browser: Use after free in
WebCodecs
https://bugzilla.redhat.com/show_bug.cgi?id=1899229
[ 17 ] Bug #1899230 - CVE-2020-16024 chromium-browser: Heap buffer overflow
in UI
https://bugzilla.redhat.com/show_bug.cgi?id=1899230
[ 18 ] Bug #1899231 - CVE-2020-16025 chromium-browser: Heap buffer overflow
in clipboard
https://bugzilla.redhat.com/show_bug.cgi?id=1899231
[ 19 ] Bug #1899232 - CVE-2020-16026 chromium-browser: Use after free in
WebRTC
https://bugzilla.redhat.com/show_bug.cgi?id=1899232
[ 20 ] Bug #1899233 - CVE-2020-16027 chromium-browser: Insufficient policy
enforcement in developer tools
https://bugzilla.redhat.com/show_bug.cgi?id=1899233
[ 21 ] Bug #1899234 - CVE-2020-16028 chromium-browser: Heap buffer overflow
in WebRTC
https://bugzilla.redhat.com/show_bug.cgi?id=1899234
[ 22 ] Bug #1899235 - CVE-2020-16029 chromium-browser: Inappropriate
implementation in PDFium
https://bugzilla.redhat.com/show_bug.cgi?id=1899235
[ 23 ] Bug #1899237 - CVE-2020-16030 chromium-browser: Insufficient data
validation in Blink
https://bugzilla.redhat.com/show_bug.cgi?id=1899237
[ 24 ] Bug #1899239 - CVE-2019-8075 flash-plugin: Same origin policy bypass
leading to information disclosure
https://bugzilla.redhat.com/show_bug.cgi?id=1899239
[ 25 ] Bug #1899240 - CVE-2020-16031 chromium-browser: Incorrect security UI
in tab preview
https://bugzilla.redhat.com/show_bug.cgi?id=1899240
[ 26 ] Bug #1899241 - CVE-2020-16032 chromium-browser: Incorrect security UI
in sharing
https://bugzilla.redhat.com/show_bug.cgi?id=1899241
[ 27 ] Bug #1899242 - CVE-2020-16033 chromium-browser: Incorrect security UI
in WebUSB
https://bugzilla.redhat.com/show_bug.cgi?id=1899242
[ 28 ] Bug #1899243 - CVE-2020-16034 chromium-browser: Inappropriate
implementation in WebRTC
https://bugzilla.redhat.com/show_bug.cgi?id=1899243
[ 29 ] Bug #1899244 - CVE-2020-16035 chromium-browser: Insufficient data
validation in cros-disks
https://bugzilla.redhat.com/show_bug.cgi?id=1899244
[ 30 ] Bug #1899245 - CVE-2020-16036 chromium-browser: Inappropriate
implementation in cookies
https://bugzilla.redhat.com/show_bug.cgi?id=1899245
-------------------------------------------------------------------------------
-

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2020-3e005ce2e0' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung