Login
Newsletter
Werbung

Sicherheit: Mehrere Probleme in chromium
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in chromium
ID: FEDORA-2021-35d2bb4627
Distribution: Fedora
Plattformen: Fedora 33
Datum: Sa, 15. Mai 2021, 07:13
Referenzen: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21208
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21219
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21205
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21233
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21195
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21213
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21232
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21209
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21217
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21222
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21198
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21194
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21218
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21204
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21221
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21228
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21201
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21226
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21225
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21230
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21224
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21202
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21215
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21220
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21211
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21210
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21223
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21196
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21216
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21214
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21227
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21206
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21199
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21203
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21229
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21207
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21231
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21197
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21212
Applikationen: Chromium

Originalnachricht

-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2021-35d2bb4627
2021-05-14 21:09:17.379371
-------------------------------------------------------------------------------
-

Name : chromium
Product : Fedora 33
Version : 90.0.4430.93
Release : 1.fc33
URL : http://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser that Google doesn't want
you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).

-------------------------------------------------------------------------------
-
Update Information:

Update to Chromium 90.0.4430.93. Fixes the following security issues:
CVE-2021-21206 CVE-2021-21220 CVE-2021-21201 CVE-2021-21202 CVE-2021-21203
CVE-2021-21204 CVE-2021-21221 CVE-2021-21207 CVE-2021-21208 CVE-2021-21209
CVE-2021-21210 CVE-2021-21211 CVE-2021-21212 CVE-2021-21213 CVE-2021-21214
CVE-2021-21215 CVE-2021-21216 CVE-2021-21217 CVE-2021-21218 CVE-2021-21219
CVE-2021-21205 CVE-2021-21194 CVE-2021-21195 CVE-2021-21196 CVE-2021-21197
CVE-2021-21198 CVE-2021-21199 CVE-2021-21222 CVE-2021-21223 CVE-2021-21224
CVE-2021-21225 CVE-2021-21226 CVE-2021-21227 CVE-2021-21232 CVE-2021-21233
CVE-2021-21228 CVE-2021-21229 CVE-2021-21230 CVE-2021-21231 If you hold your
broken appliances close to the screen when you update, it might fix them too.
(fixes not guaranteed)
-------------------------------------------------------------------------------
-
ChangeLog:

* Tue Apr 27 2021 Tom Callaway <spot@fedoraproject.org> - 90.0.4430.93-1
- update to 90.0.4430.93
* Wed Apr 21 2021 Tom Callaway <spot@fedoraproject.org> - 90.0.4430.85-1
- update to 90.0.4430.85
* Fri Apr 16 2021 Tom Callaway <spot@fedoraproject.org> - 90.0.4430.72-1
- update to 90.0.4430.72
* Wed Apr 14 2021 Tom Callaway <spot@fedoraproject.org> - 89.0.4389.128-1
- update to 89.0.4389.128
* Wed Mar 31 2021 Jonathan Wakely <jwakely@redhat.com> - 89.0.4389.90-5
- Rebuilt for removed libstdc++ symbols (#1937698)
* Mon Mar 29 2021 Tom Callaway <spot@fedoraproject.org> - 89.0.4389.90-4
- fix libva compile in rawhide
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1945106 - CVE-2021-21194 chromium-browser: Use after free in
screen capture
https://bugzilla.redhat.com/show_bug.cgi?id=1945106
[ 2 ] Bug #1945107 - CVE-2021-21195 chromium-browser: Use after free in V8
https://bugzilla.redhat.com/show_bug.cgi?id=1945107
[ 3 ] Bug #1945108 - CVE-2021-21196 chromium-browser: Heap buffer overflow in
TabStrip
https://bugzilla.redhat.com/show_bug.cgi?id=1945108
[ 4 ] Bug #1945109 - CVE-2021-21197 chromium-browser: Heap buffer overflow in
TabStrip
https://bugzilla.redhat.com/show_bug.cgi?id=1945109
[ 5 ] Bug #1945110 - CVE-2021-21198 chromium-browser: Out of bounds read in
IPC
https://bugzilla.redhat.com/show_bug.cgi?id=1945110
[ 6 ] Bug #1945111 - CVE-2021-21199 chromium-browser: Use Use after free in
Aura
https://bugzilla.redhat.com/show_bug.cgi?id=1945111
[ 7 ] Bug #1949617 - CVE-2021-21206 chromium-browser: Use after free in Blink
https://bugzilla.redhat.com/show_bug.cgi?id=1949617
[ 8 ] Bug #1949618 - CVE-2021-21220 chromium-browser: Insufficient validation
of untrusted input in V8 for x86_64
https://bugzilla.redhat.com/show_bug.cgi?id=1949618
[ 9 ] Bug #1950436 - CVE-2021-21201 chromium-browser: Use after free in
permissions
https://bugzilla.redhat.com/show_bug.cgi?id=1950436
[ 10 ] Bug #1950437 - CVE-2021-21202 chromium-browser: Use after free in
extensions
https://bugzilla.redhat.com/show_bug.cgi?id=1950437
[ 11 ] Bug #1950438 - CVE-2021-21203 chromium-browser: Use after free in
Blink
https://bugzilla.redhat.com/show_bug.cgi?id=1950438
[ 12 ] Bug #1950439 - CVE-2021-21204 chromium-browser: Use after free in
Blink
https://bugzilla.redhat.com/show_bug.cgi?id=1950439
[ 13 ] Bug #1950440 - CVE-2021-21221 chromium-browser: Insufficient
validation of untrusted input in Mojo
https://bugzilla.redhat.com/show_bug.cgi?id=1950440
[ 14 ] Bug #1950441 - CVE-2021-21207 chromium-browser: Use after free in
IndexedDB
https://bugzilla.redhat.com/show_bug.cgi?id=1950441
[ 15 ] Bug #1950442 - CVE-2021-21208 chromium-browser: Insufficient data
validation in QR scanner
https://bugzilla.redhat.com/show_bug.cgi?id=1950442
[ 16 ] Bug #1950443 - CVE-2021-21209 chromium-browser: Inappropriate
implementation in storage
https://bugzilla.redhat.com/show_bug.cgi?id=1950443
[ 17 ] Bug #1950444 - CVE-2021-21210 chromium-browser: Inappropriate
implementation in Network
https://bugzilla.redhat.com/show_bug.cgi?id=1950444
[ 18 ] Bug #1950445 - CVE-2021-21211 chromium-browser: Inappropriate
implementation in Navigation
https://bugzilla.redhat.com/show_bug.cgi?id=1950445
[ 19 ] Bug #1950446 - CVE-2021-21212 chromium-browser: Incorrect security UI
in Network Config UI
https://bugzilla.redhat.com/show_bug.cgi?id=1950446
[ 20 ] Bug #1950447 - CVE-2021-21213 chromium-browser: Use after free in
WebMIDI
https://bugzilla.redhat.com/show_bug.cgi?id=1950447
[ 21 ] Bug #1950448 - CVE-2021-21214 chromium-browser: Use after free in
Network API
https://bugzilla.redhat.com/show_bug.cgi?id=1950448
[ 22 ] Bug #1950449 - CVE-2021-21215 chromium-browser: Inappropriate
implementation in Autofill
https://bugzilla.redhat.com/show_bug.cgi?id=1950449
[ 23 ] Bug #1950450 - CVE-2021-21216 chromium-browser: Inappropriate
implementation in Autofill
https://bugzilla.redhat.com/show_bug.cgi?id=1950450
[ 24 ] Bug #1950451 - CVE-2021-21217 chromium-browser: Uninitialized Use in
PDFium
https://bugzilla.redhat.com/show_bug.cgi?id=1950451
[ 25 ] Bug #1950452 - CVE-2021-21218 chromium-browser: Uninitialized Use in
PDFium
https://bugzilla.redhat.com/show_bug.cgi?id=1950452
[ 26 ] Bug #1950453 - CVE-2021-21219 chromium-browser: Uninitialized Use in
PDFium
https://bugzilla.redhat.com/show_bug.cgi?id=1950453
[ 27 ] Bug #1950454 - CVE-2021-21205 chromium-browser: Insufficient policy
enforcement in navigation
https://bugzilla.redhat.com/show_bug.cgi?id=1950454
[ 28 ] Bug #1951741 - CVE-2021-21222 chromium-browser: Heap buffer overflow
in V8
https://bugzilla.redhat.com/show_bug.cgi?id=1951741
[ 29 ] Bug #1951742 - CVE-2021-21223 chromium-browser: Integer overflow in
Mojo
https://bugzilla.redhat.com/show_bug.cgi?id=1951742
[ 30 ] Bug #1951743 - CVE-2021-21224 chromium-browser: Type Confusion in V8
https://bugzilla.redhat.com/show_bug.cgi?id=1951743
[ 31 ] Bug #1951744 - CVE-2021-21225 chromium-browser: Out of bounds memory
access in V8
https://bugzilla.redhat.com/show_bug.cgi?id=1951744
[ 32 ] Bug #1951745 - CVE-2021-21226 chromium-browser: Use after free in
navigation
https://bugzilla.redhat.com/show_bug.cgi?id=1951745
[ 33 ] Bug #1954051 - CVE-2021-21227 chromium-browser: Insufficient data
validation in V8
https://bugzilla.redhat.com/show_bug.cgi?id=1954051
[ 34 ] Bug #1954052 - CVE-2021-21232 chromium-browser: Use after free in Dev
Tools
https://bugzilla.redhat.com/show_bug.cgi?id=1954052
[ 35 ] Bug #1954053 - CVE-2021-21233 chromium-browser: Heap buffer overflow
in ANGLE
https://bugzilla.redhat.com/show_bug.cgi?id=1954053
[ 36 ] Bug #1954054 - CVE-2021-21228 chromium-browser: Insufficient policy
enforcement in extensions
https://bugzilla.redhat.com/show_bug.cgi?id=1954054
[ 37 ] Bug #1954055 - CVE-2021-21229 chromium-browser: Incorrect security UI
in downloads
https://bugzilla.redhat.com/show_bug.cgi?id=1954055
[ 38 ] Bug #1954056 - CVE-2021-21230 chromium-browser: Type Confusion in V8
https://bugzilla.redhat.com/show_bug.cgi?id=1954056
[ 39 ] Bug #1954058 - CVE-2021-21231 chromium-browser: Insufficient data
validation in V8
https://bugzilla.redhat.com/show_bug.cgi?id=1954058
-------------------------------------------------------------------------------
-

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2021-35d2bb4627' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung