Login
Newsletter
Werbung

Sicherheit: Mehrere Probleme in chromium
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in chromium
ID: FEDORA-2021-6a292e2cf4
Distribution: Fedora
Plattformen: Fedora 34
Datum: Fr, 7. Januar 2022, 07:44
Referenzen: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38004
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4101
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4061
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4056
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38007
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38003
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4099
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37998
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4067
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38012
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4062
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38002
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4068
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38010
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4078
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38021
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37999
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38001
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38015
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4079
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38019
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38022
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4054
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4058
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37997
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4098
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4053
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4100
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38009
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4063
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4059
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38020
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38017
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38014
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38005
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4052
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38013
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38006
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38018
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4055
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38011
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4102
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4057
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4066
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4064
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38000
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4065
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38008
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38016
Applikationen: Chromium

Originalnachricht

-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2021-6a292e2cf4
2022-01-07 01:10:27.075061
-------------------------------------------------------------------------------
-

Name : chromium
Product : Fedora 34
Version : 96.0.4664.110
Release : 3.fc34
URL : http://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser that Google doesn't want
you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).

-------------------------------------------------------------------------------
-
Update Information:

Add wayland detection and pass flags to improve experience when wayland is
used.
---- Update to 96.0.4664.110. You know the drill, lots of security bugs fixed,
update if you like security, hit that like and subscribe button. CVE-2021-4052
CVE-2021-4053 CVE-2021-4054 CVE-2021-4055 CVE-2021-4056 CVE-2021-4057
CVE-2021-4058 CVE-2021-4059 CVE-2021-4061 CVE-2021-4062 CVE-2021-4063
CVE-2021-4064 CVE-2021-4065 CVE-2021-4066 CVE-2021-4067 CVE-2021-4068
CVE-2021-4079 CVE-2021-4078 CVE-2021-4098 CVE-2021-4099 CVE-2021-4100
CVE-2021-4101 CVE-2021-4102 CVE-2021-37997 CVE-2021-37998 CVE-2021-37999
CVE-2021-38000 CVE-2021-38001 CVE-2021-38002 CVE-2021-38003 CVE-2021-38004
CVE-2021-38008 CVE-2021-38009 CVE-2021-38006 CVE-2021-38007 CVE-2021-38005
CVE-2021-38010 CVE-2021-38011 CVE-2021-38012 CVE-2021-38013 CVE-2021-38014
CVE-2021-38015 CVE-2021-38016 CVE-2021-38017 CVE-2021-38018 CVE-2021-38019
CVE-2021-38020 CVE-2021-38021 CVE-2021-38022
-------------------------------------------------------------------------------
-
ChangeLog:

* Mon Dec 27 2021 Tom Callaway <spot@fedoraproject.org> - 96.0.4664.110-3
- have chromium-browser.sh check for wayland env vars and if found, set ozone
flags appropriately
Thanks to Neal Gompa for the nudge
* Mon Dec 20 2021 Tom Callaway <spot@fedoraproject.org> - 96.0.4664.110-2
- enable WebRTCPipeWireCapturer by default
* Thu Dec 16 2021 Tom Callaway <spot@fedoraproject.org> - 96.0.4664.110-1
- update to 96.0.4664.110
* Fri Nov 19 2021 Tom Callaway <spot@fedoraproject.org> - 96.0.4664.45-1
- update to 96.0.4664.45
* Fri Nov 12 2021 Tom Callaway <spot@fedoraproject.org> - 95.0.4638.69-1
- update to 95.0.4638.69
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #2018561 - CVE-2021-37997 chromium-browser: Use after free in
Sign-In
https://bugzilla.redhat.com/show_bug.cgi?id=2018561
[ 2 ] Bug #2018562 - CVE-2021-37998 chromium-browser: Use after free in
Garbage Collection
https://bugzilla.redhat.com/show_bug.cgi?id=2018562
[ 3 ] Bug #2018563 - CVE-2021-37999 chromium-browser: Insufficient data
validation in New Tab Page
https://bugzilla.redhat.com/show_bug.cgi?id=2018563
[ 4 ] Bug #2018564 - CVE-2021-38000 chromium-browser: Insufficient validation
of untrusted input in Intents
https://bugzilla.redhat.com/show_bug.cgi?id=2018564
[ 5 ] Bug #2018565 - CVE-2021-38001 chromium-browser: Type Confusion in V8
https://bugzilla.redhat.com/show_bug.cgi?id=2018565
[ 6 ] Bug #2018566 - CVE-2021-38002 chromium-browser: Use after free in Web
Transport
https://bugzilla.redhat.com/show_bug.cgi?id=2018566
[ 7 ] Bug #2018567 - CVE-2021-38003 chromium-browser: Inappropriate
implementation in V8
https://bugzilla.redhat.com/show_bug.cgi?id=2018567
[ 8 ] Bug #2024272 - CVE-2021-38008 chromium-browser: Use after free in media
https://bugzilla.redhat.com/show_bug.cgi?id=2024272
[ 9 ] Bug #2024273 - CVE-2021-38009 chromium-browser: Inappropriate
implementation in cache
https://bugzilla.redhat.com/show_bug.cgi?id=2024273
[ 10 ] Bug #2024274 - CVE-2021-38006 chromium-browser: Use after free in
storage foundation
https://bugzilla.redhat.com/show_bug.cgi?id=2024274
[ 11 ] Bug #2024275 - CVE-2021-38007 chromium-browser: Type Confusion in V8
https://bugzilla.redhat.com/show_bug.cgi?id=2024275
[ 12 ] Bug #2024276 - CVE-2021-38005 chromium-browser: Use after free in
loader
https://bugzilla.redhat.com/show_bug.cgi?id=2024276
[ 13 ] Bug #2024277 - CVE-2021-38010 chromium-browser: Inappropriate
implementation in service workers
https://bugzilla.redhat.com/show_bug.cgi?id=2024277
[ 14 ] Bug #2024278 - CVE-2021-38011 chromium-browser: Use after free in
storage foundation
https://bugzilla.redhat.com/show_bug.cgi?id=2024278
[ 15 ] Bug #2024279 - CVE-2021-38012 chromium-browser: Type Confusion in V8
https://bugzilla.redhat.com/show_bug.cgi?id=2024279
[ 16 ] Bug #2024280 - CVE-2021-38013 chromium-browser: Heap buffer overflow
in fingerprint recognition
https://bugzilla.redhat.com/show_bug.cgi?id=2024280
[ 17 ] Bug #2024281 - CVE-2021-38014 chromium-browser: Out of bounds write in
Swiftshader
https://bugzilla.redhat.com/show_bug.cgi?id=2024281
[ 18 ] Bug #2024282 - CVE-2021-38015 chromium-browser: Inappropriate
implementation in input
https://bugzilla.redhat.com/show_bug.cgi?id=2024282
[ 19 ] Bug #2024283 - CVE-2021-38016 chromium-browser: Insufficient policy
enforcement in background fetch
https://bugzilla.redhat.com/show_bug.cgi?id=2024283
[ 20 ] Bug #2024284 - CVE-2021-38017 chromium-browser: Insufficient policy
enforcement in iframe sandbox
https://bugzilla.redhat.com/show_bug.cgi?id=2024284
[ 21 ] Bug #2024285 - CVE-2021-38018 chromium-browser: Inappropriate
implementation in navigation
https://bugzilla.redhat.com/show_bug.cgi?id=2024285
[ 22 ] Bug #2024286 - CVE-2021-38019 chromium-browser: Insufficient policy
enforcement in CORS
https://bugzilla.redhat.com/show_bug.cgi?id=2024286
[ 23 ] Bug #2024287 - CVE-2021-38020 chromium-browser: Insufficient policy
enforcement in contacts picker
https://bugzilla.redhat.com/show_bug.cgi?id=2024287
[ 24 ] Bug #2024288 - CVE-2021-38021 chromium-browser: Inappropriate
implementation in referrer
https://bugzilla.redhat.com/show_bug.cgi?id=2024288
[ 25 ] Bug #2024289 - CVE-2021-38022 chromium-browser: Inappropriate
implementation in WebAuthentication
https://bugzilla.redhat.com/show_bug.cgi?id=2024289
[ 26 ] Bug #2029881 - CVE-2021-4052 chromium-browser: Use after free in web
apps
https://bugzilla.redhat.com/show_bug.cgi?id=2029881
[ 27 ] Bug #2029882 - CVE-2021-4053 chromium-browser: Use after free in UI
https://bugzilla.redhat.com/show_bug.cgi?id=2029882
[ 28 ] Bug #2029883 - CVE-2021-4054 chromium-browser: Incorrect security UI
in autofill
https://bugzilla.redhat.com/show_bug.cgi?id=2029883
[ 29 ] Bug #2029884 - CVE-2021-4055 chromium-browser: Heap buffer overflow in
extensions
https://bugzilla.redhat.com/show_bug.cgi?id=2029884
[ 30 ] Bug #2029885 - CVE-2021-4056 chromium-browser: Type Confusion in
loader
https://bugzilla.redhat.com/show_bug.cgi?id=2029885
[ 31 ] Bug #2029886 - CVE-2021-4057 chromium-browser: Use after free in file
API
https://bugzilla.redhat.com/show_bug.cgi?id=2029886
[ 32 ] Bug #2029887 - CVE-2021-4058 chromium-browser: Heap buffer overflow in
ANGLE
https://bugzilla.redhat.com/show_bug.cgi?id=2029887
[ 33 ] Bug #2029888 - CVE-2021-4059 chromium-browser: Insufficient data
validation in loader
https://bugzilla.redhat.com/show_bug.cgi?id=2029888
[ 34 ] Bug #2029889 - CVE-2021-4061 chromium-browser: Type Confusion in V8
https://bugzilla.redhat.com/show_bug.cgi?id=2029889
[ 35 ] Bug #2029890 - CVE-2021-4062 chromium-browser: Heap buffer overflow in
BFCache
https://bugzilla.redhat.com/show_bug.cgi?id=2029890
[ 36 ] Bug #2029892 - CVE-2021-4063 chromium-browser: Use after free in
developer tools
https://bugzilla.redhat.com/show_bug.cgi?id=2029892
[ 37 ] Bug #2029893 - CVE-2021-4064 chromium-browser: Use after free in
screen capture
https://bugzilla.redhat.com/show_bug.cgi?id=2029893
[ 38 ] Bug #2029894 - CVE-2021-4065 chromium-browser: Use after free in
autofill
https://bugzilla.redhat.com/show_bug.cgi?id=2029894
[ 39 ] Bug #2029895 - CVE-2021-4066 chromium-browser: Integer underflow in
ANGLE
https://bugzilla.redhat.com/show_bug.cgi?id=2029895
[ 40 ] Bug #2029896 - CVE-2021-4067 chromium-browser: Use after free in
window manager
https://bugzilla.redhat.com/show_bug.cgi?id=2029896
[ 41 ] Bug #2029897 - CVE-2021-4068 chromium-browser: Insufficient validation
of untrusted input in new tab page
https://bugzilla.redhat.com/show_bug.cgi?id=2029897
[ 42 ] Bug #2032168 - CVE-2021-4098 chromium-browser: Insufficient data
validation in Mojo
https://bugzilla.redhat.com/show_bug.cgi?id=2032168
[ 43 ] Bug #2032169 - CVE-2021-4099 chromium-browser: Use after free in
Swiftshader
https://bugzilla.redhat.com/show_bug.cgi?id=2032169
[ 44 ] Bug #2032170 - CVE-2021-4100 chromium-browser: Object lifecycle issue
in ANGLE
https://bugzilla.redhat.com/show_bug.cgi?id=2032170
[ 45 ] Bug #2032171 - CVE-2021-4101 chromium-browser: Heap buffer overflow in
Swiftshader
https://bugzilla.redhat.com/show_bug.cgi?id=2032171
[ 46 ] Bug #2032172 - CVE-2021-4102 chromium-browser: Use after free in V8
https://bugzilla.redhat.com/show_bug.cgi?id=2032172
-------------------------------------------------------------------------------
-

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2021-6a292e2cf4' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung