Login
Newsletter
Werbung
Sicherheit: Mehrere Probleme in chromium
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in chromium
ID: FEDORA-2022-57923346cf
Distribution: Fedora
Plattformen: Fedora 36
Datum: Sa, 26. März 2022, 22:48
Referenzen: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0792
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0106
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22570
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0117
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0111
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0791
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0797
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0101
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0099
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0803
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0806
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0801
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0800
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0105
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0118
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0102
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0798
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0109
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0112
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0807
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0802
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0096
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0097
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0110
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0795
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0103
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0113
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0107
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0098
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0100
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0793
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0120
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0116
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0104
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0796
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0114
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0115
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0808
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0108
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0794
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0804
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0805
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0790
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0809
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0799
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0789
Applikationen: Chromium

Originalnachricht

 
-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2022-57923346cf
2022-03-26 14:56:28.655527
-------------------------------------------------------------------------------
-

Name        : chromium
Product     : Fedora 36
Version     : 99.0.4844.51
Release     : 1.fc36
URL         : http://www.chromium.org/Home
Summary     : A WebKit (Blink) powered web browser that Google doesn't want
 you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).

-------------------------------------------------------------------------------
-
Update Information:

Update Chromium to 99.0.4844.51. Fixes, well, a LOT of security bugs. Sorry
about that.  CVE-2021-22570 CVE-2022-0096 CVE-2022-0097 CVE-2022-0098
CVE-2022-0099 CVE-2022-0100 CVE-2022-0101 CVE-2022-0102 CVE-2022-0103
CVE-2022-0104 CVE-2022-0105 CVE-2022-0106 CVE-2022-0107 CVE-2022-0108
CVE-2022-0109 CVE-2022-0110 CVE-2022-0111 CVE-2022-0112 CVE-2022-0113
CVE-2022-0114 CVE-2022-0115 CVE-2022-0116 CVE-2022-0117 CVE-2022-0118
CVE-2022-0120 CVE-2022-0789 CVE-2022-0790 CVE-2022-0791 CVE-2022-0792
CVE-2022-0793 CVE-2022-0794 CVE-2022-0795 CVE-2022-0796 CVE-2022-0797
CVE-2022-0798 CVE-2022-0799 CVE-2022-0800 CVE-2022-0801 CVE-2022-0802
CVE-2022-0803 CVE-2022-0804 CVE-2022-0805 CVE-2022-0806 CVE-2022-0807
CVE-2022-0808 CVE-2022-0809
-------------------------------------------------------------------------------
-
ChangeLog:

* Sat Mar  5 2022 Tom Callaway <spot@fedoraproject.org> - 99.0.4844.5-1
- update to 99.0.4844.5
* Fri Feb 25 2022 Tom Callaway <spot@fedoraproject.org> - 98.0.4758.102-1
- update to 98.0.4758.102
- fix build issue with subzero and gcc12
* Tue Feb  8 2022 Tom Callaway <spot@fedoraproject.org> - 98.0.4758.80-1
- update to 98.0.4758.80
* Sat Feb  5 2022 Jiri Vanek <jvanek@redhat.com> - 96.0.4664.110-9
- Rebuilt for java-17-openjdk as system jdk
* Wed Jan 19 2022 Fedora Release Engineering <releng@fedoraproject.org> -
 96.0.4664.110-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
-------------------------------------------------------------------------------
-
References:

  [ 1 ] Bug #2037457 - CVE-2022-0096 chromium-browser: Use after free in
 Storage
        https://bugzilla.redhat.com/show_bug.cgi?id=2037457
  [ 2 ] Bug #2037458 - CVE-2022-0097 chromium-browser: Inappropriate
 implementation in DevTools
        https://bugzilla.redhat.com/show_bug.cgi?id=2037458
  [ 3 ] Bug #2037459 - CVE-2022-0098 chromium-browser: Use after free in Screen
 Capture
        https://bugzilla.redhat.com/show_bug.cgi?id=2037459
  [ 4 ] Bug #2037460 - CVE-2022-0099 chromium-browser: Use after free in
 Sign-in
        https://bugzilla.redhat.com/show_bug.cgi?id=2037460
  [ 5 ] Bug #2037461 - CVE-2022-0100 chromium-browser: Heap buffer overflow in
 Media streams API
        https://bugzilla.redhat.com/show_bug.cgi?id=2037461
  [ 6 ] Bug #2037462 - CVE-2022-0101 chromium-browser: Heap buffer overflow in
 Bookmarks
        https://bugzilla.redhat.com/show_bug.cgi?id=2037462
  [ 7 ] Bug #2037463 - CVE-2022-0102 chromium-browser: Type Confusion in V8
        https://bugzilla.redhat.com/show_bug.cgi?id=2037463
  [ 8 ] Bug #2037464 - CVE-2022-0103 chromium-browser: Use after free in
 SwiftShader
        https://bugzilla.redhat.com/show_bug.cgi?id=2037464
  [ 9 ] Bug #2037465 - CVE-2022-0104 chromium-browser: Heap buffer overflow in
 ANGLE
        https://bugzilla.redhat.com/show_bug.cgi?id=2037465
  [ 10 ] Bug #2037466 - CVE-2022-0105 chromium-browser: Use after free in PDF
        https://bugzilla.redhat.com/show_bug.cgi?id=2037466
  [ 11 ] Bug #2037467 - CVE-2022-0106 chromium-browser: Use after free in
 Autofill
        https://bugzilla.redhat.com/show_bug.cgi?id=2037467
  [ 12 ] Bug #2037468 - CVE-2022-0107 chromium-browser: Use after free in File
 Manager API
        https://bugzilla.redhat.com/show_bug.cgi?id=2037468
  [ 13 ] Bug #2037469 - CVE-2022-0108 chromium-browser: Inappropriate
 implementation in Navigation
        https://bugzilla.redhat.com/show_bug.cgi?id=2037469
  [ 14 ] Bug #2037470 - CVE-2022-0109 chromium-browser: Inappropriate
 implementation in Autofill
        https://bugzilla.redhat.com/show_bug.cgi?id=2037470
  [ 15 ] Bug #2037471 - CVE-2022-0110 chromium-browser: Incorrect security UI
 in Autofill
        https://bugzilla.redhat.com/show_bug.cgi?id=2037471
  [ 16 ] Bug #2037472 - CVE-2022-0111 chromium-browser: Inappropriate
 implementation in Navigation
        https://bugzilla.redhat.com/show_bug.cgi?id=2037472
  [ 17 ] Bug #2037473 - CVE-2022-0112 chromium-browser: Incorrect security UI
 in Browser UI
        https://bugzilla.redhat.com/show_bug.cgi?id=2037473
  [ 18 ] Bug #2037474 - CVE-2022-0113 chromium-browser: Inappropriate
 implementation in Blink
        https://bugzilla.redhat.com/show_bug.cgi?id=2037474
  [ 19 ] Bug #2037475 - CVE-2022-0114 chromium-browser: Out of bounds memory
 access in Web Serial
        https://bugzilla.redhat.com/show_bug.cgi?id=2037475
  [ 20 ] Bug #2037476 - CVE-2022-0115 chromium-browser: Uninitialized Use in
 File API
        https://bugzilla.redhat.com/show_bug.cgi?id=2037476
  [ 21 ] Bug #2037477 - CVE-2022-0116 chromium-browser: Inappropriate
 implementation in Compositing
        https://bugzilla.redhat.com/show_bug.cgi?id=2037477
  [ 22 ] Bug #2037478 - CVE-2022-0117 chromium-browser: Policy bypass in
 Service Workers
        https://bugzilla.redhat.com/show_bug.cgi?id=2037478
  [ 23 ] Bug #2037479 - CVE-2022-0118 chromium-browser: Inappropriate
 implementation in WebShare
        https://bugzilla.redhat.com/show_bug.cgi?id=2037479
  [ 24 ] Bug #2037480 - CVE-2022-0120 chromium-browser: Inappropriate
 implementation in Passwords
        https://bugzilla.redhat.com/show_bug.cgi?id=2037480
  [ 25 ] Bug #2049429 - CVE-2021-22570 protobuf: Incorrect parsing of nullchar
 in the proto symbol  leads to  Nullptr dereference
        https://bugzilla.redhat.com/show_bug.cgi?id=2049429
  [ 26 ] Bug #2059898 - CVE-2022-0789 chromium-browser: Heap buffer overflow in
 ANGLE
        https://bugzilla.redhat.com/show_bug.cgi?id=2059898
  [ 27 ] Bug #2059900 - CVE-2022-0791 chromium-browser: Use after free in
 Omnibox
        https://bugzilla.redhat.com/show_bug.cgi?id=2059900
  [ 28 ] Bug #2059901 - CVE-2022-0792 chromium-browser: Out of bounds read in
 ANGLE
        https://bugzilla.redhat.com/show_bug.cgi?id=2059901
  [ 29 ] Bug #2059902 - CVE-2022-0793 chromium-browser: Use after free in Views
        https://bugzilla.redhat.com/show_bug.cgi?id=2059902
  [ 30 ] Bug #2059905 - CVE-2022-0796 chromium-browser: Use after free in Media
        https://bugzilla.redhat.com/show_bug.cgi?id=2059905
  [ 31 ] Bug #2059910 - CVE-2022-0801 chromium-browser: Inappropriate
 implementation in HTML parser
        https://bugzilla.redhat.com/show_bug.cgi?id=2059910
  [ 32 ] Bug #2059911 - CVE-2022-0802 chromium-browser: Inappropriate
 implementation in Full screen mode
        https://bugzilla.redhat.com/show_bug.cgi?id=2059911
  [ 33 ] Bug #2059912 - CVE-2022-0803 chromium-browser: Inappropriate
 implementation in Permissions
        https://bugzilla.redhat.com/show_bug.cgi?id=2059912
  [ 34 ] Bug #2059913 - CVE-2022-0804 chromium-browser: Inappropriate
 implementation in Full screen mode
        https://bugzilla.redhat.com/show_bug.cgi?id=2059913
  [ 35 ] Bug #2059914 - CVE-2022-0805 chromium-browser: Use after free in
 Browser Switcher
        https://bugzilla.redhat.com/show_bug.cgi?id=2059914
  [ 36 ] Bug #2059915 - CVE-2022-0806 chromium-browser: Data leak in Canvas
        https://bugzilla.redhat.com/show_bug.cgi?id=2059915
  [ 37 ] Bug #2059916 - CVE-2022-0807 chromium-browser: Inappropriate
 implementation in Autofill
        https://bugzilla.redhat.com/show_bug.cgi?id=2059916
-------------------------------------------------------------------------------
-

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-57923346cf' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung