------------------------------------------------------------------------------- - Fedora Update Notification FEDORA-2017-7d698eba8b 2017-06-02 17:35:03.195487 ------------------------------------------------------------------------------- -
Name : chromium-native_client Product : Fedora 24 Version : 58.0.3029.81 Release : 1.20170421gitc948e9b.fc24 URL : http://src.chromium.org/viewvc/native_client/ Summary : Google Native Client Toolchain Description : Google's "pnacl" toolchain for native client support in Chromium. Depends on their older "nacl" toolchain, packaged separately.
------------------------------------------------------------------------------- - Update Information:
Update to chromium 58. Move chrome-remote-desktop to user systemd service. Security fixes for CVE-2017-5068, CVE-2017-5057, CVE-2017-5058, CVE-2017-5059, CVE-2017-5060, CVE-2017-5061, CVE-2017-5062, CVE-2017-5063, CVE-2017-5064, CVE-2017-5065, CVE-2017-5066, CVE-2017-5067, CVE-2017-5069 ---- Security fix for CVE-2017-5055, CVE-2017-5054, CVE-2017-5052, CVE-2017-5056, CVE-2017-5053 ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1443850 - CVE-2017-5069 chromium-browser: cross-origin bypass in blink https://bugzilla.redhat.com/show_bug.cgi?id=1443850 [ 2 ] Bug #1443849 - CVE-2017-5067 chromium-browser: url spoofing in omnibox https://bugzilla.redhat.com/show_bug.cgi?id=1443849 [ 3 ] Bug #1443848 - CVE-2017-5066 chromium-browser: incorrect signature handing in networking https://bugzilla.redhat.com/show_bug.cgi?id=1443848 [ 4 ] Bug #1443847 - CVE-2017-5065 chromium-browser: incorrect ui in blink https://bugzilla.redhat.com/show_bug.cgi?id=1443847 [ 5 ] Bug #1443845 - CVE-2017-5064 chromium-browser: use after free in blink https://bugzilla.redhat.com/show_bug.cgi?id=1443845 [ 6 ] Bug #1443841 - CVE-2017-5063 chromium-browser: heap overflow in skia https://bugzilla.redhat.com/show_bug.cgi?id=1443841 [ 7 ] Bug #1443840 - CVE-2017-5062 chromium-browser: use after free in chrome apps https://bugzilla.redhat.com/show_bug.cgi?id=1443840 [ 8 ] Bug #1443839 - CVE-2017-5061 chromium-browser: url spoofing in omnibox https://bugzilla.redhat.com/show_bug.cgi?id=1443839 [ 9 ] Bug #1443838 - CVE-2017-5060 chromium-browser: url spoofing in omnibox https://bugzilla.redhat.com/show_bug.cgi?id=1443838 [ 10 ] Bug #1443837 - CVE-2017-5059 chromium-browser: type confusion in blink https://bugzilla.redhat.com/show_bug.cgi?id=1443837 [ 11 ] Bug #1443836 - CVE-2017-5058 chromium-browser: heap use after free in print preview https://bugzilla.redhat.com/show_bug.cgi?id=1443836 [ 12 ] Bug #1443835 - CVE-2017-5057 chromium-browser: type confusion in pdfium https://bugzilla.redhat.com/show_bug.cgi?id=1443835 [ 13 ] Bug #1448031 - CVE-2017-5068 chromium-browser: race condition in webrtc https://bugzilla.redhat.com/show_bug.cgi?id=1448031 [ 14 ] Bug #1437353 - CVE-2017-5053 chromium-browser: out of bounds memory access in v8 https://bugzilla.redhat.com/show_bug.cgi?id=1437353 [ 15 ] Bug #1437352 - CVE-2017-5056 chromium-browser: use after free in blink https://bugzilla.redhat.com/show_bug.cgi?id=1437352 [ 16 ] Bug #1437351 - CVE-2017-5052 chromium-browser: bad cast in blink https://bugzilla.redhat.com/show_bug.cgi?id=1437351 [ 17 ] Bug #1437350 - CVE-2017-5054 chromium-browser: heap buffer overflow in v8 https://bugzilla.redhat.com/show_bug.cgi?id=1437350 [ 18 ] Bug #1437348 - CVE-2017-5055 chromium-browser: use after free in printing https://bugzilla.redhat.com/show_bug.cgi?id=1437348 ------------------------------------------------------------------------------- -
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade chromium-native_client' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
|