SECURITY: Fedora 35 Update: chromium-100.0.4896.127-1.fc35
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-0f14e2308e
2022-05-03 14:53:57.223436
--------------------------------------------------------------------------------
Name : chromium
Product : Fedora 35
Version : 100.0.4896.127
Release : 1.fc35
URL : http://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).
--------------------------------------------------------------------------------
Update Information:
100 Chromium releases! Of course, at the rate they release now, we'll probably
be at 150 before the end of the year. Anyway, here's the update. Fixes:
CVE-2022-1232 CVE-2022-1305 CVE-2022-1306 CVE-2022-1307 CVE-2022-1308
CVE-2022-1309 CVE-2022-1310 CVE-2022-1311 CVE-2022-1312 CVE-2022-1313
CVE-2022-1314 CVE-2022-1364
--------------------------------------------------------------------------------
ChangeLog:
* Thu Apr 21 2022 Tom Callaway - 100.0.4896.127-1
- update to 100.0.4896.127
* Tue Apr 5 2022 Tom Callaway - 100.0.4896.75-1
- update to 100.0.4896.75
* Sat Apr 2 2022 Tom Callaway - 100.0.4896.60-1
- update to 100.0.4896.60
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2071876 - CVE-2022-1232 chromium-browser: Type Confusion in V8
https://bugzilla.redhat.com/show_bug.cgi?id=2071876
[ 2 ] Bug #2074371 - CVE-2022-1305 chromium-browser: Use after free in storage
https://bugzilla.redhat.com/show_bug.cgi?id=2074371
[ 3 ] Bug #2074372 - CVE-2022-1306 chromium-browser: Inappropriate implementation in compositing
https://bugzilla.redhat.com/show_bug.cgi?id=2074372
[ 4 ] Bug #2074373 - CVE-2022-1307 chromium-browser: Inappropriate implementation in full screen
https://bugzilla.redhat.com/show_bug.cgi?id=2074373
[ 5 ] Bug #2074374 - CVE-2022-1308 chromium-browser: Use after free in BFCache
https://bugzilla.redhat.com/show_bug.cgi?id=2074374
[ 6 ] Bug #2074375 - CVE-2022-1309 chromium-browser: Insufficient policy enforcement in developer tools
https://bugzilla.redhat.com/show_bug.cgi?id=2074375
[ 7 ] Bug #2074376 - CVE-2022-1310 chromium-browser: Use after free in regular expressions
https://bugzilla.redhat.com/show_bug.cgi?id=2074376
[ 8 ] Bug #2074377 - CVE-2022-1311 chromium-browser: Use after free in Chrome OS shell
https://bugzilla.redhat.com/show_bug.cgi?id=2074377
[ 9 ] Bug #2074378 - CVE-2022-1312 chromium-browser: Use after free in storage
https://bugzilla.redhat.com/show_bug.cgi?id=2074378
[ 10 ] Bug #2074379 - CVE-2022-1313 chromium-browser: Use after free in tab groups
https://bugzilla.redhat.com/show_bug.cgi?id=2074379
[ 11 ] Bug #2074380 - CVE-2022-1314 chromium-browser: Type Confusion in V8
https://bugzilla.redhat.com/show_bug.cgi?id=2074380
[ 12 ] Bug #2076274 - CVE-2022-1364 Chromium-browser: Type Confusion in V8.
https://bugzilla.redhat.com/show_bug.cgi?id=2076274
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-0f14e2308e' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
A chromium security update has been released for Fedora 35.