SECURITY: Fedora 36 Update: chromium-102.0.5005.115-1.fc36
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-7416607232
2022-06-30 01:17:00.409692
--------------------------------------------------------------------------------
Name : chromium
Product : Fedora 36
Version : 102.0.5005.115
Release : 1.fc36
URL : http://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).
--------------------------------------------------------------------------------
Update Information:
Update to 102.0.5005.115. Fixes: CVE-2022-1633 CVE-2022-1634 CVE-2022-1635
CVE-2022-1636 CVE-2022-1637 CVE-2022-1638 CVE-2022-1639 CVE-2022-1640
CVE-2022-1641 CVE-2022-1853 CVE-2022-1854 CVE-2022-1855 CVE-2022-1856
CVE-2022-1857 CVE-2022-1858 CVE-2022-1859 CVE-2022-1860 CVE-2022-1861
CVE-2022-1862 CVE-2022-1863 CVE-2022-1864 CVE-2022-1865 CVE-2022-1866
CVE-2022-1867 CVE-2022-1868 CVE-2022-1869 CVE-2022-1870 CVE-2022-1871
CVE-2022-1872 CVE-2022-1873 CVE-2022-1874 CVE-2022-1875 CVE-2022-1876
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jun 10 2022 Tom Callaway - 102.0.5005.115-1
- update to 102.0.5005.115
* Fri Jun 3 2022 Tom Callaway - 102.0.5005.61-1
- update to 102.0.5005.61
* Wed Apr 27 2022 Tom Callaway - 101.0.4951.41-1
- update to 101.0.4951.41
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2084016 - CVE-2022-1633 chromium-browser: Use after free in Sharesheet
https://bugzilla.redhat.com/show_bug.cgi?id=2084016
[ 2 ] Bug #2084017 - CVE-2022-1634 chromium-browser: Use after free in Browser UI
https://bugzilla.redhat.com/show_bug.cgi?id=2084017
[ 3 ] Bug #2084018 - CVE-2022-1635 chromium-browser: Use after free in Permission Prompts
https://bugzilla.redhat.com/show_bug.cgi?id=2084018
[ 4 ] Bug #2084019 - CVE-2022-1636 chromium-browser: Use after free in Performance APIs
https://bugzilla.redhat.com/show_bug.cgi?id=2084019
[ 5 ] Bug #2084020 - CVE-2022-1637 chromium-browser: Inappropriate implementation in Web Contents
https://bugzilla.redhat.com/show_bug.cgi?id=2084020
[ 6 ] Bug #2084021 - CVE-2022-1638 chromium-browser: Heap buffer overflow in V8 Internationalization
https://bugzilla.redhat.com/show_bug.cgi?id=2084021
[ 7 ] Bug #2084022 - CVE-2022-1639 chromium-browser: Use after free in ANGLE
https://bugzilla.redhat.com/show_bug.cgi?id=2084022
[ 8 ] Bug #2084023 - CVE-2022-1640 chromium-browser: Use after free in Sharing
https://bugzilla.redhat.com/show_bug.cgi?id=2084023
[ 9 ] Bug #2084024 - CVE-2022-1641 chromium-browser: Use after free in Web UI Diagnostics
https://bugzilla.redhat.com/show_bug.cgi?id=2084024
[ 10 ] Bug #2090284 - CVE-2022-1853 chromium-browser: Use after free in Indexed DB
https://bugzilla.redhat.com/show_bug.cgi?id=2090284
[ 11 ] Bug #2090285 - CVE-2022-1854 chromium-browser: Use after free in ANGLE
https://bugzilla.redhat.com/show_bug.cgi?id=2090285
[ 12 ] Bug #2090286 - CVE-2022-1855 chromium-browser: Use after free in Messaging
https://bugzilla.redhat.com/show_bug.cgi?id=2090286
[ 13 ] Bug #2090287 - CVE-2022-1856 chromium-browser: Use after free in User Education
https://bugzilla.redhat.com/show_bug.cgi?id=2090287
[ 14 ] Bug #2090288 - CVE-2022-1857 chromium-browser: Insufficient policy enforcement in File System API
https://bugzilla.redhat.com/show_bug.cgi?id=2090288
[ 15 ] Bug #2090289 - CVE-2022-1858 chromium-browser: Out of bounds read in DevTools
https://bugzilla.redhat.com/show_bug.cgi?id=2090289
[ 16 ] Bug #2090290 - CVE-2022-1859 chromium-browser: Use after free in Performance Manager
https://bugzilla.redhat.com/show_bug.cgi?id=2090290
[ 17 ] Bug #2090291 - CVE-2022-1860 chromium-browser: Use after free in UI Foundations
https://bugzilla.redhat.com/show_bug.cgi?id=2090291
[ 18 ] Bug #2090292 - CVE-2022-1861 chromium-browser: Use after free in Sharing
https://bugzilla.redhat.com/show_bug.cgi?id=2090292
[ 19 ] Bug #2090293 - CVE-2022-1862 chromium-browser: Inappropriate implementation in Extensions
https://bugzilla.redhat.com/show_bug.cgi?id=2090293
[ 20 ] Bug #2090294 - CVE-2022-1863 chromium-browser: Use after free in Tab Groups
https://bugzilla.redhat.com/show_bug.cgi?id=2090294
[ 21 ] Bug #2090295 - CVE-2022-1864 chromium-browser: Use after free in WebApp Installs
https://bugzilla.redhat.com/show_bug.cgi?id=2090295
[ 22 ] Bug #2090296 - CVE-2022-1865 chromium-browser: Use after free in Bookmarks
https://bugzilla.redhat.com/show_bug.cgi?id=2090296
[ 23 ] Bug #2090297 - CVE-2022-1866 chromium-browser: Use after free in Tablet Mode
https://bugzilla.redhat.com/show_bug.cgi?id=2090297
[ 24 ] Bug #2090298 - CVE-2022-1867 chromium-browser: Insufficient validation of untrusted input in Data Transfer
https://bugzilla.redhat.com/show_bug.cgi?id=2090298
[ 25 ] Bug #2090299 - CVE-2022-1868 chromium-browser: Inappropriate implementation in Extensions API
https://bugzilla.redhat.com/show_bug.cgi?id=2090299
[ 26 ] Bug #2090300 - CVE-2022-1869 chromium-browser: Type Confusion in V8
https://bugzilla.redhat.com/show_bug.cgi?id=2090300
[ 27 ] Bug #2090303 - CVE-2022-1870 chromium-browser: Use after free in App Service
https://bugzilla.redhat.com/show_bug.cgi?id=2090303
[ 28 ] Bug #2090304 - CVE-2022-1871 chromium-browser: Insufficient policy enforcement in File System API
https://bugzilla.redhat.com/show_bug.cgi?id=2090304
[ 29 ] Bug #2090305 - CVE-2022-1872 chromium-browser: Insufficient policy enforcement in Extensions API
https://bugzilla.redhat.com/show_bug.cgi?id=2090305
[ 30 ] Bug #2090306 - CVE-2022-1873 chromium-browser: Insufficient policy enforcement in COOP
https://bugzilla.redhat.com/show_bug.cgi?id=2090306
[ 31 ] Bug #2090307 - CVE-2022-1874 chromium-browser: Insufficient policy enforcement in Safe Browsing
https://bugzilla.redhat.com/show_bug.cgi?id=2090307
[ 32 ] Bug #2090308 - CVE-2022-1875 chromium-browser: Inappropriate implementation in PDF
https://bugzilla.redhat.com/show_bug.cgi?id=2090308
[ 33 ] Bug #2090309 - CVE-2022-1876 chromium-browser: Heap buffer overflow in DevTools
https://bugzilla.redhat.com/show_bug.cgi?id=2090309
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-7416607232' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
A chromium security update has been released for Fedora 36.