-------------------------------------------------------------------------------- Fedora EPEL Update Notification FEDORA-EPEL-2024-32c5029d69 2024-06-25 00:37:45.809536 --------------------------------------------------------------------------------
Name : chromium Product : Fedora EPEL 9 Version : 126.0.6478.114 Release : 1.el9 URL : http://www.chromium.org/Home Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use Description : Chromium is an open-source web browser, powered by WebKit (Blink).
-------------------------------------------------------------------------------- Update Information:
update to 126.0.6478.114 High CVE-2024-6100: Type Confusion in V8 High CVE-2024-6101: Inappropriate implementation in WebAssembly High CVE-2024-6102: Out of bounds memory access in Dawn High CVE-2024-6103: Use after free in Dawn -------------------------------------------------------------------------------- ChangeLog:
* Wed Jun 19 2024 Than Ngo than@redhat.com - 126.0.6478.114-1 - update to 126.0.6478.114 * High CVE-2024-6100: Type Confusion in V8 * High CVE-2024-6101: Inappropriate implementation in WebAssembly * High CVE-2024-6102: Out of bounds memory access in Dawn * High CVE-2024-6103: Use after free in Dawn -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2292398 - CVE-2024-5171 chromium: libaom: Integer overflow in internal function��img_alloc_helper [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2292398 [ 2 ] Bug #2292402 - CVE-2024-5171 chromium: libaom: Integer overflow in internal function��img_alloc_helper [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2292402 [ 3 ] Bug #2293009 - CVE-2024-6100 CVE-2024-6101 chromium: various flaws [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2293009 [ 4 ] Bug #2293013 - CVE-2024-6102 chromium: chromium-browser: out of bounds memory access in Dawn [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2293013 [ 5 ] Bug #2293016 - CVE-2024-6103 chromium: chromium-browser: use after free in Dawn [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2293016 --------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use su -c 'yum update chromium' at the command line. For more information, refer to "YUM", available at https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7%5C /html/System_Administrators_Guide/ch-yum.html
All packages are signed with the Fedora EPEL GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------
epel-package-announce@lists.fedoraproject.org