FEDORA-EPEL-2023-2e7253946a

Packages in this update:

chromium-118.0.5993.70-1.el9

Update description:

Update to 118.0.5993.70. Include following security fixes:

– CVE-2023-5218: Use after free in Site Isolation.
– CVE-2023-5487: Inappropriate implementation in Fullscreen.
– CVE-2023-5484: Inappropriate implementation in Navigation.
– CVE-2023-5475: Inappropriate implementation in DevTools.
– CVE-2023-5483: Inappropriate implementation in Intents.
– CVE-2023-5481: Inappropriate implementation in Downloads.
– CVE-2023-5476: Use after free in Blink History.
– CVE-2023-5474: Heap buffer overflow in PDF.
– CVE-2023-5479: Inappropriate implementation in Extensions API.
– CVE-2023-5485: Inappropriate implementation in Autofill.
– CVE-2023-5478: Inappropriate implementation in Autofill.
– CVE-2023-5477: Inappropriate implementation in Installer.
– CVE-2023-5486: Inappropriate implementation in Input.
– CVE-2023-5473: Use after free in Cast.

update to 117.0.5938.149.

Read More

FEDORA-2023-8c9fd2a001

Packages in this update:

chromium-118.0.5993.70-1.fc38

Update description:

Update to 118.0.5993.70. Include following security fixes:

– CVE-2023-5218: Use after free in Site Isolation.
– CVE-2023-5487: Inappropriate implementation in Fullscreen.
– CVE-2023-5484: Inappropriate implementation in Navigation.
– CVE-2023-5475: Inappropriate implementation in DevTools.
– CVE-2023-5483: Inappropriate implementation in Intents.
– CVE-2023-5481: Inappropriate implementation in Downloads.
– CVE-2023-5476: Use after free in Blink History.
– CVE-2023-5474: Heap buffer overflow in PDF.
– CVE-2023-5479: Inappropriate implementation in Extensions API.
– CVE-2023-5485: Inappropriate implementation in Autofill.
– CVE-2023-5478: Inappropriate implementation in Autofill.
– CVE-2023-5477: Inappropriate implementation in Installer.
– CVE-2023-5486: Inappropriate implementation in Input.
– CVE-2023-5473: Use after free in Cast.

update to 117.0.5938.149.

Read More

FEDORA-EPEL-2023-53a7bc5700

Packages in this update:

chromium-118.0.5993.70-1.el8

Update description:

Update to 118.0.5993.70. Include following security fixes:

– CVE-2023-5218: Use after free in Site Isolation.
– CVE-2023-5487: Inappropriate implementation in Fullscreen.
– CVE-2023-5484: Inappropriate implementation in Navigation.
– CVE-2023-5475: Inappropriate implementation in DevTools.
– CVE-2023-5483: Inappropriate implementation in Intents.
– CVE-2023-5481: Inappropriate implementation in Downloads.
– CVE-2023-5476: Use after free in Blink History.
– CVE-2023-5474: Heap buffer overflow in PDF.
– CVE-2023-5479: Inappropriate implementation in Extensions API.
– CVE-2023-5485: Inappropriate implementation in Autofill.
– CVE-2023-5478: Inappropriate implementation in Autofill.
– CVE-2023-5477: Inappropriate implementation in Installer.
– CVE-2023-5486: Inappropriate implementation in Input.
– CVE-2023-5473: Use after free in Cast.

update to 117.0.5938.149.

Read More

FEDORA-2023-11ac66e61e

Packages in this update:

chromium-118.0.5993.70-1.fc39

Update description:

Update to 118.0.5993.70. Include following security fixes:

– CVE-2023-5218: Use after free in Site Isolation.
– CVE-2023-5487: Inappropriate implementation in Fullscreen.
– CVE-2023-5484: Inappropriate implementation in Navigation.
– CVE-2023-5475: Inappropriate implementation in DevTools.
– CVE-2023-5483: Inappropriate implementation in Intents.
– CVE-2023-5481: Inappropriate implementation in Downloads.
– CVE-2023-5476: Use after free in Blink History.
– CVE-2023-5474: Heap buffer overflow in PDF.
– CVE-2023-5479: Inappropriate implementation in Extensions API.
– CVE-2023-5485: Inappropriate implementation in Autofill.
– CVE-2023-5478: Inappropriate implementation in Autofill.
– CVE-2023-5477: Inappropriate implementation in Installer.
– CVE-2023-5486: Inappropriate implementation in Input.
– CVE-2023-5473: Use after free in Cast.

Read More

FEDORA-2023-0f8d1871d8

Packages in this update:

curl-8.2.1-3.fc39

Update description:

fix cookie injection with none file (CVE-2023-38546)
fix SOCKS5 heap buffer overflow (CVE-2023-38545)

Read More

FEDORA-EPEL-2023-2b36013026

Packages in this update:

libcue-2.3.0-1.el8

Update description:

This update provides a new release of libcue that includes the fix for a serious security issue that could cause arbitrary code execution, tracked as CVE-2023-43641. See this write-up by Kevin Backhouse for details. Thanks to Kevin for discovering the issue and writing the fix. It also includes another small bug fix.

Read More

FEDORA-EPEL-2023-b4fc9c3fdb

Packages in this update:

libcue-2.3.0-1.el9

Update description:

This update provides a new release of libcue that includes the fix for a serious security issue that could cause arbitrary code execution, tracked as CVE-2023-43641. See this write-up by Kevin Backhouse for details. Thanks to Kevin for discovering the issue and writing the fix. It also includes another small bug fix.

Read More

Multiple security issues were discovered in Chromium, which could result
in the execution of arbitrary code, denial of service or information
disclosure.

Read More

The following vulnerabilities have been discovered in the WebKitGTK
web engine:

Read More

FEDORA-EPEL-2023-b5d558ab14

Packages in this update:

libcue-2.2.1-13.el7

Update description:

This update backports the fix for a serious security issue that could cause arbitrary code execution, tracked as CVE-2023-43641. See this write-up by Kevin Backhouse for details. Thanks to Kevin for discovering the issue and writing the fix.

Read More