DSA-5575-1 webkit2gtk – security update

Read Time:24 Second

The following vulnerabilities have been discovered in the WebKitGTK
web engine:

CVE-2023-42916

Clement Lecigne discovered that processing web content may
disclose sensitive information. Apple is aware of a report that
this issue may have been actively exploited.

CVE-2023-42917

Clement Lecigne discovered that processing web content may lead to
arbitrary code execution. Apple is aware of a report that this
issue may have been actively exploited.

https://security-tracker.debian.org/tracker/DSA-5575-1

Read More

chromium-120.0.6099.71-1.el7

Read Time:44 Second

FEDORA-EPEL-2023-3782f9a3bf

Packages in this update:

chromium-120.0.6099.71-1.el7

Update description:

Update to 120.0.6099.71

Update to 120.0.6099.62, upstream release fixes follow security issues:

High CVE-2023-6508: Use after free in Media Stream
High CVE-2023-6509: Use after free in Side Panel Search
Medium CVE-2023-6510: Use after free in Media Capture
Low CVE-2023-6511: Inappropriate implementation in Autofill
Low CVE-2023-6512: Inappropriate implementation in Web Browser UI

update to 119.0.6045.199, upstream security release

High CVE-2023-6348: Type Confusion in Spellcheck
High CVE-2023-6347: Use after free in Mojo
High CVE-2023-6346: Use after free in WebAudio
High CVE-2023-6350: Out of bounds memory access in libavif
High CVE-2023-6351: Use after free in libavif
High CVE-2023-6345: Integer overflow in Skia

Read More

chromium-120.0.6099.71-1.el9

Read Time:44 Second

FEDORA-EPEL-2023-a0fcd69d86

Packages in this update:

chromium-120.0.6099.71-1.el9

Update description:

Update to 120.0.6099.71

Update to 120.0.6099.62, upstream release fixes follow security issues:

High CVE-2023-6508: Use after free in Media Stream
High CVE-2023-6509: Use after free in Side Panel Search
Medium CVE-2023-6510: Use after free in Media Capture
Low CVE-2023-6511: Inappropriate implementation in Autofill
Low CVE-2023-6512: Inappropriate implementation in Web Browser UI

update to 119.0.6045.199, upstream security release

High CVE-2023-6348: Type Confusion in Spellcheck
High CVE-2023-6347: Use after free in Mojo
High CVE-2023-6346: Use after free in WebAudio
High CVE-2023-6350: Out of bounds memory access in libavif
High CVE-2023-6351: Use after free in libavif
High CVE-2023-6345: Integer overflow in Skia

Read More

chromium-120.0.6099.71-1.el8

Read Time:44 Second

FEDORA-EPEL-2023-d1b0df83e0

Packages in this update:

chromium-120.0.6099.71-1.el8

Update description:

Update to 120.0.6099.71

Update to 120.0.6099.62, upstream release fixes follow security issues:

High CVE-2023-6508: Use after free in Media Stream
High CVE-2023-6509: Use after free in Side Panel Search
Medium CVE-2023-6510: Use after free in Media Capture
Low CVE-2023-6511: Inappropriate implementation in Autofill
Low CVE-2023-6512: Inappropriate implementation in Web Browser UI

update to 119.0.6045.199, upstream security release

High CVE-2023-6348: Type Confusion in Spellcheck
High CVE-2023-6347: Use after free in Mojo
High CVE-2023-6346: Use after free in WebAudio
High CVE-2023-6350: Out of bounds memory access in libavif
High CVE-2023-6351: Use after free in libavif
High CVE-2023-6345: Integer overflow in Skia

Read More