You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa chromium

Sigurnosni nedostaci programskog paketa chromium

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

——————————————————————————–
Fedora Update Notification
FEDORA-2020-10ec8aca61
2020-11-22 01:24:25.184407
——————————————————————————–

Name : chromium
Product : Fedora 33
Version : 87.0.4280.66
Release : 1.fc33
URL : http://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).

——————————————————————————–
Update Information:

Update to 87.0.4280.66. Fixes bugs and security holes. Yay! CVE-2020-16012
CVE-2020-16018 CVE-2020-16019 CVE-2020-16020 CVE-2020-16021 CVE-2020-16022
CVE-2020-16015 CVE-2020-16014 CVE-2020-16023 CVE-2020-16024 CVE-2020-16025
CVE-2020-16026 CVE-2020-16027 CVE-2020-16028 CVE-2020-16029 CVE-2020-16030
CVE-2020-16031 CVE-2020-16032 CVE-2020-16033 CVE-2020-16034 CVE-2020-16035
CVE-2020-16036
——————————————————————————–
ChangeLog:

* Wed Nov 18 2020 Tom Callaway <spot@fedoraproject.org> – 87.0.4280.66-1
– update to 87.0.4280.66
——————————————————————————–
References:

[ 1 ] Bug #1899222 – CVE-2020-16018 chromium-browser: Use after free in payments
https://bugzilla.redhat.com/show_bug.cgi?id=1899222
[ 2 ] Bug #1899223 – CVE-2020-16019 chromium-browser: Inappropriate implementation in filesystem
https://bugzilla.redhat.com/show_bug.cgi?id=1899223
[ 3 ] Bug #1899224 – CVE-2020-16020 chromium-browser: Inappropriate implementation in cryptohome
https://bugzilla.redhat.com/show_bug.cgi?id=1899224
[ 4 ] Bug #1899225 – CVE-2020-16021 chromium-browser: Race in ImageBurner
https://bugzilla.redhat.com/show_bug.cgi?id=1899225
[ 5 ] Bug #1899226 – CVE-2020-16022 chromium-browser: Insufficient policy enforcement in networking
https://bugzilla.redhat.com/show_bug.cgi?id=1899226
[ 6 ] Bug #1899227 – CVE-2020-16015 chromium-browser: Insufficient data validation in WASM
https://bugzilla.redhat.com/show_bug.cgi?id=1899227
[ 7 ] Bug #1899228 – CVE-2020-16014 chromium-browser: Use after free in PPAPI
https://bugzilla.redhat.com/show_bug.cgi?id=1899228
[ 8 ] Bug #1899229 – CVE-2020-16023 chromium-browser: Use after free in WebCodecs
https://bugzilla.redhat.com/show_bug.cgi?id=1899229
[ 9 ] Bug #1899230 – CVE-2020-16024 chromium-browser: Heap buffer overflow in UI
https://bugzilla.redhat.com/show_bug.cgi?id=1899230
[ 10 ] Bug #1899231 – CVE-2020-16025 chromium-browser: Heap buffer overflow in clipboard
https://bugzilla.redhat.com/show_bug.cgi?id=1899231
[ 11 ] Bug #1899232 – CVE-2020-16026 chromium-browser: Use after free in WebRTC
https://bugzilla.redhat.com/show_bug.cgi?id=1899232
[ 12 ] Bug #1899233 – CVE-2020-16027 chromium-browser: Insufficient policy enforcement in developer tools
https://bugzilla.redhat.com/show_bug.cgi?id=1899233
[ 13 ] Bug #1899234 – CVE-2020-16028 chromium-browser: Heap buffer overflow in WebRTC
https://bugzilla.redhat.com/show_bug.cgi?id=1899234
[ 14 ] Bug #1899235 – CVE-2020-16029 chromium-browser: Inappropriate implementation in PDFium
https://bugzilla.redhat.com/show_bug.cgi?id=1899235
[ 15 ] Bug #1899237 – CVE-2020-16030 chromium-browser: Insufficient data validation in Blink
https://bugzilla.redhat.com/show_bug.cgi?id=1899237
[ 16 ] Bug #1899239 – CVE-2019-8075 flash-plugin: Same origin policy bypass leading to information disclosure
https://bugzilla.redhat.com/show_bug.cgi?id=1899239
[ 17 ] Bug #1899240 – CVE-2020-16031 chromium-browser: Incorrect security UI in tab preview
https://bugzilla.redhat.com/show_bug.cgi?id=1899240
[ 18 ] Bug #1899241 – CVE-2020-16032 chromium-browser: Incorrect security UI in sharing
https://bugzilla.redhat.com/show_bug.cgi?id=1899241
[ 19 ] Bug #1899242 – CVE-2020-16033 chromium-browser: Incorrect security UI in WebUSB
https://bugzilla.redhat.com/show_bug.cgi?id=1899242
[ 20 ] Bug #1899243 – CVE-2020-16034 chromium-browser: Inappropriate implementation in WebRTC
https://bugzilla.redhat.com/show_bug.cgi?id=1899243
[ 21 ] Bug #1899244 – CVE-2020-16035 chromium-browser: Insufficient data validation in cros-disks
https://bugzilla.redhat.com/show_bug.cgi?id=1899244
[ 22 ] Bug #1899245 – CVE-2020-16036 chromium-browser: Inappropriate implementation in cookies
https://bugzilla.redhat.com/show_bug.cgi?id=1899245
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2020-10ec8aca61’ at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

AutorDona Seruga
Cert idNCERT-REF-2020-11-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostaci programskog paketa thunderbird

Otkriveni su sigurnosni nedostaci u programskom paketu thunderbird za operacijski sustav Debian. Otkriveni nedostaci potencijalnim napadačima omogućuju izazivanje DoS stanja,...

Close