| Summary: | chromium-browser-stable new security issues fixed in 96.0.4664.110 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | Nicolas Salguero <nicolas.salguero> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | critical | ||
| Priority: | Normal | CC: | fri, hdetavernier, herman.viaene, joselp, sysadmin-bugs |
| Version: | 8 | Keywords: | advisory, validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA8-64-OK | ||
| Source RPM: | chromium-browser-stable-96.0.4664.93-1.mga8.src.rpm | CVE: | |
| Status comment: | |||
|
Description
Nicolas Salguero
2021-12-14 16:55:44 CET
Nicolas Salguero
2021-12-14 16:56:17 CET
Source RPM:
(none) =>
chromium-browser-stable-96.0.4664.93-1.mga8.src.rpm One of the issues fixed is being exploited in the wild. I see you Nicolas have already updated this in Cauldron; thanks for ultra-rapid response. It would be fatuous not to assign this bug to you. Assignee:
bugsquad =>
nicolas.salguero Suggested advisory: ======================== Updated chromium-browser-stable packages fix security vulnerabilities. The chromium-browser-stable package has been updated to 96.0.4664.110 version that fixes multiples security vulnerabilities. One of these CVEs is known to be actively exploited. Insufficient data validation in Mojo. (CVE-2021-4098) Use after free in Swiftshader. (CVE-2021-4099) Object lifecycle issue in ANGLE. (CVE-2021-4100) Heap buffer overflow in Swiftshader. (CVE-2021-4101) Use after free in V8. (CVE-2021-4102) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4098 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4099 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4100 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4101 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4102 https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop_13.html ======================== Updated packages in core/updates_testing: ======================== chromium-browser-96.0.4664.110-1.mga8 chromium-browser-stable-96.0.4664.110-1.mga8 from SRPM: chromium-browser-stable-96.0.4664.110-1.mga8.src.rpm Version:
Cauldron =>
8 Hi, Updated from the last version. Works fine for me. Banks, addons, youtube, download images, language and settings ok. Greetings!! CC:
(none) =>
joselpddj MGA8-64 Plasma on Lenovo B50 in Dutch No installation issues. Language OK, cann't find anything wrong with it. CC:
(none) =>
herman.viaene bug#29680 still valid Report from Real hardware with Mageia 8 i586 with Plasma as desktop See Also:
(none) =>
https://bugs.mageia.org/show_bug.cgi?id=29680 Mga8 x64 Gnome VmWare Updated from 96.0.4664.93 No issues detected. Youtube, bank, commercial sites and other are ok. CC:
(none) =>
hdetavernier Works fine here too. Keywords:
(none) =>
validated_update
Thomas Backlund
2021-12-19 11:34:50 CET
Keywords:
(none) =>
advisory An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2021-0565.html Status:
ASSIGNED =>
RESOLVED Tested OK before but forgot to report... mga8-64, Plasma, nvidia-current, swedish CC:
(none) =>
fri |