Upstream has released version 61.0.3163.79 on September 5: https://chromereleases.googleblog.com/2017/09/stable-channel-update-for-desktop.html This fixes several new security issues. This is the current version in the stable channel: http://googlechromereleases.blogspot.com/search/label/Stable%20updates There was also a bugfix update on August 24 since our last update: https://chromereleases.googleblog.com/2017/08/stable-channel-update-for-desktop_24.html
Whiteboard: (none) => MGA5TOO
chromium 61.0.3163.91 was released as a bug fix release on September 14 as can be seen in the chrome announcement: https://chromereleases.googleblog.com/2017/09/stable-channel-update-for-desktop_14.html
Status: NEW => ASSIGNED
Depends on: (none) => 20196
See Also: (none) => https://bugs.mageia.org/show_bug.cgi?id=20196Depends on: 20196 => (none)
Upstream has released version 61.0.3163.100 on September 21: https://chromereleases.googleblog.com/2017/09/stable-channel-update-for-desktop_21.html This fixes several new security issues. This is the current version in the stable channel: http://googlechromereleases.blogspot.com/search/label/Stable%20updates openSUSE has issued an advisory for this today (September 23): https://lists.opensuse.org/opensuse-updates/2017-09/msg00097.html
Summary: chromium-browser-stable new security issues fixed in 61.0.3163.79 => chromium-browser-stable new security issues fixed in 61.0.3163.100
Upstream has released version 62.0.3202.62 on October 17: https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html This fixes several new security issues. This is the current version in the stable channel: http://googlechromereleases.blogspot.com/search/label/Stable%20updates
Summary: chromium-browser-stable new security issues fixed in 61.0.3163.100 => chromium-browser-stable new security issues fixed in 62.0.3202.62
RedHat has issued an advisory for this today (October 20): https://access.redhat.com/errata/RHSA-2017:2997
Upstream has released version 62.0.3202.75 on October 26: https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop_26.html This fixes one new security issue. This is the current version in the stable channel: http://googlechromereleases.blogspot.com/search/label/Stable%20updates
Summary: chromium-browser-stable new security issues fixed in 62.0.3202.62 => chromium-browser-stable new security issues fixed in 62.0.3202.75
openSUSE has issued an advisory for this on October 29: https://lists.opensuse.org/opensuse-updates/2017-10/msg00118.html
Upstream has released version 62.0.3202.89 on November 6: https://chromereleases.googleblog.com/2017/11/stable-channel-update-for-desktop.html This fixes two new security issues. This is the current version in the stable channel: http://googlechromereleases.blogspot.com/search/label/Stable%20updates openSUSE has issued an advisory for this today (November 8): https://lists.opensuse.org/opensuse-updates/2017-11/msg00019.html
Summary: chromium-browser-stable new security issues fixed in 62.0.3202.75 => chromium-browser-stable new security issues fixed in 62.0.3202.89
My mga5 build for chromium 62 crashes on launch so only mga6 packages are available for testing. MGA6 SRPM: chromium-browser-stable-62.0.3202.94-1.mga6.src.rpm RPMS: chromium-browser-62.0.3202.94-1.mga6.i586.rpm chromium-browser-stable-62.0.3202.94-1.mga6.i586.rpm chromium-browser-62.0.3202.94-1.mga6.x86_64.rpm chromium-browser-stable-62.0.3202.94-1.mga6.x86_64.rpm proposed advisory: Chromium-browser 62.0.3202.94 fixes security issues: Multiple flaws were found in the way Chromium 60 processes various types of web content, where loading a web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information. (CVE-2017-5111, CVE-2017-5112, CVE-2017-5113, CVE-2017-5114, CVE-2017-5115, CVE-2017-5116, CVE-2017-5117, CVE-2017-5118, CVE-2017-5119, CVE-2017-5120, CVE-2017-5121, CVE-2017-5122, CVE-2017-5124, CVE-2017-5125, CVE-2017-5126, CVE-2017-5127, CVE-2017-5128, CVE-2017-5129, CVE-2017-5130, CVE-2017-5131, CVE-2017-5132, CVE-2017-5133, CVE-2017-15386, CVE-2017-15387, CVE-2017-15388, CVE-2017-15389, CVE-2017-15390, CVE-2017-15391, CVE-2017-15392, CVE-2017-15393, CVE-2017-15394, CVE-2017-15395, CVE-2017-15396, CVE-2017-15398, CVE-2017-15399, CVE-2017-15406) References: https://chromereleases.googleblog.com/2017/08/stable-channel-update-for-desktop_24.html https://chromereleases.googleblog.com/2017/09/stable-channel-update-for-desktop.html https://chromereleases.googleblog.com/2017/09/stable-channel-update-for-desktop_14.html https://chromereleases.googleblog.com/2017/09/stable-channel-update-for-desktop_21.html https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop_26.html https://chromereleases.googleblog.com/2017/11/stable-channel-update-for-desktop.html https://chromereleases.googleblog.com/2017/11/stable-channel-update-for-desktop_13.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5111 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5112 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5113 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5114 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5115 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5116 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5117 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5118 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5119 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5120 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5121 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5122 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5124 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5125 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5126 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5127 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5128 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5129 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5130 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5131 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5132 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5133 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15386 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15387 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15389 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15390 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15391 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15392 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15393 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15394 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15395 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15396 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15398 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15399 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15406
CC: (none) => cjwAssignee: cjw => qa-bugs
Christiaan, I was hoping we could continue to support this package on Mageia 5 (even I use it). If not, please mention it in the advisory.
Testing M6/64 chromium-browser-stable-62.0.3202.94-1.mga6 Tried a couple of wizzy sites: BBC, YouTube; sound & videos fine. Other vaguely dynamic sites. Madb -> Bugzilla. Fiddled a bit with preferences. All seems to work OK. Adding advisory just for Mageia 6; if 5 also wanted, it is only necessary to add its SRPM stanza.
Keywords: (none) => advisoryWhiteboard: MGA5TOO => MGA5TOO MGA6-64-OKCC: (none) => lewyssmith
Mageia 6 for i586 in virtualbox. Installed the current version then updated it. Tried a couple of astronomical sites then Youtube. Loaded a scifi clip. That was OK. Clicked on my name button and received the news that the browser was having trouble with sync. Tried logging in to Google but failed even though the password was written down. Gave up on that because the bookmarks bar had an entry for "Imported from firefox". That provided access to my bookmarks. Tried madb, which required logging in. That was a problem. I had to enter my moniker and password five times before they were accepted. Now reporting from Chrome. It is running fine as far as common browser operations are concerned.
CC: (none) => tarazed25
Whiteboard: MGA5TOO MGA6-64-OK => MGA5TOO MGA6-64-OK MGA6-32-OK
@Len Seeing the troubles you had re previous comment, can you quickly try downgrading it (# urpmi --downgrade ...) and see if they occured before? If not, the update is dicey; if they did, no reversion, the update OK.
Re comment 12. Downgraded the 64-bit version and could not reach any website. Updated again and everything was fine, including Mageia id - password accepted first time. Shall report back on i586 version.
Sorry, Lewis. I am having trouble opening RPM DB. error: db5 error(11) from dbenv->open: Resource temporarily unavailable error: cannot open Packages index using db5 - Resource temporarily unavailable (11) error: cannot open Packages database in /var/lib/rpm unlocking urpmi database Continuing this after a reboot.....
No, looks like this vm is broken. It may need reinstallation. Meanwhile shall try an alternative vbox on another machine.
Downgraded to version 60 and tried Mageia ID. That worked without any problem. Shall report back after updating again.
Updated to version 62. Tried Mageia ID and had no trouble logging out and in again. Chromium running smoothly. So onwards and upwards.
Removing the MGA5TOO whiteboard entry and validating the update.
Whiteboard: MGA5TOO MGA6-64-OK MGA6-32-OK => MGA6-64-OK MGA6-32-OKKeywords: (none) => validated_updateCC: (none) => davidwhodgins, sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2017-0423.html
Resolution: (none) => FIXEDStatus: ASSIGNED => RESOLVED