ELBA-2024-27668

ELBA-2024-27668 - chromium Bug Fix update

Type:BUG
Severity:NA
Release Date:2024-09-28

Description


[129.0.6668.70-1]
- update to 129.0.6668.70
* High CVE-2024-9120: Use after free in Dawn
* High CVE-2024-9121: Inappropriate implementation in V8
* High CVE-2024-9122: Type Confusion in V8
* High CVE-2024-9123: Integer overflow in Skia

[129.0.6668.58-2]
- clean up

[129.0.6668.58-1]
- update to 129.0.6668.58
* High CVE-2024-8904: Type Confusion in V8
* Medium CVE-2024-8905: Inappropriate implementation in V8
* Medium CVE-2024-8906: Incorrect security UI in Downloads
* Medium CVE-2024-8907: Insufficient data validation in Omnibox
* Low CVE-2024-8908: Inappropriate implementation in Autofill
* Low CVE-2024-8909: Inappropriate implementation in UI

[128.0.6613.137-1]
- update to 128.0.6613.137
* High CVE-2024-8636: Heap buffer overflow in Skia
* High CVE-2024-8637: Use after free in Media Router
* High CVE-2024-8638: Type Confusion in V8
* High CVE-2024-8639: Use after free in Autofill

[128.0.6613.119-1]
- update to 128.0.6613.119
* High CVE-2024-8362: Use after free in WebAudio
* High CVE-2024-7970: Out of bounds write in V8

[127.0.6533.99-1]
- update to 127.0.6533.99
* Critical CVE-2024-7532: Out of bounds memory access in ANGLE
* High CVE-2024-7533: Use after free in Sharing
* High CVE-2024-7550: Type Confusion in V8
* High CVE-2024-7534: Heap buffer overflow in Layout
* High CVE-2024-7535: Inappropriate implementation in V8
* High CVE-2024-7536: Use after free in WebAudio

[127.0.6533.88-3]
- fix rhbz#2294773 - Allow enabling vulkan on ozone wayland for AMD vaapi
- add ppc64le patch to fix runtime assertion trap on ppc64el systems
- refresh ppc64le patch to work around broken 64k allocator code on arm64

[127.0.6533.88-2]
- remove old patch that seems to be the cause of a crash
when the user set user.max_user_namespaces to 0

[127.0.6533.88-1]
- update to 127.0.6533.88

[127.0.6533.72-1]
- update to 127.0.6533.72
* CVE-2024-6988: Use after free in Downloads
* CVE-2024-6989: Use after free in Loader
* CVE-2024-6991: Use after free in Dawn
* CVE-2024-6992: Out of bounds memory access in ANGLE
* CVE-2024-6993: Inappropriate implementation in Canvas
* CVE-2024-6994: Heap buffer overflow in Layout
* CVE-2024-6995: Inappropriate implementation in Fullscreen
* CVE-2024-6996: Race in Frames
* CVE-2024-6997: Use after free in Tabs
* CVE-2024-6998: Use after free in User Education
* CVE-2024-6999: Inappropriate implementation in FedCM
* CVE-2024-7000: Use after free in CSS. Reported by Anonymous
* CVE-2024-7001: Inappropriate implementation in HTML
* CVE-2024-7003: Inappropriate implementation in FedCM
* CVE-2024-7004: Insufficient validation of untrusted input in Safe Browsing
* CVE-2024-7005: Insufficient validation of untrusted input in Safe

[126.0.6478.182-2]
- fix condition for is_cfi/use_thin_lto on aarch64/ppc64le
- update powerpc patches

[126.0.6478.182-1]
- update to 126.0.6478.182
* High CVE-2024-6772: Inappropriate implementation in V8
* High CVE-2024-6773: Type Confusion in V8
* High CVE-2024-6774: Use after free in Screen Capture
* High CVE-2024-6775: Use after free in Media Stream
* High CVE-2024-6776: Use after free in Audio
* High CVE-2024-6777: Use after free in Navigation
* High CVE-2024-6778: Race in DevTools
* High CVE-2024-6779: Out of bounds memory access in V8

[126.0.6478.126-2]
- fixed rhbz#2293202, chromium Wayland UI regression

[126.0.6478.126-1]
- update to 126.0.6478.126
* High CVE-2024-6290: Use after free in Dawn
* High CVE-2024-6291: Use after free in Swiftshader
* High CVE-2024-6292: Use after free in Dawn
* High CVE-2024-6293: Use after free in Dawn

[126.0.6478.114-1]
- update to 126.0.6478.114
* High CVE-2024-6100: Type Confusion in V8
* High CVE-2024-6101: Inappropriate implementation in WebAssembly
* High CVE-2024-6102: Out of bounds memory access in Dawn
* High CVE-2024-6103: Use after free in Dawn

[126.0.6478.55-1]
- update to 126.0.6478.55
* High CVE-2024-5830: Type Confusion in V8
* High CVE-2024-5831: Use after free in Dawn
* High CVE-2024-5832: Use after free in Dawn
* High CVE-2024-5833: Type Confusion in V8
* High CVE-2024-5834: Inappropriate implementation in Dawn
* High CVE-2024-5835: Heap buffer overflow in Tab Groups
* High CVE-2024-5836: Inappropriate Implementation in DevTools
* High CVE-2024-5837: Type Confusion in V8
* High CVE-2024-5838: Type Confusion in V8
* Medium CVE-2024-5839: Inappropriate Implementation in Memory Allocator
* Medium CVE-2024-5840: Policy Bypass in CORS
* Medium CVE-2024-5841: Use after free in V8
* Medium CVE-2024-5842: Use after free in Browser UI
* Medium CVE-2024-5843: Inappropriate implementation in Downloads
* Medium CVE-2024-5844: Heap buffer overflow in Tab Strip
* Medium CVE-2024-5845: Use after free in Audio
* Medium CVE-2024-5846: Use after free in PDFium
* Medium CVE-2024-5847: Use after free in PDFium

[125.0.6422.141-1]
- update to 125.0.6422.141
* High CVE-2024-5493: Heap buffer overflow in WebRTC
* High CVE-2024-5494: Use after free in Dawn
* High CVE-2024-5495: Use after free in Dawn
* High CVE-2024-5496: Use after free in Media Session
* High CVE-2024-5497: Out of bounds memory access in Keyboard Inputs
* High CVE-2024-5498: Use after free in Presentation API
* High CVE-2024-5499: Out of bounds write in Streams API
- fixed rhbz#2264332 - Chromium is unable to send/receive video on MS Teams
- cleanup chromium.conf

[125.0.6422.112-3]
- build against noopenh264

[125.0.6422.112-2]
- Workaround for build error on pp64le

[125.0.6422.112-1]
- update to 125.0.6422.112
* High CVE-2024-5274: Type Confusion in V8

[125.0.6422.76-1]
- fix bz#2282246, update to 125.0.6422.76
* High CVE-2024-5157: Use after free in Scheduling
* High CVE-2024-5158: Type Confusion in V8
* High CVE-2024-5159: Heap buffer overflow in ANGLE
* High CVE-2024-5160: Heap buffer overflow in Dawn
- cleanup

[125.0.6422.60-3]
- remove unneeded BRs
- workarounds for el7 build

[125.0.6422.60-2]
- fix build errors on el7

[125.0.6422.60-1]
- update to 125.0.6422.60
* High CVE-2024-4947: Type Confusion in V8
* High CVE-2024-4948: Use after free in Dawn
* Medium CVE-2024-4949: Use after free in V8
* Low CVE-2024-4950: Inappropriate implementation in Downloads

[125.0.6422.41-1]
- update to 125.0.6422.41

[124.0.6367.201-2]
- include headless_command_resources.pak for headless_shell

[124.0.6367.201-1]
- update to 124.0.6367.201
* High CVE-2024-4671: Use after free in Visuals

[124.0.6367.155-1]
- update to 124.0.6367.155
* High CVE-2024-4558: Use after free in ANGLE
* High CVE-2024-4559: Heap buffer overflow in WebAudio

[124.0.6367.118-2]
- fixed build errors on el8
- refreshed clean_ffmpeg.sh
- added missing files for bundle ffmpeg

[124.0.6367.118-1]
- update to 124.0.6367.118
* High CVE-2024-4331: Use after free in Picture In Picture
* High CVE-2024-4368: Use after free in Dawn
- use system highway

[124.0.6367.91-1]
- update to 124.0.6367.91
- fixed bz#2277228 - chromium wrapper causes library issues (symbol lookup error)
- use system dav1d

[124.0.6367.78-1]
- update to 124.0.6367.78
* Critical CVE-2024-4058: Type Confusion in ANGLE
* High CVE-2024-4059: Out of bounds read in V8 API
* High CVE-2024-4060: Use after free in Dawn

[124.0.6367.60-2]
- fix waylang regression

[124.0.6367.60-1]
- update to 124.0.6367.60

[123.0.6312.122-1]
- update to 123.0.6312.122
* High CVE-2024-3157: Out of bounds write in Compositing
* High CVE-2024-3516: Heap buffer overflow in ANGLE
* High CVE-2024-3515: Use after free in Dawn

[123.0.6312.105-1]
- update to 123.0.6312.105
* High CVE-2024-3156: Inappropriate implementation in V8
* High CVE-2024-3158: Use after free in Bookmarks
* High CVE-2024-3159: Out of bounds memory access in V8

[123.0.6312.86-2]
- update to 123.0.6312.86
* Critical CVE-2024-2883: Use after free in ANGLE
* High CVE-2024-2885: Use after free in Daw
* High CVE-2024-2886: Use after free in WebCodecs
* High CVE-2024-2887: Type Confusion in WebAssembly

[123.0.6312.58-2]
- fixed bz#2269768 - enable build ppc64le package for F40
- fixed bz#2270321 - VAAPI flags in chromium.conf are out of date
- fixed bz#2271183 - disable screen ai service

[123.0.6312.58-1]
- update to 123.0.6312.58
* High CVE-2024-2625: Object lifecycle issue in V8
* Medium CVE-2024-2626: Out of bounds read in Swiftshader
* Medium CVE-2024-2627: Use after free in Canvas
* Medium CVE-2024-2628: Inappropriate implementation in Downloads
* Medium CVE-2024-2629: Incorrect security UI in iOS
* Medium CVE-2024-2630: Inappropriate implementation in iOS
* Low CVE-2024-2631: Inappropriate implementation in iOS

[123.0.6312.46-1]
- update to 123.0.6312.46

[122.0.6261.128-1]
- upstream security release 122.0.6261.128
* High CVE-2024-2400: Use after free in Performance Manager

[122.0.6261.111-2]
- enable ppc64le build

[122.0.6261.111-1]
- upstream security release 122.0.6261.111
* High CVE-2024-2173: Out of bounds memory access in V8
* High CVE-2024-2174: Inappropriate implementation in V8
* High CVE-2024-2176: Use after free in FedCM

[122.0.6261.94-1]
- upstream security release 122.0.6261.94
* High : Type Confusion in V8
- fixed bz#2265957, added correct platform in chromium use agent

[122.0.6261.69-3]
- Make building of chromedriver optional

[122.0.6261.69-2]
- Rebuilt for java-21-openjdk as system jdk

[122.0.6261.69-1]
- update to 122.0.6261.69
- fix build error on el8
- bz#2265039, built with -fwrapv for improved memory safety
- bz#2265043, built with -ftrivial-auto-var-init=zero for improved security and preditability

[122.0.6261.57-1]
- update to 122.0.6261.57
* High CVE-2024-1669: Out of bounds memory access in Blink
* High CVE-2024-1670: Use after free in Mojo
* Medium CVE-2024-1671: Inappropriate implementation in Site Isolation
* Medium CVE-2024-1672: Inappropriate implementation in Content Security Policy
* Medium CVE-2024-1673: Use after free in Accessibility
* Medium CVE-2024-1674: Inappropriate implementation in Navigation
* Medium CVE-2024-1675: Insufficient policy enforcement in Download
* Low CVE-2024-1676: Inappropriate implementation in Navigation.

[122.0.6261.39-1]
- update to 122.0.6261.39

[121.0.6167.184-1]
- update to 121.0.6167.184

[121.0.6167.160-1]
- update to 121.0.6167.160
* High CVE-2024-1284: Use after free in Mojo
* High CVE-2024-1283: Heap buffer overflow in Skia

[121.0.6167.139-2]
- Support for 64K pages on Linux/AArch64

[121.0.6167.139-1]
- update to 121.0.6167.139
* High CVE-2024-1060: Use after free in Canvas
* High CVE-2024-1059: Use after free in WebRTC
* High CVE-2024-1077: Use after free in Network

[121.0.6167.85-1]
- update to 121.0.6167.85
* High CVE-2024-0807: Use after free in WebAudio
* High CVE-2024-0812: Inappropriate implementation in Accessibility
* High CVE-2024-0808: Integer underflow in WebUI
* Medium CVE-2024-0810: Insufficient policy enforcement in DevTools
* Medium CVE-2024-0814: Incorrect security UI in Payments
* Medium CVE-2024-0813: Use after free in Reading Mode
* Medium CVE-2024-0806: Use after free in Passwords
* Medium CVE-2024-0805: Inappropriate implementation in Downloads
* Medium CVE-2024-0804: Insufficient policy enforcement in iOS Security UI
* Low CVE-2024-0811: Inappropriate implementation in Extensions API
* Low CVE-2024-0809: Inappropriate implementation in Autofill

[121.0.6167.71-1]
- update to 121.0.6167.71

[120.0.6099.224-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild

[120.0.6099.224-1]
- update to 120.0.6099.224
* High CVE-2024-0517: Out of bounds write in V8
* High CVE-2024-0518: Type Confusion in V8
* High CVE-2024-0519: Out of bounds memory access in V8

[120.0.6099.216-1]
- update to 120.0.6099.216
* High CVE-2024-0333: Insufficient data validation in Extensions

[120.0.6099.199-1]
- new gn update, drop workaround for broken gn on epel 8/9
- update to 120.0.6099.199
* CVE-2024-0222: Use after free in ANGLE
* CVE-2024-0223: Heap buffer overflow in ANGLE
* CVE-2024-0224: Use after free in WebAudio
* CVE-2024-0225: Use after free in WebGPU

[120.0.6099.129-1]
- update to 120.0.6099.129
* High CVE-2023-7024: Heap buffer overflow in WebRTC

[120.0.6099.109-1]
- update to 120.0.6099.109
* High CVE-2023-6702: Type Confusion in V8
* High CVE-2023-6703: Use after free in Blink
* High CVE-2023-6704: Use after free in libavif
* High CVE-2023-6705: Use after free in WebRTC
* High CVE-2023-6706: Use after free in FedCM
* Medium CVE-2023-6707: Use after free in CSS

[120.0.6099.71-1]
- update to 120.0.6099.71

[120.0.6099.62-2]
- drop unsupported ldflag which caused build failure

[120.0.6099.62-1]
- update to 120.0.6099.62
- fixed bz#2252874, built with control flow integrity (CFI) support

[120.0.6099.56-1]
- update to 120.0.6099.56
- enable qt6 UI backend

[119.0.6045.199-2]
- fixed bz#2242271, built with bundleminizip in fedora > 39
- fixed bz#2251884, built with fstack-protector-strong for improved security

[119.0.6045.199-1]
- update to 119.0.6045.199

[119.0.6045.159-2]
- fix ffmpeg conflicts

[119.0.6045.159-1]
- update to 119.0.6045.159, upstream security release
High CVE-2023-5997, use after free in Garbage Collection
High CVE-2023-6112, use after free in Navigation
- add Requires/Conflicts for ABI break in fmpeg-free 6.0.1
- drop first_dts patch, reintroduce first_dts patch in ffmpeg-free-6.0.1
- fixed python3 syntaxWarning: invalid escape sequenc
- skip clang's patches for epel8 that now gets clang-16 update

[119.0.6045.123-2]
- fixed bz#2240127, Some h.264 mp4s do not play

[119.0.6045.123-1]
- update to 119.0.6045.123, include following security fixes:
high CVE-2023-5996: Use after free in WebAudio

[119.0.6045.105-2]
- enable debuginfo

[119.0.6045.105-1]
- update to 119.0.6045.105

[119.0.6045.59-1]
- update 119.0.6045.59

[118.0.5993.117-1]
- update to 118.0.5993.117

[118.0.5993.88-1]
- update to 118.0.5993.88
- cleanup the package dependencies

[118.0.5993.70-2]
- fix tab crash with SIGTRAP when using system ffmpeg

[118.0.5993.70-1]
- update to 118.0.5993.70
- CVE-2023-5218: Use after free in Site Isolation.
- CVE-2023-5487: Inappropriate implementation in Fullscreen.
- CVE-2023-5484: Inappropriate implementation in Navigation.
- CVE-2023-5475: Inappropriate implementation in DevTools.
- CVE-2023-5483: Inappropriate implementation in Intents.
- CVE-2023-5481: Inappropriate implementation in Downloads.
- CVE-2023-5476: Use after free in Blink History.
- CVE-2023-5474: Heap buffer overflow in PDF.
- CVE-2023-5479: Inappropriate implementation in Extensions API.
- CVE-2023-5485: Inappropriate implementation in Autofill.
- CVE-2023-5478: Inappropriate implementation in Autofill.
- CVE-2023-5477: Inappropriate implementation in Installer.
- CVE-2023-5486: Inappropriate implementation in Input.
- CVE-2023-5473: Use after free in Cast.

[118.0.5993.54-1]
- update to 118.0.5993.54
- drop use_gnome_keyring as it's removed by upstream

[117.0.5938.149-1]
- update to 117.0.5938.149
- fix CVE-2023-5346: Type Confusion in V8

[117.0.5938.132-2]
- add workaround for the crash on BTI capable system

[117.0.5938.132-1]
- update to 117.0.5938.132
- CVE-2023-5217, heap buffer overflow in vp8 encoding in libvpx.
- CVE-2023-5186, use after free in Passwords.
- CVE-2023-5187, use after free in Extensions.
?

[117.0.5938.92-2]
- backport upstream patch to fix memory leak

[117.0.5938.92-1]
- update to 117.0.5938.92

[117.0.5938.88-1]
- update to 117.0.5938.88

[117.0.5938.62-1]
- update to 117.0.5938.62

[116.0.5845.187-1]
- update to 116.0.5845.187

[116.0.5845.179-1]
- update to 116.0.5845.179

[116.0.5845.96-1]
- update to 116.0.5845.96

[115.0.5790.170-2]
- set use_all_cpus=1 for aarch64

[115.0.5790.170-1]
- update to 115.0.5790.170

[115.0.5790.110-1]
- update to 115.0.5790.110

[115.0.5790.102-1]
- update to 115.0.5790.102

[115.0.5790.98-1]
- update to 115.0.5790.98

[114.0.5735.198-1]
- update to 114.0.5735.198

[114.0.5735.133-1]
- update to 114.0.5735.133
- Enable AllowQt feature flag
- Fix Qt deps
- Fix Qt logical scale factor

[114.0.5735.106-1]
- update to 114.0.5735.106

[114.0.5735.45-1]
- update to 114.0.5735.45
- add qt6 linuxui backend
- backport: handle scale factor changes
- backport: fix font double_scaling

[113.0.5672.126-1]
- drop clang workaround for el8
- update to 113.0.5672.126

[113.0.5672.92-1]
- update to 113.0.5672.92

[113.0.5672.63-1]
- update to 113.0.5672.63

[112.0.5615.165-2]
- make --use-gl=egl default for x11/wayland
- enable WebUIDarkMode

[112.0.5615.165-1]
- update to 112.0.5615.165

[112.0.5615.121-2]
- fix vaapi issue on xwayland
- fix the build order, chrome_feed_response_metadata.pb.h file not found
- fix compiler flags and typo

[112.0.5615.121-1]
- update to 112.0.5615.121

[112.0.5615.49-1]
- update to 112.0.5615.49
- fix #2184142, Small fonts in menus

[111.0.5563.146-1]
- update to 111.0.5563.146

[111.0.5563.110-2]
- Fix ffmpeg note in README.fedora

[111.0.5563.110-1]
- update to 111.0.5563.110

[111.0.5563.64-2]
- Rebuild for ffmpeg 6.0

[111.0.5563.64-1]
- update to 111.0.5563.64

[111.0.5563.50-1]
- update to 111.0.5563.50
- system freetype on fedora > 36

[110.0.5481.177-1]
- update to 110.0.5481.177
- workaround for crash on aarch64, rhel8

[110.0.5481.100-3]
- Enable PipeWire screen sharing on RHEL8+

[110.0.5481.100-2]
- fixed bz#2036205, failed to load GLES library

[110.0.5481.100-1]
- update to 110.0.5481.100

[110.0.5481.77-2]
- fix #2071126, enable support V4L2 stateless decoders for aarch64 plattform
- fix prefers-color-scheme
- drop snapshot_blob.bin, replace snapshot_blob.bin with v8_context_snapshot.bin
- move headless_lib*.pak to headless subpackage

[110.0.5481.77-1]
- update to 110.0.5481.77

[110.0.5481.61-1]
- update to 110.0.5481.61

[109.0.5414.119-2]
- Use ffmpeg decoders for h264 support

[109.0.5414.119-1]
- update to 109.0.5414.119

[109.0.5414.74-4]
- clean up

[109.0.5414.74-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild

[109.0.5414.74-2]
- conditionalize system_build_flags
- cleaned up gn defines
- add BR on python3-importlib-metadata
- set correct toolchain gcc|clang
- fix FTBFS with gcc13

[109.0.5414.74-1]
- update to 109.0.5414.74

[108.0.5359.124-5]
- enable qt backend for el >= 9 and fedora >= 35
- drop i686
- conditional BR on java-1.8.0-openjdk-headless

[108.0.5359.124-4]
- vaapi support for wayland

[108.0.5359.124-3]
- build with system ffmpeg-free and system libaom
- fix widewine extension issue
- vaapi, disable UseChromeOSDirectVideoDecoder
- workaround for linking issue in clang <= 14

[108.0.5359.124-2]
- turn headless back on (chrome-remote-desktop will stay off, probably forever)

[108.0.5359.124-1]
- update to 108.0.5359.124
- switch to clang

[107.0.5304.121-1]
- update to 107.0.5304.121

[107.0.5304.110-1]
- update to 107.0.5304.110




Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By AdvisoryChannel Label
Oracle Linux 9 (x86_64) chromium-129.0.6668.70-1.el9.src.rpm6214ce261454f3dd0e247c6e5344014b-ol9_x86_64_developer_EPEL
chromedriver-129.0.6668.70-1.el9.x86_64.rpmd56583fa11a86a31519923a900c4a9d8-ol9_x86_64_developer_EPEL
chromium-129.0.6668.70-1.el9.x86_64.rpma42230284d74334d6d93a814ac7f45e2-ol9_x86_64_developer_EPEL
chromium-common-129.0.6668.70-1.el9.x86_64.rpmda993f04d0698b1e8b4bfa6f49daaecf-ol9_x86_64_developer_EPEL
chromium-headless-129.0.6668.70-1.el9.x86_64.rpm3adbde52fc4a39afd1000c0bfe24505d-ol9_x86_64_developer_EPEL
chromium-qt5-ui-129.0.6668.70-1.el9.x86_64.rpm2132cb96f9ea7f5e589442b161ca829e-ol9_x86_64_developer_EPEL


This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections:

software.hardware.complete