-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2018-8e866c5066 2018-11-30 02:48:37.834222 --------------------------------------------------------------------------------
Name : chromium Product : Fedora 29 Version : 70.0.3538.110 Release : 1.fc29 URL : http://www.chromium.org/Home Summary : A WebKit (Blink) powered web browser Description : Chromium is an open-source web browser, powered by WebKit (Blink).
-------------------------------------------------------------------------------- Update Information:
Security fix for CVE-2018-17478 CVE-2018-17479. Update to 70.0.3538.110. -------------------------------------------------------------------------------- ChangeLog:
* Mon Nov 26 2018 Tom Callaway spot@fedoraproject.org - 70.0.3538.110-1 - update to .110 * Wed Nov 7 2018 Tom Callaway spot@fedoraproject.org - 70.0.3538.77-4 - fix library requires filtering * Tue Nov 6 2018 Tom Callaway spot@fedoraproject.org - 70.0.3538.77-3 - fix build with harfbuzz2 in rawhide * Mon Nov 5 2018 Tom Callaway spot@fedoraproject.org - 70.0.3538.77-2 - drop jumbo_file_merge_limit to 8 to (hopefully) avoid OOMs on aarch64 * Fri Nov 2 2018 Tom Callaway spot@fedoraproject.org - 70.0.3538.77-1 - .77 came out while I was working on this. :/ * Fri Nov 2 2018 Tom Callaway spot@fedoraproject.org - 70.0.3538.67-1 - update to 70 * Tue Oct 16 2018 Tom Callaway spot@fedoraproject.org - 69.0.3497.100-2 - do not play with fonts on freeworld builds * Thu Oct 4 2018 Tom Callaway spot@fedoraproject.org - 69.0.3497.100-1 - update to 69.0.3497.100 * Wed Sep 12 2018 Tom Callaway spot@fedoraproject.org - 69.0.3497.92-1 - update to 69.0.3497.92 * Wed Sep 5 2018 Tom Callaway spot@fedoraproject.org - 69.0.3497.81-1 - update to 69.0.3497.81 * Tue Aug 28 2018 Patrik Novotn�� panovotn@redhat.com - 68.0.3440.106-4 - change requires to minizip-compat(-devel), rhbz#1609830, rhbz#1615381 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1651487 - CVE-2018-17479 chromium-browser: Use-after-free in GPU https://bugzilla.redhat.com/show_bug.cgi?id=1651487 [ 2 ] Bug #1648855 - CVE-2018-17478 chromium-browser: Out of bounds memory access in V8 https://bugzilla.redhat.com/show_bug.cgi?id=1648855 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-8e866c5066' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------
package-announce@lists.fedoraproject.org