Updated chromium-browser-stable packages fix security vulnerability
Publication date: 24 Dec 2022Modification date: 24 Dec 2022
Type: security
Affected Mageia releases : 8
CVE: CVE-2022-4436 , CVE-2022-4437 , CVE-2022-4438 , CVE-2022-4439 , CVE-2022-4440
Description
The chromium-browser-stable package has been updated to the 108.0.5359.124
release, fixing 8 vulnerabilities.
Some of the security fixes are ...
High CVE-2022-4436: Use after free in Blink Media. Reported by Anonymous
on 2022-11-15
High CVE-2022-4437: Use after free in Mojo IPC. Reported by
koocola(@alo_cook) and Guang Gong of 360 Vulnerability Research
Institute on 2022-11-30
High CVE-2022-4438: Use after free in Blink Frames. Reported by Anonymous
on 2022-11-07
High CVE-2022-4439: Use after free in Aura. Reported by Anonymous on
2022-11-22
Medium CVE-2022-4440: Use after free in Profiles. Reported by Anonymous on
2022-11-09
References
- https://bugs.mageia.org/show_bug.cgi?id=31288
- https://chromereleases.googleblog.com/2022/12/stable-channel-update-for-desktop_13.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4436
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4437
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4438
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4439
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4440
SRPMS
8/core
- chromium-browser-stable-108.0.5359.124-1.mga8