Bug 2251984

Summary: (security) 119.0.6045.199 available
Product: [Fedora] Fedora Reporter: pmquinn5
Component: chromiumAssignee: Tom "spot" Callaway <spotrh>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: high Docs Contact:
Priority: unspecified    
Version: 39CC: spotrh, than, tpopela, yaneti
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: Unspecified   
OS: Linux   
Whiteboard:
Fixed In Version: chromium-119.0.6045.199-1.fc39 Doc Type: ---
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2023-11-30 03:30:47 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description pmquinn5 2023-11-28 20:28:39 UTC 
[N/A][1491459] High CVE-2023-6348: Type Confusion in Spellcheck. Reported by Mark Brand of Google Project Zero on 2023-10-10
[$31000][1494461] High CVE-2023-6347: Use after free in Mojo. Reported by Leecraso and Guang Gong of 360 Vulnerability Research Institute on 2023-10-21
[$10000][1500856] High CVE-2023-6346: Use after free in WebAudio. Reported by Huang Xilin of Ant Group Light-Year Security Lab on 2023-11-09
[$7000][1501766] High CVE-2023-6350: Out of bounds memory access in libavif. Reported by Fudan University on 2023-11-13
[$7000][1501770] High CVE-2023-6351: Use after free in libavif. Reported by Fudan University on 2023-11-13
[N/A][1505053] High CVE-2023-6345: Integer overflow in Skia. Reported by Benoît Sevens and Clément Lecigne of Google's Threat Analysis Group on 2023-11-24

https://chromereleases.googleblog.com/search/label/Desktop%20Update

Reproducible: Always
Comment 1 Fedora Update System 2023-11-29 23:34:18 UTC 
FEDORA-2023-145f259a77 has been submitted as an update to Fedora 39. https://bodhi.fedoraproject.org/updates/FEDORA-2023-145f259a77
Comment 2 Fedora Update System 2023-11-30 03:30:47 UTC 
FEDORA-2023-145f259a77 has been pushed to the Fedora 39 stable repository.
If problem still persists, please make note of it in this bug report.