{"id":"MGASA-2022-0211","summary":"Updated chromium-browser-stable packages fix security vulnerability","details":"The chromium-browser-stable package has been updated to the 102.0.5005.61\nversion, fixing many bugs and 32 CVE. Some of them are listed below:\nCVE-2022-1853: Use after free in Indexed DB.\nCVE-2022-1854: Use after free in ANGLE.\nCVE-2022-1855: Use after free in Messaging.\nCVE-2022-1856: Use after free in User Education.\nCVE-2022-1857: Insufficient policy enforcement in File System API.\nCVE-2022-1858: Out of bounds read in DevTools.\nCVE-2022-1859: Use after free in Performance Manager.\nCVE-2022-1860: Use after free in UI Foundations.\nCVE-2022-1861: Use after free in Sharing.\nCVE-2022-1862: Inappropriate implementation in Extensions.\nCVE-2022-1863: Use after free in Tab Groups.\nCVE-2022-1864: Use after free in WebApp Installs.\nCVE-2022-1865: Use after free in Bookmarks.\nCVE-2022-1866: Use after free in Tablet Mode.\nCVE-2022-1867: Insufficient validation of untrusted input in Data Transfer.\nCVE-2022-1868: Inappropriate implementation in Extensions API.\nCVE-2022-1869: Type Confusion in V8.\nCVE-2022-1870: Use after free in App Service.\nCVE-2022-1871: Insufficient policy enforcement in File System API.\nCVE-2022-1872: Insufficient policy enforcement in Extensions API.\nCVE-2022-1873: Insufficient policy enforcement in COOP.\nCVE-2022-1874: Insufficient policy enforcement in Safe Browsing.\nCVE-2022-1875: Inappropriate implementation in PDF.\nCVE-2022-1876: Heap buffer overflow in DevTools.\nVarious fixes from internal audits, fuzzing and other initiatives.\n","modified":"2026-04-16T00:09:02.721497871Z","published":"2022-05-28T08:56:13Z","upstream":["CVE-2022-1853","CVE-2022-1854","CVE-2022-1855","CVE-2022-1856","CVE-2022-1857","CVE-2022-1858","CVE-2022-1859","CVE-2022-1860","CVE-2022-1861","CVE-2022-1862","CVE-2022-1863","CVE-2022-1864","CVE-2022-1865","CVE-2022-1866","CVE-2022-1867","CVE-2022-1868","CVE-2022-1869","CVE-2022-1870","CVE-2022-1871","CVE-2022-1872","CVE-2022-1873","CVE-2022-1874","CVE-2022-1875","CVE-2022-1876"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2022-0211.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=30470"},{"type":"WEB","url":"https://chromereleases.googleblog.com/2022/05/stable-channel-update-for-desktop_24.html"},{"type":"WEB","url":"https://blog.chromium.org/2022/04/chrome-102-window-controls-overlay-host.html"}],"affected":[{"package":{"name":"chromium-browser-stable","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/chromium-browser-stable?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"102.0.5005.61-1.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0211.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}