Bug 41963 - Запрос на обновление до версии 98.0.4758.102 в связи c несколькими CVE
Summary: Запрос на обновление до версии 98.0.4758.102 в связи c несколькими CVE
Status: CLOSED FIXED
Alias: None
Product: Branch p9
Classification: Distributions
Component: chromium-gost (show other bugs)
Version: не указана
Hardware: all Linux
: P5 major
Assignee: qa-team@altlinux.org
QA Contact: qa-p9@altlinux.org
URL: https://chromereleases.googleblog.com...
Keywords: security
Depends on:
Blocks:
 
Reported: 2022-02-15 22:33 MSK by saber
Modified: 2022-03-21 16:40 MSK (History)
2 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description saber 2022-02-15 22:33:08 MSK 
[15000$] [1290008] High CVE-2022-0603: Use after free in File Manager. Reported by Chaoyuan Peng (@ret2happy) on 2022-01-22

[$7000][1273397] High CVE-2022-0604: Heap buffer overflow in Tab Groups. Reported by Krace on 2021-11-24

[$7000][1286940] High CVE-2022-0605: Use after free in Webstore API. Reported by Thomas Orlita on 2022-01-13

[$7000][1288020] High CVE-2022-0606: Use after free in ANGLE. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2022-01-17

[$TBD][1250655] High CVE-2022-0607: Use after free in GPU. Reported by 0x74960 on 2021-09-17

[$NA][1270333] High CVE-2022-0608: Integer overflow in Mojo. Reported by Sergei Glazunov of Google Project Zero on 2021-11-16

[$NA][1296150] High CVE-2022-0609: Use after free in Animation. Reported by Adam Weidemann and Clément Lecigne of Google's Threat Analysis Group on 2022-02-10

[$TBD][1285449] Medium CVE-2022-0610: Inappropriate implementation in Gamepad API. Reported by Anonymous on 2022-01-08
Comment 1 JK 2022-02-23 13:57:41 MSK 
Хотелось бы не только для Сизифа и p9 и p8 кое где работают, дырка то нехорошая