Fedora Linux 8552 Published by

Updated chromium and PyDrive security updates are available for Fedora Linux:

Fedora 38 Update: chromium-120.0.6099.109-1.fc38
Fedora 38 Update: PyDrive2-1.18.0-1.fc38




Fedora 38 Update: chromium-120.0.6099.109-1.fc38


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2023-3d9f7ca27f
2023-12-16 01:25:38.253990
--------------------------------------------------------------------------------

Name : chromium
Product : Fedora 38
Version : 120.0.6099.109
Release : 1.fc38
URL : http://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).

--------------------------------------------------------------------------------
Update Information:

update to 120.0.6099.109 - High CVE-2023-6702: Type Confusion in V8 -
High CVE-2023-6703: Use after free in Blink - High CVE-2023-6704: Use after
free in libavif - High CVE-2023-6705: Use after free in WebRTC - High
CVE-2023-6706: Use after free in FedCM - Medium CVE-2023-6707: Use after free
in CSS
--------------------------------------------------------------------------------
ChangeLog:

* Wed Dec 13 2023 Than Ngo [than@redhat.com] - 120.0.6099.109-1
- update to 120.0.6099.109
* High CVE-2023-6702: Type Confusion in V8
* High CVE-2023-6703: Use after free in Blink
* High CVE-2023-6704: Use after free in libavif
* High CVE-2023-6705: Use after free in WebRTC
* High CVE-2023-6706: Use after free in FedCM
* Medium CVE-2023-6707: Use after free in CSS
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2023-3d9f7ca27f' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--



Fedora 38 Update: PyDrive2-1.18.0-1.fc38


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2023-21d2191c73
2023-12-16 01:25:38.253889
--------------------------------------------------------------------------------

Name : PyDrive2
Product : Fedora 38
Version : 1.18.0
Release : 1.fc38
URL : https://github.com/iterative/PyDrive2
Summary : Google Drive API Python wrapper library, maintained fork of PyDrive
Description :
Google Drive API Python wrapper library. Maintained fork of PyDrive.

--------------------------------------------------------------------------------
Update Information:

Update to 1.18 and security fix for CVE-2023-49297
--------------------------------------------------------------------------------
ChangeLog:

* Thu Dec 7 2023 Mikel Olasagasti Uranga [mikel@olasagasti.info] - 1.18.0-1
- Update to 1.18.0 - Closes rhbz#2253086 rhbz#2253467
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2253085 - CVE-2023-49297 pydrive2: potential arbitrary code execution via unsafe YAML deserilization
https://bugzilla.redhat.com/show_bug.cgi?id=2253085
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2023-21d2191c73' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
--