Fedora Local Security Checks : Fedora: Security Advisory (FEDORA-2023-c890266d3f)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.1.9.2023.998902661003102
Category:	Fedora Local Security Checks
Title:	Fedora: Security Advisory (FEDORA-2023-c890266d3f)
Summary:	The remote host is missing an update for the 'chromium' package(s) announced via the FEDORA-2023-c890266d3f advisory.
Description:	Summary: The remote host is missing an update for the 'chromium' package(s) announced via the FEDORA-2023-c890266d3f advisory. Vulnerability Insight: update to 117.0.5938.132. Fixes following security issues: CVE-2023-5129 CVE-2023-5186 ---- Update to 117.0.5938.92. ---- update to 117.0.5938.88 ---- update to 117.0.5938.62. Fixes following security issues: CVE-2023-4900 CVE-2023-4901 CVE-2023-4902 CVE-2023-4903 CVE-2023-4904 CVE-2023-4905 CVE-2023-4906 CVE-2023-4907 CVE-2023-4908 CVE-2023-4909 ---- update to 116.0.5845.187. Fixes following security issue: CVE-2023-4863 Affected Software/OS: 'chromium' package(s) on Fedora 39. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2023-4863 https://security.gentoo.org/glsa/202401-10 http://www.openwall.com/lists/oss-security/2023/09/21/4 http://www.openwall.com/lists/oss-security/2023/09/22/1 http://www.openwall.com/lists/oss-security/2023/09/22/3 http://www.openwall.com/lists/oss-security/2023/09/22/4 http://www.openwall.com/lists/oss-security/2023/09/22/5 http://www.openwall.com/lists/oss-security/2023/09/22/6 http://www.openwall.com/lists/oss-security/2023/09/22/7 http://www.openwall.com/lists/oss-security/2023/09/22/8 http://www.openwall.com/lists/oss-security/2023/09/26/1 http://www.openwall.com/lists/oss-security/2023/09/26/7 http://www.openwall.com/lists/oss-security/2023/09/28/1 http://www.openwall.com/lists/oss-security/2023/09/28/2 http://www.openwall.com/lists/oss-security/2023/09/28/4 https://adamcaudill.com/2023/09/14/whose-cve-is-it-anyway/ https://blog.isosceles.com/the-webp-0day/ https://bugzilla.suse.com/show_bug.cgi?id=1215231 https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html https://crbug.com/1479274 https://en.bandisoft.com/honeyview/history/ https://github.com/webmproject/libwebp/commit/902bc9190331343b2017211debcec8d2ab87e17a https://github.com/webmproject/libwebp/releases/tag/v1.3.2 https://lists.debian.org/debian-lts-announce/2023/09/msg00015.html https://lists.debian.org/debian-lts-announce/2023/09/msg00016.html https://lists.debian.org/debian-lts-announce/2023/09/msg00017.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FYYKLG6CRGEDTNRBSU26EEWAO6D6U645/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OZDGWWMJREPAGKWCJKSCM4WYLANSKIFX/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PYZV7TMKF4QHZ54SFJX54BDN52VHGGCX/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHOLML7N2G5KCAZXFWC5IDFFHSQS5SDB/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/ https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4863 https://news.ycombinator.com/item?id=37478403 https://security-tracker.debian.org/tracker/CVE-2023-4863 https://security.gentoo.org/glsa/202309-05 https://security.netapp.com/advisory/ntap-20230929-0011/ https://sethmlarson.dev/security-developer-in-residence-weekly-report-16 https://stackdiary.com/critical-vulnerability-in-webp-codec-cve-2023-4863/ https://www.bentley.com/advisories/be-2023-0001/ https://www.bleepingcomputer.com/news/google/google-fixes-another-chrome-zero-day-bug-exploited-in-attacks/ https://www.debian.org/security/2023/dsa-5496 https://www.debian.org/security/2023/dsa-5497 https://www.debian.org/security/2023/dsa-5498 https://www.mozilla.org/en-US/security/advisories/mfsa2023-40/ Common Vulnerability Exposure (CVE) ID: CVE-2023-4900 Debian Security Information: DSA-5499 (Google Search) https://www.debian.org/security/2023/dsa-5499 https://security.gentoo.org/glsa/202401-34 https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_12.html https://crbug.com/1430867 Common Vulnerability Exposure (CVE) ID: CVE-2023-4901 https://crbug.com/1459281 Common Vulnerability Exposure (CVE) ID: CVE-2023-4902 https://crbug.com/1454515 Common Vulnerability Exposure (CVE) ID: CVE-2023-4903 https://crbug.com/1446709 Common Vulnerability Exposure (CVE) ID: CVE-2023-4904 https://crbug.com/1453501 Common Vulnerability Exposure (CVE) ID: CVE-2023-4905 https://crbug.com/1441228 Common Vulnerability Exposure (CVE) ID: CVE-2023-4906 https://crbug.com/1449874 Common Vulnerability Exposure (CVE) ID: CVE-2023-4907 https://crbug.com/1462104 Common Vulnerability Exposure (CVE) ID: CVE-2023-4908 https://crbug.com/1451543 Common Vulnerability Exposure (CVE) ID: CVE-2023-4909 https://crbug.com/1463293 Common Vulnerability Exposure (CVE) ID: CVE-2023-5129 Common Vulnerability Exposure (CVE) ID: CVE-2023-5186 Debian Security Information: DSA-5508 (Google Search) https://www.debian.org/security/2023/dsa-5508 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6/ https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html https://crbug.com/1478889 Common Vulnerability Exposure (CVE) ID: CVE-2023-5187 https://crbug.com/1475798 Common Vulnerability Exposure (CVE) ID: CVE-2023-5217 Debian Security Information: DSA-5509 (Google Search) https://www.debian.org/security/2023/dsa-5509 Debian Security Information: DSA-5510 (Google Search) https://www.debian.org/security/2023/dsa-5510 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/ http://seclists.org/fulldisclosure/2023/Oct/12 http://seclists.org/fulldisclosure/2023/Oct/16 https://security.gentoo.org/glsa/202310-04 https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/ https://bugzilla.redhat.com/show_bug.cgi?id=2241191 https://github.com/webmproject/libvpx/commit/3fbd1dca6a4d2dad332a2110d646e4ffef36d590 https://github.com/webmproject/libvpx/commit/af6dedd715f4307669366944cca6e0417b290282 https://github.com/webmproject/libvpx/tags https://pastebin.com/TdkC4pDv https://security-tracker.debian.org/tracker/CVE-2023-5217 https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217/ https://twitter.com/maddiestone/status/1707163313711497266 https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/ https://www.openwall.com/lists/oss-security/2023/09/28/5 https://crbug.com/1486441 https://lists.debian.org/debian-lts-announce/2023/09/msg00038.html https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html http://www.openwall.com/lists/oss-security/2023/09/28/5 http://www.openwall.com/lists/oss-security/2023/09/28/6 http://www.openwall.com/lists/oss-security/2023/09/29/1 http://www.openwall.com/lists/oss-security/2023/09/29/11 http://www.openwall.com/lists/oss-security/2023/09/29/12 http://www.openwall.com/lists/oss-security/2023/09/29/14 http://www.openwall.com/lists/oss-security/2023/09/29/2 http://www.openwall.com/lists/oss-security/2023/09/29/9 http://www.openwall.com/lists/oss-security/2023/09/29/7 http://www.openwall.com/lists/oss-security/2023/09/30/4 http://www.openwall.com/lists/oss-security/2023/09/30/2 http://www.openwall.com/lists/oss-security/2023/09/30/3 http://www.openwall.com/lists/oss-security/2023/09/30/5 http://www.openwall.com/lists/oss-security/2023/09/30/1 http://www.openwall.com/lists/oss-security/2023/10/01/5 http://www.openwall.com/lists/oss-security/2023/10/01/2 http://www.openwall.com/lists/oss-security/2023/10/01/1 http://www.openwall.com/lists/oss-security/2023/10/02/6 http://www.openwall.com/lists/oss-security/2023/10/03/11
Copyright	Copyright (C) 2024 Greenbone AG