My thoughts on Slackware, life and everything

Tag: chromium (Page 7 of 20)

Chromium 99 critical security fix, upgrade asap

I have uploaded new chromium 99 packages for Slackware. The chromium-ungoogled 99 packages are currently being built and will follow shortly.
These new packages were triggered by a recent Google Chromium update which mentions a fix for a security hole which allows remote attackers to take control of your computer. Opening a malicious advertisement or web page is already sufficient, the vulnerability does not need any interaction to do its work. See CVE-2022-0971.

Get my Chromium packages for version 99.0.4844.74 from my repository or any mirror, and upgrade to these as soon as you can: https://slackware.nl/people/alien/slackbuilds/chromium/ or https://us.slackware.nl/people/alien/slackbuilds/chromium/

Links to the un-googled chromium: https://slackware.nl/people/alien/slackbuilds/chromium-ungoogled/ or https://us.slackware.nl/people/alien/slackbuilds/chromium-ungoogled/ .

These packages work on Slackware 14.2 and newer, 32bit as well as 64bit variants still of course.

On 32bit Slackware 15.0 and newer, Patrick has updated the profile script as part of a qt5 package upgrade so that Chromium crashes are prevented by automatically disabling the seccomp filter sandbox:

# Unfortunately Chromium and derived projects (including QtWebEngine) seem
# to be suffering some bitrot when it comes to 32-bit support, so we are
# forced to disable the seccomp filter sandbox on 32-bit or else all of these
# applications crash. If anyone has a patch that gets these things running on
# 32-bit without this workaround, please let volkerdi or alienBOB know, or
# post your solution on LQ. Thanks. :-)
if file /bin/cat | grep -wq 32-bit ; then
  export QTWEBENGINE_CHROMIUM_FLAGS="--disable-seccomp-filter-sandbox"
fi

Eric

Chromium security update remedies actively used exploit

New chromium and chromium-ungoogled packages for Slackware!
The recent Google Chromium update aims to plug a security hole which is already exploited out there, allowing attackers to take control of your computer. See CVE-2022-0609.
Get my Chromium packages for version 98.0.4758.102 (regular as well as un-googled) and upgrade to these as soon as you can: https://slackware.nl/people/alien/slackbuilds/chromium/ and https://slackware.nl/people/alien/slackbuilds/chromium-ungoogled/ .

These packages work on Slackware 14.2 and newer, 32bit as well as 64bit variants still of course.

Eric

Security updates for glibc and chromium

Two reminders about security related package updates in my repositories.

Google released an update to its chromium sources last week and I built packages for Slackware (14.2 and -current). You may already have seen them appear if you follow the ChangeLog.txt for my repository.
Get Chromium 97.0.4692.99 now, because it addresses one critical vulnerability (CVE-2022-0289): https://slackware.nl/people/alien/slackbuilds/chromium/

The GNU C Library (glibc) package for Slackware was rebuilt and hence also my multilib packages for glibc needed an update, after two security vulnerabilities were fixed (CVE-2021-3998 and CVE-2021-3999).
The multilib glibc packages (release 2.33, build ‘5alien’) can be found at http://www.slackware.com/~alien/multilib/current/ .

 

Eric

Chromium 97 added to my repository; fixes a critical vulnerability

A couple of days ago Google released the sources for Chromium 97.0.4692.71. I am still waiting for an update to the chromium-ungoogled sources but I have already uploaded Slackware packages for chromium (targeting 14.2 and -current) to my repository.

This release addresses one ‘critical’ vulnerability (CVE-2022-0096, ‘Use after free in Storage‘) and brings a total of 37 security fixes. From a user perspective, I could not find particularly exciting new functionality in the release notes. The security fixes still make this a recommended upgrade.

You can get my chromium packages from slackware.nl or its mirrors.

Eric

Update 08-jan-2022: packages for chromium-ungoogled 97.0.4692.71 are now also available in my repository.

Chromium 96 update (also for ungoogled variant)

I have uploaded a set of new packages, both for Chromium 96.0.4664.93 and its “un-googled” variant.

I am lagging a bit behind on the source release which happened last monday, but my mind is occupied with all the stuff that is needed to get ready for out-of-the-box SecureBoot support.
You can get the chromium and chromium-ungoogled packages from slackware.nl – so go grab them! They address several vulnerabilities as usual with these updates.

Reminder: you can read my earlier article “How to un-google your Chromium browser experience” to understand how it differs from the regular Chromium.

Eric

« Older posts Newer posts »

© 2024 Alien Pastures

Theme by Anders NorenUp ↑