Tag: cve (Page 2 of 21)

Chromium 117.0.5938.132 fixes zero-day exploit

September 29, 2023 / alienbob / 6 Comments

Just yesterday I uploaded my packages for chromium and chromium-ungoogled to 117.0.5938.92. Only to discover right before heading to bed that there’s a new security update available… Chromium 117.0.5938.132 fixes a zero-day vulnerability in libvpx (CVE-2023-5217) which is already actively exploited to install spyware on computers.

The chromium packages for 117.0.5938.132 are already available in my repository. The chromium-ungoogled packages are currently compiling and will become available in the evening (CET timezone) i.e. later today.
It’s highly recommended to upgrade to my latest chromium and chromium-ungoogled packages.

Find the updated Slackware 15.0 and -current packages both for chromium and chromium-ungoogled in my repository and its mirrors (like my own US server and in a short while, the UK mirror).

Cheers, Eric

Chromium 114.0.5735.133 packages address critical bug

June 17, 2023 / alienbob / 27 Comments

Chromium, regular and un-googled.

Earlier this week, Google released its 114.0.5735.133 update for Chromium 114.
This is a bugfix release and on the list of addressed security issues, there’s one which is labeled as ‘critical‘, labeled CVE-2023-3214. Three other fixes are labeled with a vulnerability rating of ‘high‘.
As always, it is wise to upgrade to my latest chromium and chromium-ungoogled packages.

The updated Slackware 15.0 and -current packages both for chromium and chromium-ungoogled are available in my repository and its mirrors (like my own US server and in a short while, the UK mirror).

Cheers, Eric

Update available for Chromium 112 to address zero-day exploit

April 16, 2023 / alienbob / 15 Comments

Chromium, regular and un-googled.

Two days ago on friday, Google released an out-of-cycle stable update. This 112.0.5615.121 update addresses and fixes a zero-day exploit (CVE-2023-2033) which is already actively abused. Since it is a bug in the JavaScript engine, a hacker can craft a HTML page in such a way that your browser will run malicious code on your computer just by loading that web page.

I still get the occasional question “what is this un-googled chromium“? I wrote two articles about it on the blog a while ago: “How to un-google your Chromium browser experience” and “Sync and share your (Chromium and more) browser data among all your computers“. Check those out!

Cheers, Eric

Chromium (also ungoogled) now at version 112

April 8, 2023 / alienbob / 6 Comments

Last week the Chromium source code major version was upped to 112. According to the developer blog, this release addresses 16 security issues, none of them critical. Nevertheless, better safe than sorry, so the Slackware packages (15.0 and -current) for Chromium are now ready for downloading from my repository or any of its mirrors. Likewise chromium-ungoogled.

The regular as well as the Un-googled Chromium browser is now at version 112.0.5615.49.
Let’s see what version 113 brings next month – it should have enabled WebGPU by default on ChromeOS even though the Linux builds of Chrome seem to have to wait a bit longer. I wonder if it’s just compile options that I could try to exploit for my Chromium build. I am also curious to see where WebGPU is going to be used in 3D-rendered web applications.

Enjoy! Eric

New update for Chromium to address 0-day exploit

December 4, 2022 / alienbob / 45 Comments

Chromium, regular and un-googled.

Earlier last week Google released 108.0.5359.71. On friday, I had finally built and uploaded Slackware packages for this, when they released a quick fix to plug an already actively exploited hole (CVE-2022-4262).
The intermediate release took me by surprise. Luckily someone alerted me to the security fix in the comments section of my previous post. I grabbed the new source tarballs and built 108.0.5359.94 in the course of the weekend.
And I have now uploaded new packages both for chromium and chromium-ungoogled. Target OS releases are Slackware 14.2 and higher (32bit and 64bit).

Quick reminder:
I will stop releasing Chromium packages for Slackware 14.2 after February 2nd, 2023. On that day, Slackware 15.0 is one year old and I expect that everybody who uses a graphical desktop on Slackware, will have upgraded from Slackware 14.2 to 15.0 during that year. If you did upgrade yet but still want to use my Chromium browser packages, you still have two months’ time to prepare and execute that upgrade.
Chromium packages for Slackware 15.0 and -current will of course keep coming.

Cheers, Eric

December 2024
M	T	W	T	F	S	S
	1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28	29
30	31

Sun, 22 Dec 2024 03:52:10 GMT December 22, 2024
a/userspace-rcu-0.15.0-x86_64-1.txz: Upgraded. ap/nano-8.3-x86_64-1.txz: Upgraded. d/luajit-2.1.1734355927-x86_64-1.txz: Upgraded. x/mesa-24.2.8-x86_64-1.txz: Upgraded. We'll use this more stable branch in the main tree for a while. x/wayland-protocols-1.39-noarch-1.txz: Upgraded. xap/gnuplot-6.0.2-x86_64-1.txz: Upgraded. xfce/xfce4-screensaver-4.18.4-x86_64-1.txz: Upgraded. xfce/xfce4-session-4.20.0-x86_64-3.txz: Rebuilt. startxfce4: call labwc with --session. Thanks to nikybiasionoru_82. testing/packages/mesa-24.3.2-x86_64-1.txz: Added. Moved Mesa 24.3 into /testing.

SlackBuilds.org changes for Sat, 21 Dec 2024 00:11:49 GMT
academic/FreeFem: Updated for version 4.15. academic/openboard: Updated for version 1.7.3. academic/plus42: Updated for version 1.1.15 audio/rakarrack: Fix download URL. audio/tuxguitar: Updated for version 1.6.5 desktop/jgmenu: Updated for version 4.5.0. desktop/mint-themes: Update for 2.2.2 desktop/mint-y-icons: Update for 1.8.0 development/aws-cdk: Updated for version 2.173.1. development/aws-cdk: Updated for version 2.173.2. development/dotnet-sdk-9.0: Updated for version 9.0.101. development/electron: Update for […]

Tag: cve (Page 2 of 21)

Chromium 117.0.5938.132 fixes zero-day exploit

Chromium 114.0.5735.133 packages address critical bug

Update available for Chromium 112 to address zero-day exploit

Chromium (also ungoogled) now at version 112

New update for Chromium to address 0-day exploit

About this blog

Sponsoring

Categories

Subscribe to Blog via Email

My Favourites

Online me

Slackware

Calendar

slackbuilds

multilib

Slackware64-current

SBo

Meta

Top Posts & Pages

Recent posts

Recent comments