stable

chromium-124.0.6367.60-2.fc39

FEDORA-2024-12edb9dec8 created by than 2 months ago for Fedora 39

update to 124.0.6367.60

  • High CVE-2024-3832: Object corruption in V8
  • High CVE-2024-3833: Object corruption in WebAssembly
  • High CVE-2024-3914: Use after free in V8
  • High CVE-2024-3834: Use after free in Downloads
  • Medium CVE-2024-3837: Use after free in QUIC
  • Medium CVE-2024-3838: Inappropriate implementation in Autofill
  • Medium CVE-2024-3839: Out of bounds read in Fonts
  • Medium CVE-2024-3840: Insufficient policy enforcement in Site Isolation
  • Medium CVE-2024-3841: Insufficient data validation in Browser Switcher
  • Medium CVE-2024-3843: Insufficient data validation in Downloads
  • Low CVE-2024-3844: Inappropriate implementation in Extensions
  • Low CVE-2024-3845: Inappropriate implementation in Network
  • Low CVE-2024-3846: Inappropriate implementation in Prompts
  • Low CVE-2024-3847: Insufficient policy enforcement in WebUI

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2024-12edb9dec8

This update has been submitted for testing by than.

2 months ago

This update's test gating status has been changed to 'ignored'.

2 months ago

This update has been pushed to testing.

2 months ago
User Icon tecnio commented & provided feedback 2 months ago
karma

Does not launch and makes the gnome-shell and other apps unusable until force exited through the terminal. Tested with no extensions.

Bodhi is disabling automatic push to stable due to negative karma. The maintainer may push manually if they determine that the issue is not severe.

2 months ago
User Icon tecnio commented & provided feedback 2 months ago

I also asked a friend using Fedora 40 with identical GPUs (RX 7600) and he is having the same issue with an Electron app with no specific error messages.

User Icon than commented & provided feedback 2 months ago

i tested it on my testing machine with latest f39. It just works fine. I don't have any idee why it. Have you seen any errors when chromium starts from terminal?

Please try to remove .config/chromium/Default/GPUCache/ or maybe clean up your chromium settings and restart chromium again

User Icon tecnio commented & provided feedback 2 months ago

I have already checked the command line there were only 2 errors about the enterprise policy logger and screensaver which were also present on other Chromium versions ever since it's first install and nothing else. I also attempted to clear the GPU cache.

The issue is resolved when using Xwayland instead of native Wayland which comes at the cost of running at the wrong refresh rate (and more) in my case due to having a multiple monitor setup. I have also verified my other friend using the Electron app was running it under native Wayland.

User Icon than commented & provided feedback 2 months ago

for native Wayland you have to set ozone-platform-hint to auto. You can change it in browser flags menu. The browser will provide you a relauch button, Do not use it, just close the browser and the start it again.

User Icon tecnio commented & provided feedback 2 months ago

That's what I'm trying to say, as soon as you set it to auto or Wayland the issue happens, however if you force X11 or keep it default the issue does not happen but it runs under Xwayland.

User Icon tecnio commented & provided feedback 2 months ago

Looks like a black box from the recording however on the screen and on overview it's completely empty and completely glitched and breaks everything including the shell. This happens with a clean config.

https://streamable.com/kv02h7 https://imgur.com/a/4W1SP9z

User Icon tecnio commented & provided feedback 2 months ago

Sorry for the multiple comments however I have just stumbled across the same issue on the r/fedora subreddit as well on a Google Chrome user. The top upvoted solution was to use the "--ozone-platform=wayland" flag however this seems to be broken on the Chrome flags section causing people to have this regression.

https://www.reddit.com/r/Fedora/comments/1c7rh1k/

than edited this update.

New build(s):

  • chromium-124.0.6367.60-2.fc39

Removed build(s):

  • chromium-124.0.6367.60-1.fc39

Karma has been reset.

2 months ago

This update has been submitted for testing by than.

2 months ago
User Icon than commented & provided feedback 2 months ago

the new build includes the fix, could you please download and test? Thanks!

User Icon imabug provided feedback 2 months ago
karma
User Icon tecnio commented & provided feedback 2 months ago

The new build is able to fix the crash however breaks the functionality of the chrome flag entirely. When ran with the flag set to Auto or Wayland, Chromium will ignore this and start under XWayland the only way to actually get it launching on Wayland mode is to use the command line flag.

https://imgur.com/a/N1mx0Wg https://imgur.com/a/ZBX4TsJ

This update has been pushed to testing.

2 months ago

This update can be pushed to stable now if the maintainer wishes

2 months ago

This update has been submitted for stable by than.

2 months ago

This update has been pushed to stable.

a month ago

Please login to add feedback.

Metadata
Type
security
Severity
high
Karma
1
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
disabled
Stable by Time
disabled
Dates
submitted
2 months ago
in testing
2 months ago
in stable
a month ago
modified
2 months ago
approved
2 months ago
BZ#2275546 CVE-2024-3833 CVE-2024-3834 CVE-2024-3837 CVE-2024-3839 CVE-2024-3840 CVE-2024-3841 CVE-2024-3843 CVE-2024-3844 CVE-2024-3845 CVE-2024-3846 CVE-2024-3847 chromium: various flaws [fedora-all]
0
0
BZ#2275816 CVE-2024-3914 chromium: chromium-browser: use after free in V8 [fedora-all]
0
0

Automated Test Results