Lucene search

K
altlinuxHttps://packages.altlinux.org/en/sisyphus/security/AF33DF2FCB7CD238CA2AC81CF198F71E
HistoryApr 04, 2023 - 12:00 a.m.

Security fix for the ALT Linux 10 package yandex-browser-stable version 23.1.2.1033-alt1

2023-04-0400:00:00
https://packages.altlinux.org/en/sisyphus/security/
packages.altlinux.org
21
alt linux 10
yandex browser
security fix
version 23.1.2
cve-2022-4436
cve-2022-4437
cve-2022-4438
cve-2022-4439
cve-2022-4440
cve-2022-4262
cve-2022-4174
cve-2022-4175
cve-2022-4176
cve-2022-4177
cve-2022-4178
cve-2022-4179
cve-2022-4180
cve-2022-4181
cve-2022-4182
cve-2022-4183
cve-2022-4184
cve-2022-4185
cve-2022-4186
cve-2022-4187
cve-2022-4188
cve-2022-4189
cve-2022-4190
cve-2022-4191
cve-2022-4192
cve-2022-4193
cve-2022-4194
cve-2022-4195
cve-2022-4135
cve-2022-3885
cve-2022-3886
cve-2022-3887
cve-2022-3888
cve-2022-3889
cve-2022-3890
cve-2022-3723
cve-2022-3652
cve-2022-3653
cve-2022-3654
cve-2022-3655
cve-2022-3656
cve-2022-3657
cve-2022-3658
cve-2022-3659
cve-2022-3660
cve-2022-3661
unix

EPSS

0.035

Percentile

91.6%

23.1.2.1033-alt1 built April 4, 2023 Yandex Browser Team in task #317282

March 20, 2023 Yandex Browser Team

- browser updated to 23.1.2
  + High CVE-2022-4436: Use after free in Blink Media.
  + High CVE-2022-4437: Use after free in Mojo IPC.
  + High CVE-2022-4438: Use after free in Blink Frames.
  + High CVE-2022-4439: Use after free in Aura.
  + Medium CVE-2022-4440: Use after free in Profiles.
  + High CVE-2022-4262: Type Confusion in V8.
  + High CVE-2022-4174: Type Confusion in V8.
  + High CVE-2022-4175: Use after free in Camera Capture.
  + High CVE-2022-4176: Out of bounds write in Lacros Graphics.
  + High CVE-2022-4177: Use after free in Extensions.
  + High CVE-2022-4178: Use after free in Mojo.
  + High CVE-2022-4179: Use after free in Audio.
  + High CVE-2022-4180: Use after free in Mojo.
  + High CVE-2022-4181: Use after free in Forms.
  + Medium CVE-2022-4182: Inappropriate implementation in Fenced Frames.
  + Medium CVE-2022-4183: Insufficient policy enforcement in Popup Blocker.
  + Medium CVE-2022-4184: Insufficient policy enforcement in Autofill.
  + Medium CVE-2022-4185: Inappropriate implementation in Navigation.
  + Medium CVE-2022-4186: Insufficient validation of untrusted input in Downloads.
  + Medium CVE-2022-4187: Insufficient policy enforcement in DevTools.
  + Medium CVE-2022-4188: Insufficient validation of untrusted input in CORS.
  + Medium CVE-2022-4189: Insufficient policy enforcement in DevTools.
  + Medium CVE-2022-4190: Insufficient data validation in Directory.
  + Medium CVE-2022-4191: Use after free in Sign-In.
  + Medium CVE-2022-4192: Use after free in Live Caption.
  + Medium CVE-2022-4193: Insufficient policy enforcement in File System API.
  + Medium CVE-2022-4194: Use after free in Accessibility.
  + Medium CVE-2022-4195: Insufficient policy enforcement in Safe Browsing.
  + High CVE-2022-4135: Heap buffer overflow in GPU.
  + High CVE-2022-3885: Use after free in V8.
  + High CVE-2022-3886: Use after free in Speech Recognition.
  + High CVE-2022-3887: Use after free in Web Workers.
  + High CVE-2022-3888: Use after free in WebCodecs.
  + High CVE-2022-3889: Type Confusion in V8.
  + High CVE-2022-3890: Heap buffer overflow in Crashpad.
  + High CVE-2022-3723: Type Confusion in V8.
  + High CVE-2022-3652: Type Confusion in V8.
  + High CVE-2022-3653: Heap buffer overflow in Vulkan.
  + High CVE-2022-3654: Use after free in Layout.
  + Medium CVE-2022-3655: Heap buffer overflow in Media Galleries.
  + Medium CVE-2022-3656: Insufficient data validation in File System.
  + Medium CVE-2022-3657: Use after free in Extensions.
  + Medium CVE-2022-3658: Use after free in Feedback service on Chrome OS.
  + Medium CVE-2022-3659: Use after free in Accessibility.
  + Medium CVE-2022-3660: Inappropriate implementation in Full screen mode.
  + Low CVE-2022-3661: Insufficient data validation in Extensions.