23.1.2.1033-alt1 built April 4, 2023 Yandex Browser Team in task #317282
March 20, 2023 Yandex Browser Team
- browser updated to 23.1.2
+ High CVE-2022-4436: Use after free in Blink Media.
+ High CVE-2022-4437: Use after free in Mojo IPC.
+ High CVE-2022-4438: Use after free in Blink Frames.
+ High CVE-2022-4439: Use after free in Aura.
+ Medium CVE-2022-4440: Use after free in Profiles.
+ High CVE-2022-4262: Type Confusion in V8.
+ High CVE-2022-4174: Type Confusion in V8.
+ High CVE-2022-4175: Use after free in Camera Capture.
+ High CVE-2022-4176: Out of bounds write in Lacros Graphics.
+ High CVE-2022-4177: Use after free in Extensions.
+ High CVE-2022-4178: Use after free in Mojo.
+ High CVE-2022-4179: Use after free in Audio.
+ High CVE-2022-4180: Use after free in Mojo.
+ High CVE-2022-4181: Use after free in Forms.
+ Medium CVE-2022-4182: Inappropriate implementation in Fenced Frames.
+ Medium CVE-2022-4183: Insufficient policy enforcement in Popup Blocker.
+ Medium CVE-2022-4184: Insufficient policy enforcement in Autofill.
+ Medium CVE-2022-4185: Inappropriate implementation in Navigation.
+ Medium CVE-2022-4186: Insufficient validation of untrusted input in Downloads.
+ Medium CVE-2022-4187: Insufficient policy enforcement in DevTools.
+ Medium CVE-2022-4188: Insufficient validation of untrusted input in CORS.
+ Medium CVE-2022-4189: Insufficient policy enforcement in DevTools.
+ Medium CVE-2022-4190: Insufficient data validation in Directory.
+ Medium CVE-2022-4191: Use after free in Sign-In.
+ Medium CVE-2022-4192: Use after free in Live Caption.
+ Medium CVE-2022-4193: Insufficient policy enforcement in File System API.
+ Medium CVE-2022-4194: Use after free in Accessibility.
+ Medium CVE-2022-4195: Insufficient policy enforcement in Safe Browsing.
+ High CVE-2022-4135: Heap buffer overflow in GPU.
+ High CVE-2022-3885: Use after free in V8.
+ High CVE-2022-3886: Use after free in Speech Recognition.
+ High CVE-2022-3887: Use after free in Web Workers.
+ High CVE-2022-3888: Use after free in WebCodecs.
+ High CVE-2022-3889: Type Confusion in V8.
+ High CVE-2022-3890: Heap buffer overflow in Crashpad.
+ High CVE-2022-3723: Type Confusion in V8.
+ High CVE-2022-3652: Type Confusion in V8.
+ High CVE-2022-3653: Heap buffer overflow in Vulkan.
+ High CVE-2022-3654: Use after free in Layout.
+ Medium CVE-2022-3655: Heap buffer overflow in Media Galleries.
+ Medium CVE-2022-3656: Insufficient data validation in File System.
+ Medium CVE-2022-3657: Use after free in Extensions.
+ Medium CVE-2022-3658: Use after free in Feedback service on Chrome OS.
+ Medium CVE-2022-3659: Use after free in Accessibility.
+ Medium CVE-2022-3660: Inappropriate implementation in Full screen mode.
+ Low CVE-2022-3661: Insufficient data validation in Extensions.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ALT Linux | 10 | src | yandex-browser-stable-23.3.1.946-alt1.src.rpm | < 23.1.2.1033-alt1 | yandex-browser-stable-23.3.1.946-alt1.src.rpm |
ALT Linux | 10 | x86_64 | yandex-browser-stable-23.3.1.946-alt1.x86_64.rpm | < 23.1.2.1033-alt1 | yandex-browser-stable-23.3.1.946-alt1.x86_64.rpm |