Package yandex-browser-stable: Information
Default inline alert: Version in the repository: 24.1.3.845-alt1
Source package: yandex-browser-stable
Version: 23.3.1.929-alt1
Build time: Apr 17, 2023, 01:25 PM in the task #318614
Category: Networking/WWW
Report package bugHome page: http://browser.yandex.ru/
License: ALT-YANDEX-BROWSER
Summary: Yandex Browser
Description:
The web browser from Yandex Yandex Browser is a browser that combines a minimal design with sophisticated technology to make the web faster, safer, and easier.
Maintainer: Yandex Browser Team
Last changed
April 17, 2023 Yandex Browser Team 23.3.1.929-alt1
- Browser updated to 23.3.1.929 - Fix installation of partner data
April 11, 2023 Yandex Browser Team 23.3.1.916-alt1
- Browser updated to 23.3.1 + Critical CVE-2023-0941: Use after free in Prompts. + High CVE-2023-0927: Use after free in Web Payments API. + High CVE-2023-0928: Use after free in SwiftShader. + High CVE-2023-0929: Use after free in Vulkan. + High CVE-2023-0930: Heap buffer overflow in Video. + High CVE-2023-0931: Use after free in Video. + High CVE-2023-0932: Use after free in WebRTC. + Medium CVE-2023-0933: Integer overflow in PDF. + High CVE-2023-0696: Type Confusion in V8. + High CVE-2023-0697: Inappropriate implementation in Full screen mode. + High CVE-2023-0698: Out of bounds read in WebRTC. + Medium CVE-2023-0699: Use after free in GPU. + Medium CVE-2023-0700: Inappropriate implementation in Download. + Medium CVE-2023-0701: Heap buffer overflow in WebUI. + Medium CVE-2023-0702: Type Confusion in Data Transfer. + Medium CVE-2023-0703: Type Confusion in DevTools. + Low CVE-2023-0704: Insufficient policy enforcement in DevTools. + Low CVE-2023-0705: Integer overflow in Core. + High CVE-2023-0471: Use after free in WebTransport. + High CVE-2023-0472: Use after free in WebRTC. + Medium CVE-2023-0473: Type Confusion in ServiceWorker API. + Medium CVE-2023-0474: Use after free in GuestView. + High CVE-2023-0128: Use after free in Overview Mode. + High CVE-2023-0129: Heap buffer overflow in Network Service. + Medium CVE-2023-0130: Inappropriate implementation in Fullscreen API. + Medium CVE-2023-0131: Inappropriate implementation in iframe Sandbox. + Medium CVE-2023-0132: Inappropriate implementation in Permission prompts. + Medium CVE-2023-0133: Inappropriate implementation in Permission prompts. + Medium CVE-2023-0134: Use after free in Cart. + Medium CVE-2023-0135: Use after free in Cart. + Medium CVE-2023-0136: Inappropriate implementation in Fullscreen API. + Medium CVE-2023-0137: Heap buffer overflow in Platform Apps. + Low CVE-2023-0138: Heap buffer overflow in libphonenumber. + Low CVE-2023-0139: Insufficient validation of untrusted input in Downloads. + Low CVE-2023-0140: Inappropriate implementation in File System API. + Low CVE-2023-0141: Insufficient policy enforcement in CORS. - Set provides webclient (closes: #43564)
March 20, 2023 Yandex Browser Team 23.1.2.1033-alt1
- browser updated to 23.1.2 + High CVE-2022-4436: Use after free in Blink Media. + High CVE-2022-4437: Use after free in Mojo IPC. + High CVE-2022-4438: Use after free in Blink Frames. + High CVE-2022-4439: Use after free in Aura. + Medium CVE-2022-4440: Use after free in Profiles. + High CVE-2022-4262: Type Confusion in V8. + High CVE-2022-4174: Type Confusion in V8. + High CVE-2022-4175: Use after free in Camera Capture. + High CVE-2022-4176: Out of bounds write in Lacros Graphics. + High CVE-2022-4177: Use after free in Extensions. + High CVE-2022-4178: Use after free in Mojo. + High CVE-2022-4179: Use after free in Audio. + High CVE-2022-4180: Use after free in Mojo. + High CVE-2022-4181: Use after free in Forms. + Medium CVE-2022-4182: Inappropriate implementation in Fenced Frames. + Medium CVE-2022-4183: Insufficient policy enforcement in Popup Blocker. + Medium CVE-2022-4184: Insufficient policy enforcement in Autofill. + Medium CVE-2022-4185: Inappropriate implementation in Navigation. + Medium CVE-2022-4186: Insufficient validation of untrusted input in Downloads. + Medium CVE-2022-4187: Insufficient policy enforcement in DevTools. + Medium CVE-2022-4188: Insufficient validation of untrusted input in CORS. + Medium CVE-2022-4189: Insufficient policy enforcement in DevTools. + Medium CVE-2022-4190: Insufficient data validation in Directory. + Medium CVE-2022-4191: Use after free in Sign-In. + Medium CVE-2022-4192: Use after free in Live Caption. + Medium CVE-2022-4193: Insufficient policy enforcement in File System API. + Medium CVE-2022-4194: Use after free in Accessibility. + Medium CVE-2022-4195: Insufficient policy enforcement in Safe Browsing. + High CVE-2022-4135: Heap buffer overflow in GPU. + High CVE-2022-3885: Use after free in V8. + High CVE-2022-3886: Use after free in Speech Recognition. + High CVE-2022-3887: Use after free in Web Workers. + High CVE-2022-3888: Use after free in WebCodecs. + High CVE-2022-3889: Type Confusion in V8. + High CVE-2022-3890: Heap buffer overflow in Crashpad. + High CVE-2022-3723: Type Confusion in V8. + High CVE-2022-3652: Type Confusion in V8. + High CVE-2022-3653: Heap buffer overflow in Vulkan. + High CVE-2022-3654: Use after free in Layout. + Medium CVE-2022-3655: Heap buffer overflow in Media Galleries. + Medium CVE-2022-3656: Insufficient data validation in File System. + Medium CVE-2022-3657: Use after free in Extensions. + Medium CVE-2022-3658: Use after free in Feedback service on Chrome OS. + Medium CVE-2022-3659: Use after free in Accessibility. + Medium CVE-2022-3660: Inappropriate implementation in Full screen mode. + Low CVE-2022-3661: Insufficient data validation in Extensions.