what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Debian Security Advisory 4237-1

Debian Security Advisory 4237-1
Posted Jul 3, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4237-1 - Several vulnerabilities have been discovered in the chromium web browser.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2018-6118, CVE-2018-6120, CVE-2018-6121, CVE-2018-6122, CVE-2018-6123, CVE-2018-6124, CVE-2018-6125, CVE-2018-6126, CVE-2018-6127, CVE-2018-6129, CVE-2018-6130, CVE-2018-6131, CVE-2018-6132, CVE-2018-6133, CVE-2018-6134, CVE-2018-6135, CVE-2018-6136, CVE-2018-6137, CVE-2018-6138, CVE-2018-6139, CVE-2018-6140, CVE-2018-6141, CVE-2018-6142, CVE-2018-6143, CVE-2018-6144, CVE-2018-6145, CVE-2018-6147, CVE-2018-6148
SHA-256 | 87dfa3d834f2c582296fcb795eb91850f979b0960217effc608d092e66e389cd

Debian Security Advisory 4237-1

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4237-1 security@debian.org
https://www.debian.org/security/ Michael Gilbert
June 30, 2018 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : chromium-browser
CVE ID : CVE-2018-6118 CVE-2018-6120 CVE-2018-6121 CVE-2018-6122
CVE-2018-6123 CVE-2018-6124 CVE-2018-6125 CVE-2018-6126
CVE-2018-6127 CVE-2018-6129 CVE-2018-6130 CVE-2018-6131
CVE-2018-6132 CVE-2018-6133 CVE-2018-6134 CVE-2018-6135
CVE-2018-6136 CVE-2018-6137 CVE-2018-6138 CVE-2018-6139
CVE-2018-6140 CVE-2018-6141 CVE-2018-6142 CVE-2018-6143
CVE-2018-6144 CVE-2018-6145 CVE-2018-6147 CVE-2018-6148
CVE-2018-6149

Several vulnerabilities have been discovered in the chromium web browser.

CVE-2018-6118

Ned Williamson discovered a use-after-free issue.

CVE-2018-6120

Zhou Aiting discovered a buffer overflow issue in the pdfium library.

CVE-2018-6121

It was discovered that malicious extensions could escalate privileges.

CVE-2018-6122

A type confusion issue was discovered in the v8 javascript library.

CVE-2018-6123

Looben Yang discovered a use-after-free issue.

CVE-2018-6124

Guang Gong discovered a type confusion issue.

CVE-2018-6125

Yubico discovered that the WebUSB implementation was too permissive.

CVE-2018-6126

Ivan Fratric discovered a buffer overflow issue in the skia library.

CVE-2018-6127

Looben Yang discovered a use-after-free issue.

CVE-2018-6129

Natalie Silvanovich discovered an out-of-bounds read issue in WebRTC.

CVE-2018-6130

Natalie Silvanovich discovered an out-of-bounds read issue in WebRTC.

CVE-2018-6131

Natalie Silvanovich discovered an error in WebAssembly.

CVE-2018-6132

Ronald E. Crane discovered an uninitialized memory issue.

CVE-2018-6133

Khalil Zhani discovered a URL spoofing issue.

CVE-2018-6134

Jun Kokatsu discovered a way to bypass the Referrer Policy.

CVE-2018-6135

Jasper Rebane discovered a user interface spoofing issue.

CVE-2018-6136

Peter Wong discovered an out-of-bounds read issue in the v8 javascript
library.

CVE-2018-6137

Michael Smith discovered an information leak.

CVE-2018-6138

FranASSois Lajeunesse-Robert discovered that the extensions policy was
too permissive.

CVE-2018-6139

Rob Wu discovered a way to bypass restrictions in the debugger extension.

CVE-2018-6140

Rob Wu discovered a way to bypass restrictions in the debugger extension.

CVE-2018-6141

Yangkang discovered a buffer overflow issue in the skia library.

CVE-2018-6142

Choongwoo Han discovered an out-of-bounds read in the v8 javascript
library.

CVE-2018-6143

Guang Gong discovered an out-of-bounds read in the v8 javascript library.

CVE-2018-6144

pdknsk discovered an out-of-bounds read in the pdfium library.

CVE-2018-6145

Masato Kinugawa discovered an error in the MathML implementation.

CVE-2018-6147

Michail Pishchagin discovered an error in password entry fields.

CVE-2018-6148

MichaA Bentkowski discovered that the Content Security Policy header
was handled incorrectly.

CVE-2018-6149

Yu Zhou and Jundong Xie discovered an out-of-bounds write issue in the
v8 javascript library.

For the stable distribution (stretch), these problems have been fixed in
version 67.0.3396.87-1~deb9u1.

We recommend that you upgrade your chromium-browser packages.

For the detailed security status of chromium-browser please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/chromium-browser

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQQzBAEBCgAdFiEEluhy7ASCBulP9FUWuNayzQLW9HMFAls4J2QACgkQuNayzQLW
9HP9zR/+OKevx5/QJndGvdxJ/gce4jMx9iqd8nrMEDNeHobwaMS9z44yCjgHo0NY
rOQcgxf3ATASJHfokrpKi6mkRO3bnyytu8VB2ekGdHN3WCab84RXR+9BddNrVQDm
mc1cCH35ZjJiLYz/h9xvowyeJb8hR6GgfL14BZPFcJkyHgyDjKPa4nCZKLCnIJqM
4CWwU0msAkqEMtzF0YgEtk6oaNT5h6GCd/lkFxa0Wkl6KRjTgS56FU84UT64mpQM
rq4Y0xtYlTsrOYXzcn1tnXCXfkBKke6Ck4SPepfSS8RO73+8a/LfHRGQKMOCOh1M
hT0jp/cMIwc78/Zk1+ohXiIre1HWatsS1UbMhNV7rwSl1V4etlC+KKQxEai3R8DN
NY0HikvtIVmpDWnk9wLzzjUKVQPtj/EHNNW1d7miArS1Y9wvLSA5UeuWFDUrU2nD
+zbrrJLz60cWpt4DVswavUhZz+xjxqvaC1SrYTXieOjKan6HV5ULYOnwApQ78NVh
bBbs62mwHavAhWmNUcuykUgr1ZG3aaqXiWE1QBMIEvU52n736qG1OXlOLnBJJjAQ
VMs7DEF9ZASHQkO+CMCA6L2yBVKLvFv+bd46na4LwIo9/eJ3GDUOz6xLkJEgL2Au
a3nELYeh4BjO89Sy7Mb4omwGzkO6HjZxmDVCXINdZSX4yqHe//LKWoeJ5l6om73w
BhnYhvQYYImvwjl9DA5NDllDaCiUbwsdDQFCOzEcs7j9USk/kzCTFgXZwvzAqeNJ
yN/3YlP2s2pcFkoHPG3spwPjKw9dQi1oKGcThF//q1hm6mlyVYP0/8AfRCBaz7Rk
ArdTB7XIULvocaJXCxUczvN9uZ8P7SOBIMJ0kdOgoPDnelaA08s8uBh5cmVYs8RP
dGa/x0IML3JPdfc2PYueLyBK9BlodiGRTkhZkMIi+JN6oAcVjc1V4Ne9FssMJ3/E
a2JYLprgNx99R9tF3y6gBBH0cpgXmOYZimDOgdkelLADkizt6HFWteXc2T4d22J8
x8YMiA+67vWft69jIgJhW+w8W7XsX4M2HBHSLOU4GdxbmFuUPu2kxjlFeXAv1tN1
1OjopqjfhhjwnCXG3D35T0Mm2QxKQbNuBfKlYiHb8eY75qDQTTmb71Sbn2SqhjKn
WwKARv21giNU2iwDcwQ1PexDL+VlLP1epO0zmbQ4PGQm0oXn5wT8Ero0KbAm0RVS
9ZR/AwrUBHKIBPgT4bzL5YriY9fowmnO+F5XDAnhVje0bjSJ7SwwcN3pcxG8UV//
laF8XvfVS8q9w1J6qRVBbNVdN9uxFCTM5YSV63Ku8L3N//YS+MXKwRv4ghsp2XXr
JEeslnBuzL2+T7tRsycS+kFaMbu5dg==
=hCS3
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close