what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Debian Security Advisory 4421-1

Debian Security Advisory 4421-1
Posted Apr 1, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4421-1 - Several vulnerabilities have been discovered in the chromium web browser.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2019-5787, CVE-2019-5788, CVE-2019-5789, CVE-2019-5790, CVE-2019-5791, CVE-2019-5792, CVE-2019-5793, CVE-2019-5794, CVE-2019-5795, CVE-2019-5796, CVE-2019-5797, CVE-2019-5798, CVE-2019-5799, CVE-2019-5800, CVE-2019-5802, CVE-2019-5803
SHA-256 | 804289103c3ef32a6ea538fb368e0326f552c83b98886c6a99dce02e8ec9959a

Debian Security Advisory 4421-1

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4421-1 security@debian.org
https://www.debian.org/security/ Michael Gilbert
March 31, 2019 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : chromium
CVE ID : CVE-2019-5787 CVE-2019-5788 CVE-2019-5789 CVE-2019-5790
CVE-2019-5791 CVE-2019-5792 CVE-2019-5793 CVE-2019-5794
CVE-2019-5795 CVE-2019-5796 CVE-2019-5797 CVE-2019-5798
CVE-2019-5799 CVE-2019-5800 CVE-2019-5802 CVE-2019-5803

Several vulnerabilities have been discovered in the chromium web browser.

CVE-2019-5787

Zhe Jin discovered a use-after-free issue.

CVE-2019-5788

Mark Brand discovered a use-after-free issue in the in the FileAPI
implementation.

CVE-2019-5789

Mark Brand discovered a use-after-free issue in the in the WebMIDI
implementation.

CVE-2019-5790

Dimitri Fourny discovered a buffer overflow issue in the v8 javascript
library.

CVE-2019-5791

Choongwoo Han discovered a type confusion issue in the v8 javascript
library.

CVE-2019-5792

pdknsk discovered an integer overflow issue in the pdfium library.

CVE-2019-5793

Jun Kokatsu discovered a permissions issue in the Extensions
implementation.

CVE-2019-5794

Juno Im of Theori discovered a user interface spoofing issue.

CVE-2019-5795

pdknsk discovered an integer overflow issue in the pdfium library.

CVE-2019-5796

Mark Brand discovered a race condition in the Extensions implementation.

CVE-2019-5797

Mark Brand discovered a race condition in the DOMStorage implementation.

CVE-2019-5798

Tran Tien Hung disoceved an out-of-bounds read issue in the skia library.

CVE-2019-5799

sohalt discovered a way to bypass the Content Security Policy.

CVE-2019-5800

Jun Kokatsu discovered a way to bypass the Content Security Policy.

CVE-2019-5802

Ronni Skansing discovered a user interface spoofing issue.

CVE-2019-5803

Andrew Comminos discovered a way to bypass the Content Security Policy.

For the stable distribution (stretch), these problems have been fixed in
version 73.0.3683.75-1~deb9u1.

We recommend that you upgrade your chromium packages.

For the detailed security status of chromium please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/chromium

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQQzBAEBCgAdFiEEluhy7ASCBulP9FUWuNayzQLW9HMFAlyhFtQACgkQuNayzQLW
9HObTx//fcUdPrGy1LSyubHBOocVFnh0BDaljGywbCWCEThuXDoCJM24d41+tscd
MH3/Ule85bBm5c7wJiURgWXvNjUUeWvAafnCkXiwGvzpx6/U3DDnp1Af/CTMBT8k
6QTmhuzEqFt5Nf3UCXrfdR8I4ZZiwdE+7znS1P/3IPxjSyT9AOTcbOJzGm94Ig+I
t0Lvvcb8dcA0h9ETsvau5lXoLpsLkEzl8rGZlaof1uWZIbyEm+xxC6QcteooTsZd
oo30EgYeAlBsndkapzbVhQZD/SgmNvgIspMXrFP6rA5rNuFAJi5W92eApr5EKpLY
O5mISCYY5naCUhE/QDWPoaUyFiOV0D5mycIuieYLBFT0LjU41xjSuuh1M3KV49Er
fBeENaC1D9pehKQOH5aoa0ug0uzxyjzhOuBFQp/lMsuYlIWzD+HCo7EyPXFK13j+
2pIoUKqi8/CymSD8qj/LPmcFWKMNuR47CHUb2FVvQeyrAzRKAPJeB616xetYFSEW
23zzLdt09DhGitRhzGpSNj08Ata/uTcHfWgZdYPEeKNituVa0PrFvZ1V3Ki6WeeY
ulMoeW/GWTcfhcpauv84BXpy0oPFXCDYxYRgdxBtVtBbc35JZ39aJvmrdOOUIlff
mPaadmoe2Jp0GQZY24gmb2AX4y7bRD+gR1jvISsXr0749N+GvRmZBgiP7LfodCp4
chlw4GKtyhE8ZwdihPwt7q/7DNV/vfhiEmysdhkYq6NSicYlVBZ39qjv0e3pBXOm
bksuk/yRGvdPxQWdJ2OWuQY9DFxaLJduhNg6JLftMdCYSNtY6J8q/N5qm1oAGEqV
Pf3MB72OePHGL6aOyYeOI46q2il881gFp8HDeQYVpVQh14/YFAvXf8l77jb+7701
ZERMSzHkadybixmQW9VK0cEgXV9qrO+VwSQ+wz7c6UClTskPKT/+cVIfr4sfpIBh
AQ2u8TAIt2gxFbJv+T8y1gvGQaglR93W+WVYocBnw6MdBV5xdecnrj6KwzeGB7f0
/1T7c1Fv2+xE3OZRiQdXM1CFwh4YtjYsJwB4inYArR8ud9b/RQ2j1AFzX+pqzRjS
SIdY/AHcMV1gOvtJ8rUrl2WleIaX+GYblskZLqxx0lwpJ0Q+i9lSeRBD1oeHcHXm
cLOrbzKeYeIm7tAWQgV29Rg1Elm4gjQTjFWT49TmZ+FVjTjrupkNsskYfkqe/Xzt
geEUj0uAyz3lotRSUL/x5cIsKqAybTREUMjN9NHUuOQTvshUv1ltP92p3QENfhlg
OtS+ICE2LzR1DfpgvC40ZbM1Vb+ydy9aOrCG9+O968vBIzHO5J8zgvANnzevy8Ml
oVASke41lHKH0wFa2CMi1c/UNAJL0g=√ĚTh
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close