what you don't know can hurt you

Debian Security Advisory 4421-1

Debian Security Advisory 4421-1
Posted Apr 1, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4421-1 - Several vulnerabilities have been discovered in the chromium web browser.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2019-5787, CVE-2019-5788, CVE-2019-5789, CVE-2019-5790, CVE-2019-5791, CVE-2019-5792, CVE-2019-5793, CVE-2019-5794, CVE-2019-5795, CVE-2019-5796, CVE-2019-5797, CVE-2019-5798, CVE-2019-5799, CVE-2019-5800, CVE-2019-5802, CVE-2019-5803
MD5 | 171d11d0d28b852d7b325aae926554a0

Debian Security Advisory 4421-1

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4421-1 security@debian.org
https://www.debian.org/security/ Michael Gilbert
March 31, 2019 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : chromium
CVE ID : CVE-2019-5787 CVE-2019-5788 CVE-2019-5789 CVE-2019-5790
CVE-2019-5791 CVE-2019-5792 CVE-2019-5793 CVE-2019-5794
CVE-2019-5795 CVE-2019-5796 CVE-2019-5797 CVE-2019-5798
CVE-2019-5799 CVE-2019-5800 CVE-2019-5802 CVE-2019-5803

Several vulnerabilities have been discovered in the chromium web browser.

CVE-2019-5787

Zhe Jin discovered a use-after-free issue.

CVE-2019-5788

Mark Brand discovered a use-after-free issue in the in the FileAPI
implementation.

CVE-2019-5789

Mark Brand discovered a use-after-free issue in the in the WebMIDI
implementation.

CVE-2019-5790

Dimitri Fourny discovered a buffer overflow issue in the v8 javascript
library.

CVE-2019-5791

Choongwoo Han discovered a type confusion issue in the v8 javascript
library.

CVE-2019-5792

pdknsk discovered an integer overflow issue in the pdfium library.

CVE-2019-5793

Jun Kokatsu discovered a permissions issue in the Extensions
implementation.

CVE-2019-5794

Juno Im of Theori discovered a user interface spoofing issue.

CVE-2019-5795

pdknsk discovered an integer overflow issue in the pdfium library.

CVE-2019-5796

Mark Brand discovered a race condition in the Extensions implementation.

CVE-2019-5797

Mark Brand discovered a race condition in the DOMStorage implementation.

CVE-2019-5798

Tran Tien Hung disoceved an out-of-bounds read issue in the skia library.

CVE-2019-5799

sohalt discovered a way to bypass the Content Security Policy.

CVE-2019-5800

Jun Kokatsu discovered a way to bypass the Content Security Policy.

CVE-2019-5802

Ronni Skansing discovered a user interface spoofing issue.

CVE-2019-5803

Andrew Comminos discovered a way to bypass the Content Security Policy.

For the stable distribution (stretch), these problems have been fixed in
version 73.0.3683.75-1~deb9u1.

We recommend that you upgrade your chromium packages.

For the detailed security status of chromium please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/chromium

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQQzBAEBCgAdFiEEluhy7ASCBulP9FUWuNayzQLW9HMFAlyhFtQACgkQuNayzQLW
9HObTx//fcUdPrGy1LSyubHBOocVFnh0BDaljGywbCWCEThuXDoCJM24d41+tscd
MH3/Ule85bBm5c7wJiURgWXvNjUUeWvAafnCkXiwGvzpx6/U3DDnp1Af/CTMBT8k
6QTmhuzEqFt5Nf3UCXrfdR8I4ZZiwdE+7znS1P/3IPxjSyT9AOTcbOJzGm94Ig+I
t0Lvvcb8dcA0h9ETsvau5lXoLpsLkEzl8rGZlaof1uWZIbyEm+xxC6QcteooTsZd
oo30EgYeAlBsndkapzbVhQZD/SgmNvgIspMXrFP6rA5rNuFAJi5W92eApr5EKpLY
O5mISCYY5naCUhE/QDWPoaUyFiOV0D5mycIuieYLBFT0LjU41xjSuuh1M3KV49Er
fBeENaC1D9pehKQOH5aoa0ug0uzxyjzhOuBFQp/lMsuYlIWzD+HCo7EyPXFK13j+
2pIoUKqi8/CymSD8qj/LPmcFWKMNuR47CHUb2FVvQeyrAzRKAPJeB616xetYFSEW
23zzLdt09DhGitRhzGpSNj08Ata/uTcHfWgZdYPEeKNituVa0PrFvZ1V3Ki6WeeY
ulMoeW/GWTcfhcpauv84BXpy0oPFXCDYxYRgdxBtVtBbc35JZ39aJvmrdOOUIlff
mPaadmoe2Jp0GQZY24gmb2AX4y7bRD+gR1jvISsXr0749N+GvRmZBgiP7LfodCp4
chlw4GKtyhE8ZwdihPwt7q/7DNV/vfhiEmysdhkYq6NSicYlVBZ39qjv0e3pBXOm
bksuk/yRGvdPxQWdJ2OWuQY9DFxaLJduhNg6JLftMdCYSNtY6J8q/N5qm1oAGEqV
Pf3MB72OePHGL6aOyYeOI46q2il881gFp8HDeQYVpVQh14/YFAvXf8l77jb+7701
ZERMSzHkadybixmQW9VK0cEgXV9qrO+VwSQ+wz7c6UClTskPKT/+cVIfr4sfpIBh
AQ2u8TAIt2gxFbJv+T8y1gvGQaglR93W+WVYocBnw6MdBV5xdecnrj6KwzeGB7f0
/1T7c1Fv2+xE3OZRiQdXM1CFwh4YtjYsJwB4inYArR8ud9b/RQ2j1AFzX+pqzRjS
SIdY/AHcMV1gOvtJ8rUrl2WleIaX+GYblskZLqxx0lwpJ0Q+i9lSeRBD1oeHcHXm
cLOrbzKeYeIm7tAWQgV29Rg1Elm4gjQTjFWT49TmZ+FVjTjrupkNsskYfkqe/Xzt
geEUj0uAyz3lotRSUL/x5cIsKqAybTREUMjN9NHUuOQTvshUv1ltP92p3QENfhlg
OtS+ICE2LzR1DfpgvC40ZbM1Vb+ydy9aOrCG9+O968vBIzHO5J8zgvANnzevy8Ml
oVASke41lHKH0wFa2CMi1c/UNAJL0g=√ĚTh
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

July 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    13 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    0 Files
  • 5
    Jul 5th
    0 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close