Debian Security Advisory 4917-1

Debian Security Advisory 4917-1: Posted May 28, 2021; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4917-1 - Several vulnerabilities have been discovered in the chromium web browser.; tags | advisory, web, vulnerability; systems | linux, debian; advisories | CVE-2021-30506, CVE-2021-30507, CVE-2021-30508, CVE-2021-30509, CVE-2021-30510, CVE-2021-30511, CVE-2021-30512, CVE-2021-30513, CVE-2021-30514, CVE-2021-30515, CVE-2021-30516, CVE-2021-30517, CVE-2021-30518, CVE-2021-30519; SHA-256 | f6da704e89650adf1400be4cf1e03dfd6ea356481e8c080e1b7405b82d00e77e; Download | Favorite | View

Debian Security Advisory 4917-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4917-1                   security@debian.org
https://www.debian.org/security/                          Michael Gilbert
May 17, 2021                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : chromium
CVE ID         : CVE-2021-30506 CVE-2021-30507 CVE-2021-30508 CVE-2021-30509
                 CVE-2021-30510 CVE-2021-30511 CVE-2021-30512 CVE-2021-30513
                 CVE-2021-30514 CVE-2021-30515 CVE-2021-30516 CVE-2021-30517
                 CVE-2021-30518 CVE-2021-30519 CVE-2021-30520

Several vulnerabilities have been discovered in the chromium web browser.

CVE-2021-30506

    @retsew0x01 discovered an error in the Web App installation interface.

CVE-2021-30507

    Alison Huffman discovered an error in the Offline mode.

CVE-2021-30508

    Leecraso and Guang Gong discovered a buffer overflow issue in the Media
    Feeds implementation.

CVE-2021-30509

    David Erceg discovered an out-of-bounds write issue in the Tab Strip
    implementation.

CVE-2021-30510

    Weipeng Jiang discovered a race condition in the aura window manager.

CVE-2021-30511

    David Erceg discovered an out-of-bounds read issue in the Tab Strip
    implementation.

CVE-2021-30512

    ZhanJia Song discovered a use-after-free issue in the notifications
    implementation.

CVE-2021-30513

    Man Yue Mo discovered an incorrect type in the v8 javascript library.

CVE-2021-30514

    koocola and Wang discovered a use-after-free issue in the Autofill
    feature.

CVE-2021-30515

    Rong Jian and Guang Gong discovered a use-after-free issue in the file
    system access API.

CVE-2021-30516

    ZhanJia Song discovered a buffer overflow issue in the browsing history.

CVE-2021-30517

    Jun Kokatsu discovered a buffer overflow issue in the reader mode.

CVE-2021-30518

    laural discovered use of an incorrect type in the v8 javascript library.

CVE-2021-30519

    asnine discovered a use-after-free issue in the Payments feature.

CVE-2021-30520

    Khalil Zhani discovered a use-after-free issue in the Tab Strip
    implementation.

For the stable distribution (buster), these problems have been fixed in
version 90.0.4430.212-1~deb10u1.

We recommend that you upgrade your chromium packages.

For the detailed security status of chromium please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/chromium

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQQzBAEBCgAdFiEEIwTlZiOEpzUxIyp4mD40ZYkUaygFAmCjKigACgkQmD40ZYkU
aygutiAAoTR+pOTfxVWYgdzkPI4z5VSeoFm6nWmE2UhB+yowe7MSczx69hJ9O0DF
c+KyNJkolgkOA6Vu8oywbYhikIj5wSVhFwq3CuAE8IGyDF2T1qNeGiVfXyzO1VHK
r/3zSLZIa7vvRL3/Znb+lhGbrXCAgMEDizzztvIVuZq9vnV6oYDpBVCaSCmk2nBv
AUcuRkBiYp3WEKwOs3N3LJ96WwcObjXUEIyioGXMyczJDRNSN5M7m65A8dlogAvx
tHNipgcMcMU08sAR3Zrw6AwKDqQRaq0tuDmgf85cLDKKAWpJgA8UQQe5l6NJPjlB
WQ0ZvJwO4U2oTKjb7kLBSkZsnqeXqor44Hi+2hcW+4ZhL55N9Cq0rjzeNyUbi5Bl
sGnWrpgg6llIh0e40g6Niq47/1fUMHtiCHrqvn0/lkdpWQ3UvPHV+efWPe1KpIaT
vhq7ja/wS/zIr4glVIvzXprV9vJH1dKcPB/dukdb2jZWBeEF4Dj7GqP+hHMpqR1x
KodWOsInNC+aqiPb6r5VCMpm3l1KxiI8bdTzhPz5cmSlb3n/DuDlGq2bmjA02FGy
2u19R1S7bQbn8yUOB5KGwYnWNVdYo6VugEkfCEnmc0D3ev5LWx9fdqunrZhqWfeZ
izWG5WfutUmIeZ2+SqdFdGUC50ZSCppdnH2Nmc31QvpZfDy2WQk/FtieyCKRm3D1
Oo1rD4GHbw+WCJfQbmSIwit0AZJVG5hyIOComzojMMQdFyihv5N59sZ2LHBOFl3r
J67x9cdPcNCHIKE+hmvnLcf2N+GPSM4PTFyibs5cmUMlsiNnInQVcizV6a25nY8X
iiI7OoG3W+hHcxY3hcl8nHrI/KiQ/ji7yY1bzjfmjR7uEMKhNQz3GH7XAdGo7B5+
HDPg/UH/euXRl+1Gwco6sY5k6Zs/Fl2VdFVFBiqtqd8RO1wltC4XK1JrEKHp3L3d
mADBUgOZHWRNcVNvCLwO59/9hmViQMhwRh1M7Lh1EqhDCfCOuN+2f/rexPDPB7a8
hu9fn4e18Aexc9naqr/JpJxYL+zfbDJgy04ms/2iqR94mQVFd/ON7DtNgfnkfbCB
HXInjHkzTpCxFw8otbPIY2A9aXH1PeT1jNB6oQWF0cJv8WpSw4AV1xU3GaPw323g
4eG0BJ9RlR3cpfvcOQEdvZoaOvZdIgPGM2TvcbHPTjQ7kXYaFlYyCsA7jpwE4aWW
WnYkiY4it9vZi2kmoYNOZbnB7m/w1AA5JmLBkXaNLTHDLU/Lm8YodPirDM9gjae5
3HZLZnmjjZHC0swahD8J8D0XfxwZvonee07pEFKhbL+/pjbs2TeSivOhIwTp9VVo
7KROY+DZ08ZtOkS8mIsHy91+Uh+Wlg==
=7EHh
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 253 files
Ubuntu 83 files
Gentoo 29 files
indoushka 26 files
Debian 10 files
Sina Kheirkhah 7 files
tmrswrr 7 files
Rodolfo Tavares 4 files
Google Security Research 2 files
S. Dietz 2 files

File Archives

Systems

AIX (429)
Apple (2,090)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,082)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,534)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,527)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,402)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,689)
UNIX (9,431)
UnixWare (187)
Windows (6,667)
Other

Debian Security Advisory 4917-1

Debian Security Advisory 4917-1

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 4917-1

Share This

Debian Security Advisory 4917-1

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems