Explore top 10 tips to secure your open-source projects now. Read More
×
Arch Linux Security Advisory ASA-201806-4 ======================================== Severity: High Date : 2018-06-07 CVE-ID : CVE-2018-6148 Package : chromium Type : access restriction bypass Remote : Yes Link : https://security.archlinux.org/AVG-712 Summary ====== The package chromium before version 67.0.3396.79-1 is vulnerable to access restriction bypass. Resolution ========= Upgrade to 67.0.3396.79-1. # pacman -Syu "chromium>=67.0.3396.79-1" The problem has been fixed upstream in version 67.0.3396.79. Workaround ========= None. Description ========== An incorrect handling of CSP header has been found in chromium before 67.0.3396.79. Impact ===== A remote attacker can bypass the content security policy. References ========= https://chromereleases.googleblog.com/2018/06/stable-channel-update-for-desktop.html https://security.archlinux.org/CVE-2018-6148