Arch Linux: 201806-4 High Advisory: Chromium Access Bypass
Jun 09, 2018
•
LinuxSecurity Advisories
1 min read
Topics Covered
The package chromium before version 67.0.3396.79-1 is vulnerable to access restriction bypass.
Arch Linux Security Advisory ASA-201806-4 ======================================== Severity: High Date : 2018-06-07 CVE-ID : CVE-2018-6148 Package : chromium Type : access restriction bypass Remote : Yes Link : https://security.archlinux.org/AVG-712 Summary ====== The package chromium before version 67.0.3396.79-1 is vulnerable to access restriction bypass. Resolution ========= Upgrade to 67.0.3396.79-1. # pacman -Syu "chromium>=67.0.3396.79-1" The problem has been fixed upstream in version 67.0.3396.79. Workaround ========= None. Description ========== An incorrect handling of CSP header has been found in chromium before 67.0.3396.79. Impact ===== A remote attacker can bypass the content security policy. References ========= https://chromereleases.googleblog.com/2018/06/stable-channel-update-for-desktop.html https://security.archlinux.org/CVE-2018-6148
PREVIOUS
NEXT
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!