Debian: DSA-3985-1: chromium-browser security update
Debian: DSA-3985-1: chromium-browser security update
Several vulnerabilities have been discovered in the chromium web browser. CVE-2017-5111
- ------------------------------------------------------------------------- Debian Security Advisory DSA-3985-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Michael Gilbert September 28, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : chromium-browser CVE ID : CVE-2017-5111 CVE-2017-5112 CVE-2017-5113 CVE-2017-5114 CVE-2017-5115 CVE-2017-5116 CVE-2017-5117 CVE-2017-5118 CVE-2017-5119 CVE-2017-5120 CVE-2017-5121 CVE-2017-5122 Several vulnerabilities have been discovered in the chromium web browser. CVE-2017-5111 Luat Nguyen discovered a use-after-free issue in the pdfium library. CVE-2017-5112 Tobias Klein discovered a buffer overflow issue in the webgl library. CVE-2017-5113 A buffer overflow issue was discovered in the skia library. CVE-2017-5114 Ke Liu discovered a memory issue in the pdfium library. CVE-2017-5115 Marco Giovannini discovered a type confusion issue in the v8 javascript library. CVE-2017-5116 Guang Gong discovered a type confusion issue in the v8 javascript library. CVE-2017-5117 Tobias Klein discovered an uninitialized value in the skia library. CVE-2017-5118 WenXu Wu discovered a way to bypass the Content Security Policy. CVE-2017-5119 Another uninitialized value was discovered in the skia library. CVE-2017-5120 Xiaoyin Liu discovered a way downgrade HTTPS connections during redirection. CVE-2017-5121 Jordan Rabet discovered an out-of-bounds memory access in the v8 javascript library. CVE-2017-5122 Choongwoo Han discovered an out-of-bounds memory access in the v8 javascript library. For the stable distribution (stretch), these problems have been fixed in version 61.0.3163.100-1~deb9u1. For the testing distribution (buster), these problems will be fixed soon. For the unstable distribution (sid), these problems have been fixed in version 61.0.3163.100-1. We recommend that you upgrade your chromium-browser packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.