Debian: DSA-4395-1: chromium security update

    Date18 Feb 2019
    CategoryDebian
    4657
    Posted ByLinuxSecurity Advisories
    Several vulnerabilities have been discovered in the chromium web browser. CVE-2018-17481
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512
    
    - -------------------------------------------------------------------------
    Debian Security Advisory DSA-4395-1                   This email address is being protected from spambots. You need JavaScript enabled to view it.
    https://www.debian.org/security/                          Michael Gilbert
    February 18, 2019                     https://www.debian.org/security/faq
    - -------------------------------------------------------------------------
    
    Package        : chromium
    CVE ID         : CVE-2018-17481 CVE-2019-5754 CVE-2019-5755 CVE-2019-5756
                     CVE-2019-5757 CVE-2019-5758 CVE-2019-5759 CVE-2019-5760
                     CVE-2019-5762 CVE-2019-5763 CVE-2019-5764 CVE-2019-5765
                     CVE-2019-5766 CVE-2019-5767 CVE-2019-5768 CVE-2019-5769
                     CVE-2019-5770 CVE-2019-5772 CVE-2019-5773 CVE-2019-5774
                     CVE-2019-5775 CVE-2019-5776 CVE-2019-5777 CVE-2019-5778
                     CVE-2019-5779 CVE-2019-5780 CVE-2019-5781 CVE-2019-5782
                     CVE-2019-5783 CVE-2019-5784
    
    Several vulnerabilities have been discovered in the chromium web browser.
    
    CVE-2018-17481
    
        A use-after-free issue was discovered in the pdfium library.
    
    CVE-2019-5754
    
        Klzgrad discovered an error in the QUIC networking implementation.
    
    CVE-2019-5755
    
        Jay Bosamiya discovered an implementation error in the v8 javascript
        library.
    
    CVE-2019-5756
    
        A use-after-free issue was discovered in the pdfium library.
    
    CVE-2019-5757
    
        Alexandru Pitis discovered a type confusion error in the SVG image
        format implementation.
    
    CVE-2019-5758
    
        Zhe Jin discovered a use-after-free issue in blink/webkit.
    
    CVE-2019-5759
    
        Almog Benin discovered a use-after-free issue when handling HTML pages
        containing select elements.
    
    CVE-2019-5760
    
        Zhe Jin discovered a use-after-free issue in the WebRTC implementation.
    
    CVE-2019-5762
    
        A use-after-free issue was discovered in the pdfium library.
    
    CVE-2019-5763
    
        Guang Gon discovered an input validation error in the v8 javascript
        library.
    
    CVE-2019-5764
    
        Eyal Itkin discovered a use-after-free issue in the WebRTC implementation.
    
    CVE-2019-5765
    
        Sergey Toshin discovered a policy enforcement error.
    
    CVE-2019-5766
    
        David Erceg discovered a policy enforcement error.
    
    CVE-2019-5767
    
         Haoran Lu, Yifan Zhang, Luyi Xing, and Xiaojing Liao reported an error
         in the WebAPKs user interface.
    
    CVE-2019-5768
    
        Rob Wu discovered a policy enforcement error in the developer tools.
    
    CVE-2019-5769
    
        Guy Eshel discovered an input validation error in blink/webkit.
    
    CVE-2019-5770
    
        hemidallt discovered a buffer overflow issue in the WebGL implementation.
    
    CVE-2019-5772
    
        Zhen Zhou discovered a use-after-free issue in the pdfium library.
    
    CVE-2019-5773
    
        Yongke Wong discovered an input validation error in the IndexDB
        implementation.
    
    CVE-2019-5774
    
        Jnghwan Kang and Juno Im discovered an input validation error in the
        SafeBrowsing implementation.
    
    CVE-2019-5775
    
        evil1m0 discovered a policy enforcement error.
    
    CVE-2019-5776
    
        Lnyas Zhang discovered a policy enforcement error.
    
    CVE-2019-5777
    
        Khalil Zhani discovered a policy enforcement error.
    
    CVE-2019-5778
    
        David Erceg discovered a policy enforcement error in the Extensions
        implementation.
    
    CVE-2019-5779
    
        David Erceg discovered a policy enforcement error in the ServiceWorker
        implementation.
    
    CVE-2019-5780
    
        Andreas Hegenberg discovered a policy enforcement error.
    
    CVE-2019-5781
    
        evil1m0 discovered a policy enforcement error.
    
    CVE-2019-5782
    
        Qixun Zhao discovered an implementation error in the v8 javascript library.
    
    CVE-2019-5783
    
        Shintaro Kobori discovered an input validation error in the developer
        tools.
    
    CVE-2019-5784
    
        Lucas Pinheiro discovered an implementation error in the v8 javascript
        library.
    
    For the stable distribution (stretch), these problems have been fixed in
    version 72.0.3626.96-1~deb9u1.
    
    We recommend that you upgrade your chromium packages.
    
    For the detailed security status of chromium please refer to
    its security tracker page at:
    https://security-tracker.debian.org/tracker/chromium
    
    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/
    
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    Do you read our distribution advisories on a regular basis?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /component/communitypolls/?task=poll.vote&format=json
    23
    radio
    [{"id":"84","title":"Yes, for a single distribution","votes":"0","type":"x","order":"1","pct":0,"resources":[]},{"id":"85","title":"Yes, for multiple distributions","votes":"6","type":"x","order":"2","pct":60,"resources":[]},{"id":"86","title":"No","votes":"4","type":"x","order":"3","pct":40,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.