MGASA-2020-0174 - Updated chromium-browser-stable packages fix security vulnerabilities

Publication date: 16 Apr 2020
URL: https://advisories.mageia.org/MGASA-2020-0174.html
Type: security
Affected Mageia releases: 7
CVE: CVE-2020-6423,
     CVE-2020-6430,
     CVE-2020-6431,
     CVE-2020-6432,
     CVE-2020-6433,
     CVE-2020-6434,
     CVE-2020-6435,
     CVE-2020-6436,
     CVE-2020-6437,
     CVE-2020-6438,
     CVE-2020-6439,
     CVE-2020-6440,
     CVE-2020-6441,
     CVE-2020-6442,
     CVE-2020-6443,
     CVE-2020-6444,
     CVE-2020-6445,
     CVE-2020-6446,
     CVE-2020-6447,
     CVE-2020-6448,
     CVE-2020-6450,
     CVE-2020-6451,
     CVE-2020-6452,
     CVE-2020-6454,
     CVE-2020-6455,
     CVE-2020-6456

Chromium-browser 81.0.4044.92 fixes security issues:

Multiple flaws were found in the way Chromium 80.0.3987.149 processes
various types of web content, where loading a web page containing
malicious content could cause Chromium to crash, execute arbitrary code,
or disclose sensitive information. (CVE-2020-6423, CVE-2020-6430,
CVE-2020-6431, CVE-2020-6432, CVE-2020-6433, CVE-2020-6434, CVE-2020-6435,
CVE-2020-6436, CVE-2020-6437, CVE-2020-6438, CVE-2020-6439, CVE-2020-6440,
CVE-2020-6441, CVE-2020-6442, CVE-2020-6443, CVE-2020-6444, CVE-2020-6445,
CVE-2020-6446, CVE-2020-6447, CVE-2020-6448, CVE-2020-6450, CVE-2020-6451,
CVE-2020-6452, CVE-2020-6454, CVE-2020-6455, CVE-2020-6456)

References:
- https://bugs.mageia.org/show_bug.cgi?id=26470
- https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_31.html
- https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6423
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6430
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6431
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6432
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6433
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6434
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6435
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6436
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6437
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6438
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6439
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6440
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6441
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6442
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6443
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6444
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6445
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6446
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6447
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6448
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6450
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6451
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6452
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6454
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6455
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6456

SRPMS:
- 7/core/chromium-browser-stable-81.0.4044.92-1.mga7

Mageia 2020-0174: chromium-browser-stable security update

Chromium-browser 81.0.4044.92 fixes security issues: Multiple flaws were found in the way Chromium 80.0.3987.149 processes various types of web content, where loading a web page...

Summary

Chromium-browser 81.0.4044.92 fixes security issues:
Multiple flaws were found in the way Chromium 80.0.3987.149 processes various types of web content, where loading a web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information. (CVE-2020-6423, CVE-2020-6430, CVE-2020-6431, CVE-2020-6432, CVE-2020-6433, CVE-2020-6434, CVE-2020-6435, CVE-2020-6436, CVE-2020-6437, CVE-2020-6438, CVE-2020-6439, CVE-2020-6440, CVE-2020-6441, CVE-2020-6442, CVE-2020-6443, CVE-2020-6444, CVE-2020-6445, CVE-2020-6446, CVE-2020-6447, CVE-2020-6448, CVE-2020-6450, CVE-2020-6451, CVE-2020-6452, CVE-2020-6454, CVE-2020-6455, CVE-2020-6456)

References

- https://bugs.mageia.org/show_bug.cgi?id=26470

- https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_31.html

- https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6423

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6430

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6431

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6432

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6433

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6434

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6435

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6436

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6437

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6438

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6439

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6440

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6441

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6442

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6443

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6444

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6445

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6446

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6447

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6448

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6450

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6451

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6452

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6454

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6455

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6456

Resolution

MGASA-2020-0174 - Updated chromium-browser-stable packages fix security vulnerabilities

SRPMS

- 7/core/chromium-browser-stable-81.0.4044.92-1.mga7

Severity
Publication date: 16 Apr 2020
URL: https://advisories.mageia.org/MGASA-2020-0174.html
Type: security
CVE: CVE-2020-6423, CVE-2020-6430, CVE-2020-6431, CVE-2020-6432, CVE-2020-6433, CVE-2020-6434, CVE-2020-6435, CVE-2020-6436, CVE-2020-6437, CVE-2020-6438, CVE-2020-6439, CVE-2020-6440, CVE-2020-6441, CVE-2020-6442, CVE-2020-6443, CVE-2020-6444, CVE-2020-6445, CVE-2020-6446, CVE-2020-6447, CVE-2020-6448, CVE-2020-6450, CVE-2020-6451, CVE-2020-6452, CVE-2020-6454, CVE-2020-6455, CVE-2020-6456

Related News

5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
8.Locks HexConnections CodeGlobe Esm H320
2 - 3 min read
Canonical has launched Ubuntu Pro for Devices , a comprehensive offering emphasizing security and compliance for IoT device deployments. This
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved