RedHat: RHSA-2020-0084:01 Important: chromium-browser security update

    Date13 Jan 2020
    211
    Posted ByLinuxSecurity Advisories
    An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256
    
    =====================================================================
                       Red Hat Security Advisory
    
    Synopsis:          Important: chromium-browser security update
    Advisory ID:       RHSA-2020:0084-01
    Product:           Red Hat Enterprise Linux Supplementary
    Advisory URL:      https://access.redhat.com/errata/RHSA-2020:0084
    Issue date:        2020-01-13
    CVE Names:         CVE-2020-6377 
    =====================================================================
    
    1. Summary:
    
    An update for chromium-browser is now available for Red Hat Enterprise
    Linux 6 Supplementary.
    
    Red Hat Product Security has rated this update as having a security impact
    of Important. A Common Vulnerability Scoring System (CVSS) base score,
    which gives a detailed severity rating, is available for each vulnerability
    from the CVE link(s) in the References section.
    
    2. Relevant releases/architectures:
    
    Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, i686, x86_64
    Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - i686, x86_64
    Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, i686, x86_64
    Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, i686, x86_64
    
    3. Description:
    
    Chromium is an open-source web browser, powered by WebKit (Blink).
    
    This update upgrades Chromium to version 79.0.3945.117.
    
    Security Fix(es):
    
    * chromium-browser: Use after free in audio (CVE-2020-6377)
    
    For more details about the security issue(s), including the impact, a CVSS
    score, acknowledgments, and other related information, refer to the CVE
    page(s) listed in the References section.
    
    4. Solution:
    
    For details on how to apply this update, which includes the changes
    described in this advisory, refer to:
    
    https://access.redhat.com/articles/11258
    
    After installing the update, Chromium must be restarted for the changes to
    take effect.
    
    5. Bugs fixed (https://bugzilla.redhat.com/):
    
    1789441 - CVE-2020-6377 chromium-browser: Use after free in audio
    
    6. Package List:
    
    Red Hat Enterprise Linux Desktop Supplementary (v. 6):
    
    i386:
    chromium-browser-79.0.3945.117-1.el6_10.i686.rpm
    chromium-browser-debuginfo-79.0.3945.117-1.el6_10.i686.rpm
    
    i686:
    chromium-browser-79.0.3945.117-1.el6_10.i686.rpm
    chromium-browser-debuginfo-79.0.3945.117-1.el6_10.i686.rpm
    
    x86_64:
    chromium-browser-79.0.3945.117-1.el6_10.x86_64.rpm
    chromium-browser-debuginfo-79.0.3945.117-1.el6_10.x86_64.rpm
    
    Red Hat Enterprise Linux HPC Node Supplementary (v. 6):
    
    i686:
    chromium-browser-79.0.3945.117-1.el6_10.i686.rpm
    chromium-browser-debuginfo-79.0.3945.117-1.el6_10.i686.rpm
    
    x86_64:
    chromium-browser-79.0.3945.117-1.el6_10.x86_64.rpm
    chromium-browser-debuginfo-79.0.3945.117-1.el6_10.x86_64.rpm
    
    Red Hat Enterprise Linux Server Supplementary (v. 6):
    
    i386:
    chromium-browser-79.0.3945.117-1.el6_10.i686.rpm
    chromium-browser-debuginfo-79.0.3945.117-1.el6_10.i686.rpm
    
    i686:
    chromium-browser-79.0.3945.117-1.el6_10.i686.rpm
    chromium-browser-debuginfo-79.0.3945.117-1.el6_10.i686.rpm
    
    x86_64:
    chromium-browser-79.0.3945.117-1.el6_10.x86_64.rpm
    chromium-browser-debuginfo-79.0.3945.117-1.el6_10.x86_64.rpm
    
    Red Hat Enterprise Linux Workstation Supplementary (v. 6):
    
    i386:
    chromium-browser-79.0.3945.117-1.el6_10.i686.rpm
    chromium-browser-debuginfo-79.0.3945.117-1.el6_10.i686.rpm
    
    i686:
    chromium-browser-79.0.3945.117-1.el6_10.i686.rpm
    chromium-browser-debuginfo-79.0.3945.117-1.el6_10.i686.rpm
    
    x86_64:
    chromium-browser-79.0.3945.117-1.el6_10.x86_64.rpm
    chromium-browser-debuginfo-79.0.3945.117-1.el6_10.x86_64.rpm
    
    These packages are GPG signed by Red Hat for security.  Our key and
    details on how to verify the signature are available from
    https://access.redhat.com/security/team/key/
    
    7. References:
    
    https://access.redhat.com/security/cve/CVE-2020-6377
    https://access.redhat.com/security/updates/classification/#important
    
    8. Contact:
    
    The Red Hat security contact is . More contact
    details at https://access.redhat.com/security/team/contact/
    
    Copyright 2020 Red Hat, Inc.
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1
    
    iQIVAwUBXhxzr9zjgjWX9erEAQgVZA/9HGPXyukKulQ0cgFbHFAm6evgoGcKB1Cy
    6PdXBeVqZ8n8HPHNGxbDxBkPlI3IGw0QOuxY/WVrRX69CRedIg1BPkLiYnWxjIaL
    U0xUoxNuoNPO8U4eLvlSW6Nx3+0PsYKJyqmZYTAdO7HrE4i3gHB1PzGLMv2cdrht
    5OZvUFrVtWNTe+p1U+VYpvvd3Qg3W2bbwObZMkdKWE9Z5aREWWQOTffbMF6uYbPr
    q984sSx65aprOE4T2iUr/FxRzxko7OXjt9hXQKZXYh5d/ewIzTzHn+H6ek+Y7w6m
    +QYw4XX0GSwGbK2iJvveUAHVwFIcRLWC3OHJ2gZugIlb9LNhyzrbO3awx7qbbU1k
    i6It5p8NxBX3HyvrSQqjaEvNypC0mbhyYJ5DYA1CM9O6Pf3ZAkzNrehKwjUMhOuJ
    WV8KIkCeImdGlSDAeEAgxvamFt485M72npDK8fvql80qlrOpr2XZ9XR9XyhmahhM
    WR4a8PV4OWB7qYq09+vyk4Vuzqooolxm+PwxWCI3cLtkmYG8uoHS5/hra5zU2p6n
    95pi1V9z0m4xAp13BNJKE2xfiGlUP2TRCzgj/O8vnCFB4eJBp/0gG4aRRCqhH7o8
    elMSasrB2K3Y6yWcaUCqr64XkvgXzSzaSFEQdkcNPW1Pj852A2GlDl6imuPgs/I1
    gYqqhY8KFGU=
    =TV/j
    -----END PGP SIGNATURE-----
    
    --
    RHSA-announce mailing list
    This email address is being protected from spambots. You need JavaScript enabled to view it.%MINIFYHTMLa563551e700ba2d81032a89a189a572913%https://www.redhat.com/mailman/listinfo/rhsa-announce
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the LinuxSecurity Privacy news articles?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/25-what-do-you-think-of-the-linuxsecurity-privacy-news-articles?task=poll.vote&format=json
    25
    radio
    [{"id":"90","title":"Love them!","votes":"35","type":"x","order":"1","pct":92.11,"resources":[]},{"id":"91","title":"I'm indifferent","votes":"2","type":"x","order":"2","pct":5.26,"resources":[]},{"id":"92","title":"Not interested in this topic","votes":"1","type":"x","order":"3","pct":2.63,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.