Linux Advisory Watch: September 27th, 2019

It was discovered that the Lemonldap::NG web SSO system did not restrict OIDC authorization codes to the relying party. For the stable distribution (buster), this problem has been fixed in

It was discovered that SPIP, a website engine for publishing, would allow unauthenticated users to modify published content and write to the database, perform cross-site request forgeries, and enumerate registered users.

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

It was discovered that Expat, an XML parsing C library, did not properly handled internal entities closing the doctype, potentially resulting in denial of service or information disclosure if a malformed XML file is processed.

Multiple security issues were found in PHP, a widely-used open source general purpose scripting language: Missing sanitising in the EXIF extension and the iconv_mime_decode_headers() function could result in information disclosure or denial of service.

Daniel McCarney discovered that the BIRD internet routing daemon incorrectly validated RFC 8203 messages in it's BGP daemon, resulting in a stack buffer overflow.

Multiple security issues were found in PHP, a widely-used open source general purpose scripting language: Missing sanitising in the EXIF extension and the iconv_mime_decode_headers() function could result in information disclosure or denial of service.

It was discovered that OpenDMARC, a milter implementation of DMARC, is prone to a signature-bypass vulnerability with multiple From: addresses. For the oldstable distribution (stretch), this problem has been fixed

Security fix for CVE-2019-1010228

Security fix for CVE-2019-1010228

Update to current release. Python3 compatible Installable with f31+ ---- Update to 2.5.0 (pre-release)

Update to SDL2_Image 2.0.5 for multiple CVEs.

8u222 update

- rebase to latest upstream version 9.27 - security fixes added for: - CVE-2019-14811 (bug #1747908) - CVE-2019-14812 (bug #1747907) - CVE-2019-14813 (bug #1747906) - CVE-2019-14817 (bug #1747909)

8u222 update

This update of `expat` fixes the following security issue: * **CVE-2019-15903** -- Fix heap overflow triggered by `XML_GetCurrentLineNumber` (or `XML_GetCurrentColumnNumber`), and deny internal entities closing the doctype The following bug fixes are also included: * Fix cases where `XML_StopParser` did not have any effect when called from inside of an end element handler *

Security fix for CVE-2019-14822

Patch for CVE-2018-0737, CVE-2018-0732, CVE-2018-0734, CVE-2019-1552, CVE-2019-1559. https://www.openssl.org/news/vulnerabilities.html

8u222 update

The 5.2.16 stable kernel updates contain a number of important fixes across the tree.

The 5.2.16 stable kernel updates contain a number of important fixes across the tree.

Don't call popen on ARM (in case it's run with privileges). Also replace patch to use FMA with simd pragma.

- Update jackson-databind to version 2.9.9.3. - Update jackson-core to version 2.9.9. - Update jackson-annotations to version 2.9.9. - Update jackson-bom to version 2.9.9. Resolves CVE-2019-12086, CVE-2019-12384, CVE-2019-12814, CVE-2019-14379, and CVE-14439.

- Update jackson-databind to version 2.9.9.3. - Update jackson-core to version 2.9.9. - Update jackson-annotations to version 2.9.9. - Update jackson-bom to version 2.9.9. Resolves CVE-2019-12086, CVE-2019-12384, CVE-2019-12814, CVE-2019-14379, and CVE-14439.

- Update jackson-databind to version 2.9.9.3. - Update jackson-core to version 2.9.9. - Update jackson-annotations to version 2.9.9. - Update jackson-bom to version 2.9.9. Resolves CVE-2019-12086, CVE-2019-12384, CVE-2019-12814, CVE-2019-14379, and CVE-14439.

- Update jackson-databind to version 2.9.9.3. - Update jackson-core to version 2.9.9. - Update jackson-annotations to version 2.9.9. - Update jackson-bom to version 2.9.9. Resolves CVE-2019-12086, CVE-2019-12384, CVE-2019-12814, CVE-2019-14379, and CVE-14439.

Bug fixes and security fixes. Better threading compile time option set. See: https://src.fedoraproject.org/rpms/ImageMagick/pull-request/2 Additional formats enabled.

Bug fixes and security fixes. Better threading compile time option set. See: https://src.fedoraproject.org/rpms/ImageMagick/pull-request/2 Additional formats enabled.

- Update jackson-databind to version 2.9.9.3. - Update jackson-core to version 2.9.9. - Update jackson-annotations to version 2.9.9. - Update jackson-bom to version 2.9.9. Resolves CVE-2019-12086, CVE-2019-12384, CVE-2019-12814, CVE-2019-14379, and CVE-14439.

- Update jackson-databind to version 2.9.9.3. - Update jackson-core to version 2.9.9. - Update jackson-annotations to version 2.9.9. - Update jackson-bom to version 2.9.9. Resolves CVE-2019-12086, CVE-2019-12384, CVE-2019-12814, CVE-2019-14379, and CVE-14439.

- Update jackson-databind to version 2.9.9.3. - Update jackson-core to version 2.9.9. - Update jackson-annotations to version 2.9.9. - Update jackson-bom to version 2.9.9. Resolves CVE-2019-12086, CVE-2019-12384, CVE-2019-12814, CVE-2019-14379, and CVE-14439.

- Update jackson-databind to version 2.9.9.3. - Update jackson-core to version 2.9.9. - Update jackson-annotations to version 2.9.9. - Update jackson-bom to version 2.9.9. Resolves CVE-2019-12086, CVE-2019-12384, CVE-2019-12814, CVE-2019-14379, and CVE-14439.

- rebase to latest upstream version 9.27 - security fixes added for: - CVE-2019-14811 (bug #1747908) - CVE-2019-14812 (bug #1747907) - CVE-2019-14813 (bug #1747906) - CVE-2019-14817 (bug #1747909)

Bug fixes and security fixes. Better threading compile time option set. See: https://src.fedoraproject.org/rpms/ImageMagick/pull-request/2 Additional formats enabled.

Bug fixes and security fixes. Better threading compile time option set. See: https://src.fedoraproject.org/rpms/ImageMagick/pull-request/2 Additional formats enabled.

- Updated to new upstream (69.0.1) - Wayland rendering fixes ---- - The update to 69.0.1 - Fix flickering issues - Fix disappearing webrtc dialogs ---- - Fixed rendering artifacts on Wayland backend

Update to Samba 4.11.0 ---- Update to Samba 4.11.0rc4 ---- Update to Samba 4.11.0rc3 - Security fixes for CVE-2019-10197

Update to Samba 4.11.0 ---- Update to Samba 4.11.0rc4 ---- Update to Samba 4.11.0rc3 - Security fixes for CVE-2019-10197

Update to Samba 4.11.0 ---- Update to Samba 4.11.0rc4 ---- Update to Samba 4.11.0rc3 - Security fixes for CVE-2019-10197

Update to Samba 4.11.0 ---- Update to Samba 4.11.0rc4 ---- Update to Samba 4.11.0rc3 - Security fixes for CVE-2019-10197

Minor update release 1.1.1d with low impact security fixes.

This update of `expat` fixes the following security issue: * **CVE-2019-15903** -- Fix heap overflow triggered by `XML_GetCurrentLineNumber` (or `XML_GetCurrentColumnNumber`), and deny internal entities closing the doctype The following bug fixes are also included: * Fix cases where `XML_StopParser` did not have any effect when called from inside of an end element handler *

- double free due to subsequent call of realloc() (CVE-2019-5481) - fix heap buffer overflow in function tftp_receive_packet() (CVE-2019-5482) ---- - avoid reporting spurious error in the HTTP2 framing layer (#1690971)

Patch for CVE-2018-0737, CVE-2018-0732, CVE-2018-0734, CVE-2019-1552, CVE-2019-1559. https://www.openssl.org/news/vulnerabilities.html

Update dino to [a96c8014](https://github.com/dino/dino/compare/016ab2c1...a96c8014), which addresses three CVEs. CVE-2019-16235 check the source of message carbons. https://nvd.nist.gov/vuln/detail/CVE-2019-16235 Fixed in

Update to 8.05 release (CVE-2019-16239)

BIRD 1.6.8 (2019-09-10)

New upstream version 1.12.7. Fixes Denial of Service / Amplication Attack: https://www.redhat.com/archives/libguestfs/2019-September/msg00084.html

Update dino to [a96c8014](https://github.com/dino/dino/compare/016ab2c1...a96c8014), which addresses three CVEs. CVE-2019-16235 check the source of message carbons. https://nvd.nist.gov/vuln/detail/CVE-2019-16235 Fixed in

Update to 8.05 release (CVE-2019-16239)

BIRD 2.0.6 (2019-09-10) * BGP: Optional Adj-RIB-Out * BGP: Extended optional parameters length * Filter: Sets and set expressions in path masks * Several important bugfixes

An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4.2 for Red Hat Enterprise Linux 7.6 EUS. Red Hat Product Security has rated this update as having a security impact

An update for kibana is now available for Red Hat OpenShift Container Platform 4.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

An update for golang-github-openshift-oauth-proxy-container is now available for Red Hat OpenShift Container Platform 4.1. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

An update for logging-elasticsearch5-container is now available for Red Hat OpenShift Container Platform 4.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

An update for gRPC, included in sriov-network-device-plugin-container, is now available for Red Hat OpenShift Container Platform 4.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

An update for kernel is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support, Red Hat Enterprise Linux 7.3 Telco Extended Update Support, and Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions.

An update for kernel is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support, Red Hat Enterprise Linux 7.2 Telco Extended Update Support, and Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions.

An update for kernel is now available for Red Hat Enterprise Linux 6.5 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

An update for cri-o is now available for Red Hat OpenShift Container Platform 4.1. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

This is the final notification for the retirement of Red Hat Enterprise Linux 7.4 Extended Update Support (EUS). This notification applies only to those customers subscribed to the Extended Update Support (EUS) channel for Red Hat Enterprise Linux 7.4.

An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

An update for qemu-kvm is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact

An update for cri-o is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

An update for dovecot is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

An update for openshift-ansible is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

An update for kernel is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.

An update for kernel is now available for Red Hat Enterprise Linux 6.6 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

An update for dbus is now available for Red Hat Enterprise Linux 6.6 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

An update for dbus is now available for Red Hat Enterprise Linux 6.5 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

An update for kernel is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

An update for kernel is now available for Red Hat Enterprise Linux 7.5 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

An update for kpatch-patch is now available for RHEL-7.6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

An update for kernel-alt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

An update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

An update for kernel-alt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

An update for qpid-proton is now available for Satellite Tools 6.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

An update for qpid-proton is now available for Satellite Tools 6.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

An update for kernel is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

An update for jenkins is now available for Red Hat OpenShift Container Platform 4.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

An update for dovecot is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

An update for dovecot is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

An update for the nginx:1.14 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

An update for thunderbird is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

An update for systemd is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support, Red Hat Enterprise Linux 7.3 Telco Extended Update Support, and Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions.

An update for ruby is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support, Red Hat Enterprise Linux 7.3 Telco Extended Update Support, and Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions.

An update for kernel is now available for Red Hat Enterprise Linux 5 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

An update for patch is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix security issues.

An update that solves two vulnerabilities and has three fixes is now available.

An update that fixes two vulnerabilities is now available.

An update that fixes two vulnerabilities is now available.

An update that fixes one vulnerability is now available.

An update that fixes 6 vulnerabilities is now available.

An update that fixes one vulnerability is now available.

An update that fixes one vulnerability is now available.

An update that fixes four vulnerabilities is now available.

An update that contains security fixes can now be installed.

An update that fixes four vulnerabilities is now available.

An update that solves two vulnerabilities and has two fixes is now available.

An update that fixes one vulnerability is now available.

An update that solves 8 vulnerabilities and has one errata is now available.

An update that fixes 24 vulnerabilities is now available.

An update that fixes one vulnerability is now available.

An update that fixes one vulnerability is now available.

An update that fixes one vulnerability is now available.

An update that fixes two vulnerabilities is now available.

An update that fixes two vulnerabilities is now available.

An update that fixes one vulnerability is now available.

An update that fixes two vulnerabilities is now available.

Firefox could be made to hijack the mouse pointer it if opened a malicious website.

File Roller could be made to overwrite sensitive files if it received a specially crafted TAR file.

LibreOffice could be made to run programs as your login if it opened a specially crafted file.

Mosquitto could be made to crash or run programs if it received specially crafted network traffic.

USN 4134-1 introduced a regression in IBus.

Several security issues were fixed in the kernel.

A command injection vulnerability in Nokogiri allows commands to be executed in a subprocess by Ruby's `Kernel.open` method. For Debian 8 "Jessie", this problem has been fixed in version

Two security vulnerabilities were found in OpenSSL, the Secure Sockets Layer toolkit. CVE-2019-1547

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. For Debian 8 "Jessie", this issue has been fixed in libgcrypt20 version

An update has been made to php5, a server-side, HTML-embedded scripting language. Specficially, as reported in #805222, the ability to build extensions in certain older versions of PHP within Debian has been

A vulnerability has been discovered in php-pecl-http, the pecl_http module for PHP 5 Extended HTTP Support. A type confusion vulnerability in the merge_param() function allows attackers to crash PHP and possibly

Several vulnerabilities were found in QEMU, a fast processor emulator (notably used in KVM and Xen HVM virtualization).

Upstream details at : https://access.redhat.com/errata/RHSA-2019:2836

QEMU: slirp: heap buffer overflow while reassembling fragmented datagrams (CVE-2018-11806) * QEMU: slirp: heap buffer overflow in tcp_emu() (CVE-2019-6778) * QEMU: ne2000: integer overflow leads to buffer overflow issue (CVE-2018-10839) * QEMU: pcnet: integer overflow leads to buffer overflow (CVE-2018-17962) * QEMU: qxl: null pointer dereference while releasing spice resources (CVE-2019-1 [More...]

A buffer overflow flaw was found in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host. (CVE-2019-14835) SL6 x86_64 kernel-2.6.32-754.23 [More...]

dovecot: improper NULL byte handling in IMAP and ManageSieve protocol parsers leads to out of bounds writes (CVE-2019-11500) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. SL7 x86_64 dovecot-2.2.36-3.el7_7.1.i686.rpm [More...]

A buffer overflow flaw was found in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host. (CVE-2019-14835) SL7 x86 [More...]

This update upgrades Thunderbird to version 60.9.0. * Mozilla: Covert Content Attack on S/MIME encryption using a crafted multipart/alternative message (CVE-2019-11739) * Mozilla: Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, and Firefox ESR 60.9 (CVE-2019-11740) * Mozilla: Same-origin policy violation with SVG filters and canvas to steal cross-origin images (CVE-2019-11742) * Mo [More...]

An update that solves two vulnerabilities and has two fixes is now available.

An update that fixes two vulnerabilities is now available.

An update that fixes one vulnerability is now available.

An update that fixes two vulnerabilities is now available.

An update that fixes two vulnerabilities is now available.

An update that fixes 5 vulnerabilities is now available.

An update that fixes four vulnerabilities is now available.

An update that fixes one vulnerability is now available.

An update that contains security fixes can now be installed.

An update that solves 7 vulnerabilities and has one errata is now available.

An update that fixes one vulnerability is now available.

An update that solves 38 vulnerabilities and has 159 fixes is now available.

An update that fixes one vulnerability is now available.

An update that fixes one vulnerability is now available.

An update that fixes one vulnerability is now available.

An update that fixes one vulnerability is now available.

An update that fixes 5 vulnerabilities is now available.

An update that solves three vulnerabilities and has two fixes is now available.

An update that contains security fixes can now be installed.

An update that fixes one vulnerability is now available.

An update that fixes two vulnerabilities is now available.

An update that fixes two vulnerabilities is now available.

An update that solves three vulnerabilities and has two fixes is now available.

An update that fixes 35 vulnerabilities is now available.

An update that fixes 35 vulnerabilities is now available.

An update that fixes 35 vulnerabilities is now available.

An update that fixes 35 vulnerabilities is now available.

This kernel update is based on the upstream 5.2.16 and fixes atleast the following security issues: There is heap-based buffer overflow in the marvell wifi chip driver that allows local users to cause a denial of service(system crash) or possibly

This kernel update is based on the upstream 4.14.145 and fixes atleast the following security issues: There is heap-based buffer overflow in the marvell wifi chip driver that allows local users to cause a denial of service(system crash) or possibly

Updated samba packages fix security vulnerabilities: A combination of parameters and permissions in smb.conf can allow user to escape from the share path definition (CVE-2019-10197).

The updated thunderbird packages fix security issues: Covert Content Attack on S/MIME encryption using a crafted multipart/ alternative message. (CVE-2019-11739)

It was discovered that any unprivileged user could monitor and send method calls to the ibus bus of another user, due to a misconfiguration during the setup of the DBus server. When ibus is in use, a local attacker, who discovers the UNIX socket used by another user connected on a graphical environment, could use this flaw to intercept all keystrokes of the victim user or modify

Multiple flaws were found in the way Chromium 73.0.3683.103 processes various types of web content, where loading a web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information. (CVE-2019-5805, CVE-2019-5806, CVE-2019-5807, CVE-2019-5808, CVE-2019-5809, CVE-2019-5810,