zoukankan      html  css  js  c++  java
  • Debian Security Advisory DSA-4421-1 chromium security update

    Debian Security Advisory DSA-4421-1 chromium security update

    Package        : chromium
    CVE ID         : CVE-2019-5787 CVE-2019-5788 CVE-2019-5789 CVE-2019-5790
                     CVE-2019-5791 CVE-2019-5792 CVE-2019-5793 CVE-2019-5794
                     CVE-2019-5795 CVE-2019-5796 CVE-2019-5797 CVE-2019-5798
                     CVE-2019-5799 CVE-2019-5800 CVE-2019-5802 CVE-2019-5803

    Several vulnerabilities have been discovered in the chromium web browser.

    CVE-2019-5787

        Zhe Jin discovered a use-after-free issue.

    CVE-2019-5788

        Mark Brand discovered a use-after-free issue in the in the FileAPI
        implementation.

    CVE-2019-5789

        Mark Brand discovered a use-after-free issue in the in the WebMIDI
        implementation.

    CVE-2019-5790

        Dimitri Fourny discovered a buffer overflow issue in the v8 javascript
        library.

    CVE-2019-5791

        Choongwoo Han discovered a type confusion issue in the v8 javascript
        library.

    CVE-2019-5792

        pdknsk discovered an integer overflow issue in the pdfium library.

    CVE-2019-5793

        Jun Kokatsu discovered a permissions issue in the Extensions
        implementation.

    CVE-2019-5794

        Juno Im of Theori discovered a user interface spoofing issue.

    CVE-2019-5795

        pdknsk discovered an integer overflow issue in the pdfium library.

    CVE-2019-5796

        Mark Brand discovered a race condition in the Extensions implementation.

    CVE-2019-5797

        Mark Brand discovered a race condition in the DOMStorage implementation.

    CVE-2019-5798

        Tran Tien Hung disoceved an out-of-bounds read issue in the skia library.

    CVE-2019-5799

        sohalt discovered a way to bypass the Content Security Policy.

    CVE-2019-5800

        Jun Kokatsu discovered a way to bypass the Content Security Policy.

    CVE-2019-5802

       Ronni Skansing discovered a user interface spoofing issue.

    CVE-2019-5803

        Andrew Comminos discovered a way to bypass the Content Security Policy.

    These problems have been fixed in version 73.0.3683.75-1~deb9u1.

    We recommend that you upgrade your chromium packages.

    For the detailed security status of chromium please refer to its security tracker page at: https://security-tracker.debian.org/tracker/chromium

  • 相关阅读:
    【转并修改】VS2013 MVC Web项目使用内置的IISExpress支持局域网内部机器(手机、PC)访问、调试
    ASP.NET MVC4 UEditor 的上传图片配置路径
    转:Java图形化界面设计——布局管理器之FlowLayout(流式布局)其他请参考转载出处网址
    转载:win7JDK环境配置
    转载:java保留2位小数
    转载:遍历Map的四种方法
    架构模式: 远程过程调用
    架构模式: 外部配置化
    架构模式: 微服务的基底
    架构模式: 服务部署平台
  • 原文地址:https://www.cnblogs.com/iAmSoScArEd/p/10682980.html
Copyright © 2011-2022 走看看