Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [SECURITY] [DSA 4917-1] chromium security update

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 4917-1] chromium security update


Chronologisch Thread 
    < Chronologisch >      < Thread >
  • From: Michael Gilbert <mgilbert AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecNots] [SECURITY] [DSA 4917-1] chromium security update
  • Date: Mon, 17 May 2021 22:48:55 -0400
  • Authentication-results: mail02.piratenpartei.de; dkim=none; spf=none (mail02.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 82.195.75.100) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"; dmarc=none
  • List-archive: https://lists.debian.org/msgid-search/CANTw=MOpCuoJJRnBqRT3ba4SiqDzTUeT-dxqQkS5B9KemnuC2Q AT mail.gmail.com
  • List-id: <debian-security-announce.lists.debian.org>
  • List-url: <http://lists.debian.org/debian-security-announce/>
  • Old-return-path: <michael.s.gilbert AT gmail.com>
  • Priority: urgent
  • Resent-date: Tue, 18 May 2021 02:49:24 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <9nwbsaDJAWJ.A.x9B.0syogB@bendel>
  • Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4917-1 security AT debian.org
https://www.debian.org/security/ Michael Gilbert
May 17, 2021 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : chromium
CVE ID : CVE-2021-30506 CVE-2021-30507 CVE-2021-30508 CVE-2021-30509
CVE-2021-30510 CVE-2021-30511 CVE-2021-30512 CVE-2021-30513
CVE-2021-30514 CVE-2021-30515 CVE-2021-30516 CVE-2021-30517
CVE-2021-30518 CVE-2021-30519 CVE-2021-30520

Several vulnerabilities have been discovered in the chromium web browser.

CVE-2021-30506

@retsew0x01 discovered an error in the Web App installation interface.

CVE-2021-30507

Alison Huffman discovered an error in the Offline mode.

CVE-2021-30508

Leecraso and Guang Gong discovered a buffer overflow issue in the Media
Feeds implementation.

CVE-2021-30509

David Erceg discovered an out-of-bounds write issue in the Tab Strip
implementation.

CVE-2021-30510

Weipeng Jiang discovered a race condition in the aura window manager.

CVE-2021-30511

David Erceg discovered an out-of-bounds read issue in the Tab Strip
implementation.

CVE-2021-30512

ZhanJia Song discovered a use-after-free issue in the notifications
implementation.

CVE-2021-30513

Man Yue Mo discovered an incorrect type in the v8 javascript library.

CVE-2021-30514

koocola and Wang discovered a use-after-free issue in the Autofill
feature.

CVE-2021-30515

Rong Jian and Guang Gong discovered a use-after-free issue in the file
system access API.

CVE-2021-30516

ZhanJia Song discovered a buffer overflow issue in the browsing history.

CVE-2021-30517

Jun Kokatsu discovered a buffer overflow issue in the reader mode.

CVE-2021-30518

laural discovered use of an incorrect type in the v8 javascript library.

CVE-2021-30519

asnine discovered a use-after-free issue in the Payments feature.

CVE-2021-30520

Khalil Zhani discovered a use-after-free issue in the Tab Strip
implementation.

For the stable distribution (buster), these problems have been fixed in
version 90.0.4430.212-1~deb10u1.

We recommend that you upgrade your chromium packages.

For the detailed security status of chromium please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/chromium

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQQzBAEBCgAdFiEEIwTlZiOEpzUxIyp4mD40ZYkUaygFAmCjKigACgkQmD40ZYkU
aygutiAAoTR+pOTfxVWYgdzkPI4z5VSeoFm6nWmE2UhB+yowe7MSczx69hJ9O0DF
c+KyNJkolgkOA6Vu8oywbYhikIj5wSVhFwq3CuAE8IGyDF2T1qNeGiVfXyzO1VHK
r/3zSLZIa7vvRL3/Znb+lhGbrXCAgMEDizzztvIVuZq9vnV6oYDpBVCaSCmk2nBv
AUcuRkBiYp3WEKwOs3N3LJ96WwcObjXUEIyioGXMyczJDRNSN5M7m65A8dlogAvx
tHNipgcMcMU08sAR3Zrw6AwKDqQRaq0tuDmgf85cLDKKAWpJgA8UQQe5l6NJPjlB
WQ0ZvJwO4U2oTKjb7kLBSkZsnqeXqor44Hi+2hcW+4ZhL55N9Cq0rjzeNyUbi5Bl
sGnWrpgg6llIh0e40g6Niq47/1fUMHtiCHrqvn0/lkdpWQ3UvPHV+efWPe1KpIaT
vhq7ja/wS/zIr4glVIvzXprV9vJH1dKcPB/dukdb2jZWBeEF4Dj7GqP+hHMpqR1x
KodWOsInNC+aqiPb6r5VCMpm3l1KxiI8bdTzhPz5cmSlb3n/DuDlGq2bmjA02FGy
2u19R1S7bQbn8yUOB5KGwYnWNVdYo6VugEkfCEnmc0D3ev5LWx9fdqunrZhqWfeZ
izWG5WfutUmIeZ2+SqdFdGUC50ZSCppdnH2Nmc31QvpZfDy2WQk/FtieyCKRm3D1
Oo1rD4GHbw+WCJfQbmSIwit0AZJVG5hyIOComzojMMQdFyihv5N59sZ2LHBOFl3r
J67x9cdPcNCHIKE+hmvnLcf2N+GPSM4PTFyibs5cmUMlsiNnInQVcizV6a25nY8X
iiI7OoG3W+hHcxY3hcl8nHrI/KiQ/ji7yY1bzjfmjR7uEMKhNQz3GH7XAdGo7B5+
HDPg/UH/euXRl+1Gwco6sY5k6Zs/Fl2VdFVFBiqtqd8RO1wltC4XK1JrEKHp3L3d
mADBUgOZHWRNcVNvCLwO59/9hmViQMhwRh1M7Lh1EqhDCfCOuN+2f/rexPDPB7a8
hu9fn4e18Aexc9naqr/JpJxYL+zfbDJgy04ms/2iqR94mQVFd/ON7DtNgfnkfbCB
HXInjHkzTpCxFw8otbPIY2A9aXH1PeT1jNB6oQWF0cJv8WpSw4AV1xU3GaPw323g
4eG0BJ9RlR3cpfvcOQEdvZoaOvZdIgPGM2TvcbHPTjQ7kXYaFlYyCsA7jpwE4aWW
WnYkiY4it9vZi2kmoYNOZbnB7m/w1AA5JmLBkXaNLTHDLU/Lm8YodPirDM9gjae5
3HZLZnmjjZHC0swahD8J8D0XfxwZvonee07pEFKhbL+/pjbs2TeSivOhIwTp9VVo
7KROY+DZ08ZtOkS8mIsHy91+Uh+Wlg==
=7EHh
-----END PGP SIGNATURE-----


  • [IT-SecNots] [SECURITY] [DSA 4917-1] chromium security update, Michael Gilbert, 18.05.2021

Archiv bereitgestellt durch MHonArc 2.6.24.

Seitenanfang