drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in Chromium
Name: |
Mehrere Probleme in Chromium |
|
ID: |
201706-20 |
|
Distribution: |
Gentoo |
|
Plattformen: |
Keine Angabe |
|
Datum: |
Di, 20. Juni 2017, 23:14 |
|
Referenzen: |
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5083
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5088
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5085
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5075
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5072
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5089
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5068
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5084
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5081
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5078
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5074
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5082
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5079
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5086
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5077
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5080
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5070
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5076
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5073
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5071
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5087 |
|
Applikationen: |
Chromium |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --5N9Ga4MPtIv3P9mIUTIHKFkV3hXqDT3KM Content-Type: multipart/mixed; boundary="OrPAt0EKGM25OReVJN9UgUfhn6SUgcO7o"; protected-headers="v1" From: Kristian Fiskerstrand <k_f@gentoo.org> Reply-To: Gentoo Security <security@gentoo.org> To: gentoo-announce@lists.gentoo.org Message-ID: <260f875b-23e9-69b6-01f1-598d03c25dd6@gentoo.org> Subject: [ GLSA 201706-20 ] Chromium: Multiple vulnerabilities
--OrPAt0EKGM25OReVJN9UgUfhn6SUgcO7o Content-Type: text/plain; charset=utf-8 Content-Language: en-U Content-Transfer-Encoding: quoted-printable
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201706-20 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal Title: Chromium: Multiple vulnerabilities Date: June 20, 2017 Bugs: #617504, #620956, #621886 ID: 201706-20
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis ========
Multiple vulnerabilities have been found in the Chromium web browser, the worst of which allows remote attackers to execute arbitrary code.
Background ==========
Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web.
Affected packages =================
------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-client/chromium < 59.0.3071.104 >= 59.0.3071.104
Description ===========
Multiple vulnerabilities have been discovered in the Chromium web browser. Please review the CVE identifiers referenced below for details.
Impact ======
A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information, bypass security restrictions or spoof content.
Workaround ==========
There is no known workaround at this time.
Resolution ==========
All Chromium users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-client/chromium-59.0.3071.104"
References ==========
[ 1 ] CVE-2017-5068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5068 [ 2 ] CVE-2017-5070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5070 [ 3 ] CVE-2017-5071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5071 [ 4 ] CVE-2017-5072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5072 [ 5 ] CVE-2017-5073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5073 [ 6 ] CVE-2017-5074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5074 [ 7 ] CVE-2017-5075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5075 [ 8 ] CVE-2017-5076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5076 [ 9 ] CVE-2017-5077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5077 [ 10 ] CVE-2017-5078 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5078 [ 11 ] CVE-2017-5079 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5079 [ 12 ] CVE-2017-5080 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5080 [ 13 ] CVE-2017-5081 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5081 [ 14 ] CVE-2017-5082 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5082 [ 15 ] CVE-2017-5083 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5083 [ 16 ] CVE-2017-5084 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5084 [ 17 ] CVE-2017-5085 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5085 [ 18 ] CVE-2017-5086 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5086 [ 19 ] CVE-2017-5087 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5087 [ 20 ] CVE-2017-5088 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5088 [ 21 ] CVE-2017-5089 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5089
Availability ============
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201706-20
Concerns? =========
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License =======
Copyright 2017 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
--OrPAt0EKGM25OReVJN9UgUfhn6SUgcO7o--
--5N9Ga4MPtIv3P9mIUTIHKFkV3hXqDT3KM Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCgAdFiEEtOrRIMf4mkrqRycHJQt6/tY3nYUFAllJcPUACgkQJQt6/tY3 nYU9tAf9GwcXy1iLtFkBtJupFkDW+yk+eneq89D3mmiawpXX3L8aFOc1WCwO6UkV GPiRHkvPf6zcMwKVpqEV8/XRsm+uPjMRJfWPJOApS6RRjoFedHIhT7OmZZpTFgue QUs13iYExfCJI62rJEW1PDLJHK0z46dJ3axwwDd4NE7we4d7zJw+jVE0MQQOW8nM FJz5MGaD5AI0OtWEh62xogYXbiutCEjcG2eAMdHnjMvTaYqWd2ij3gmd9DQFZR6Z eMWys/Lrsq2JcZW03on1tuQPUof0xo2hhdP/gRT7guGEeaABtzK4r3ge96zxEHeB lpkxTNpTQnOU7UlzGq2u7og0r3BEBg== =rSb2 -----END PGP SIGNATURE-----
--5N9Ga4MPtIv3P9mIUTIHKFkV3hXqDT3KM--
|
|
|
|