drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in Chromium
Name: |
Mehrere Probleme in Chromium |
|
ID: |
DSA-3985-1 |
|
Distribution: |
Debian |
|
Plattformen: |
Debian sid, Debian stretch |
|
Datum: |
Fr, 29. September 2017, 08:54 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5116
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5118
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5119
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5121
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5122
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5115
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5114
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5117
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5112
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5120
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5113
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5111 |
|
Applikationen: |
Chromium |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
- ------------------------------------------------------------------------- Debian Security Advisory DSA-3985-1 security@debian.org https://www.debian.org/security/ Michael Gilbert September 28, 2017 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : chromium-browser CVE ID : CVE-2017-5111 CVE-2017-5112 CVE-2017-5113 CVE-2017-5114 CVE-2017-5115 CVE-2017-5116 CVE-2017-5117 CVE-2017-5118 CVE-2017-5119 CVE-2017-5120 CVE-2017-5121 CVE-2017-5122
Several vulnerabilities have been discovered in the chromium web browser.
CVE-2017-5111
Luat Nguyen discovered a use-after-free issue in the pdfium library.
CVE-2017-5112
Tobias Klein discovered a buffer overflow issue in the webgl library.
CVE-2017-5113
A buffer overflow issue was discovered in the skia library.
CVE-2017-5114
Ke Liu discovered a memory issue in the pdfium library.
CVE-2017-5115
Marco Giovannini discovered a type confusion issue in the v8 javascript library.
CVE-2017-5116
Guang Gong discovered a type confusion issue in the v8 javascript library.
CVE-2017-5117
Tobias Klein discovered an uninitialized value in the skia library.
CVE-2017-5118
WenXu Wu discovered a way to bypass the Content Security Policy.
CVE-2017-5119
Another uninitialized value was discovered in the skia library.
CVE-2017-5120
Xiaoyin Liu discovered a way downgrade HTTPS connections during redirection.
CVE-2017-5121
Jordan Rabet discovered an out-of-bounds memory access in the v8 javascript library.
CVE-2017-5122
Choongwoo Han discovered an out-of-bounds memory access in the v8 javascript library.
For the stable distribution (stretch), these problems have been fixed in version 61.0.3163.100-1~deb9u1.
For the testing distribution (buster), these problems will be fixed soon.
For the unstable distribution (sid), these problems have been fixed in version 61.0.3163.100-1.
We recommend that you upgrade your chromium-browser packages.
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQQzBAEBCgAdFiEEluhy7ASCBulP9FUWuNayzQLW9HMFAlnM7E0ACgkQuNayzQLW 9HPaQB/7BLQfY2DRCMoj0/WVxKCuR3DCjZasEeh6RRzPWUYMsvECBoQ+oeSdN6uW aZX4XYGY1OkE4cmKYoQCOp7wMQ7KD6hIWLvNTR9gC9KMmpxekiqrWTmhDzSCR6on /pYlguy0vCjtWfsGBMz9Tjba72lOGpMvW6Bbo9EvywN+pNeLNoKwkHFucCTwlSNH X/fLOZTxdFFHlSPq7fxFgvQQq/y1PcaPxWiJvw62ds+AFV6O03OdR4/vJBI4d8OY cwJRbZi0T91ary50MNuGZgLtA5PaCXBfBfXsx0MXTvMcpmNw6auKjUr2AEwKcB0L fs4iFErXjxciz2Lf3VoepJhPjeRL35R/rkxKXV+71uXZRlpMYqXd8mZdnZZ+cSEZ DoqJKSmr/PrwI6KSwiP1Gn2oWoxkjEV2T3lIAW/IdwX26rh0ruNjskPhZQbLmhlR 9OAW7UsMxnTzOxVV2BNghi7aQlyeq2pVFkakMQ2fMt0e+6YmdEH7I0CzOGXncCSK c5VocSHvZfwaCw0FeqYLocHz4s1o9SR8qhcI6HiCV1PCRfAe5It5P90PTcTNJMP3 5D+efQ/cxU7u7IXep8mE8fDin8v1kYRcMCgxB7VKHQaPY8uJlCqH89RKf9NgggNe 8rAAlPUhkDq1gLzG1oWDFcFRtFuxRwIK+htQixcxNQuIDguxWFwL0lEUvdFe8wBp B/896t2MM6kCkwmf4xXGDFk5DrPVMtUh6283CypZSjhcMs02l+SUBY2e/67xeKYE KDcj+7D7yBsv7mddDisYx8jF34wiSBP8kE8MJuC39IdrLLTEgsbWDMs0e3E2oi24 1kZqgCKZqaZHm2Wc/+V8q/bubeaFGuQHsl4JOjnkuefg7wTrniDs73x/jduo3RRW 24FMVCdw18JJNNoSifT7Vj36oqr9Ei7yWjKPCyu0880R3Rf2P0Cu+JkCnpf0/yci jur+d3Cs6ij1mAXVuIY0BoJtOlaljs/epFGyVfcPN255QXX1FDEG++2u4ovfxxmP 6bGCfczqnUtjxgVdHAJvbvLDBSgSLr3AWCTAN4P9fI99zUWgFHSi4cz/+JtlmRMn 6S0w4r0YJsK0tCKL6hzt2PhnDrDt8sJyDOczxA5a15zq9GgQdpFQW7bHv8EEj2Wk tV3F4uHAqLKEgW4aEBaiIXvSDJlxy/FXeeVZXfl/V+by3BrNnmmy4CHJZcYZqh4g NpEgXY6e67+S9zbQ/YqK4TL0lh6YWRt8KRxGRVDdev+k/IGQTmB7GgpyMyphVC57 AmN+vOD0uhV0UsLSzHl0vECoC9y5ko+JmZKW6JaDDsI1ql/MxOU9Q6rrMfbduRNp ZHMd4PsWBQUvvLR6Wd3m/GWQc5EkZg== =+/ji -----END PGP SIGNATURE-----
|
|
|
|