Login
Newsletter
Werbung
Sicherheit: Mehrere Probleme in Chromium
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in Chromium
ID: FEDORA-2018-faff5f661e
Distribution: Fedora
Plattformen: Fedora 27
Datum: Di, 27. März 2018, 23:36
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6063
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15410
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6078
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6080
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15427
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6056
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6065
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15418
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15415
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15409
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6072
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6083
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15412
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6406
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15417
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6079
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15423
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6074
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6070
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6058
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6069
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6077
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6060
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6068
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15407
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6061
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15426
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6075
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6066
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15416
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6067
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6059
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6082
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15408
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6081
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6071
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6076
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15420
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15425
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15422
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15424
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6073
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15411
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15413
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6064
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15396
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6062
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15419
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6057
Applikationen: Chromium

Originalnachricht

 
-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2018-faff5f661e
2018-03-27 19:56:39.710249
-------------------------------------------------------------------------------
-

Name        : chromium
Product     : Fedora 27
Version     : 65.0.3325.181
Release     : 1.fc27
URL         : http://www.chromium.org/Home
Summary     : A WebKit (Blink) powered web browser
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).

-------------------------------------------------------------------------------
-
Update Information:

Update to Chromium 65. For EPEL7, it has been a long time since a successful
build has been possible, so this will fix a LOT of CVEs.  CVE-2017-15396
CVE-2017-15407 CVE-2017-15408 CVE-2017-15409 CVE-2017-15410 CVE-2017-15411
CVE-2017-15412 CVE-2017-15413 CVE-2017-15415 CVE-2017-15416 CVE-2017-15417
CVE-2017-15418 CVE-2017-15419 CVE-2017-15420 CVE-2017-15422  CVE-2018-6056
CVE-2018-6406 CVE-2018-6057 CVE-2018-6058 CVE-2018-6059 CVE-2018-6060
CVE-2018-6061 CVE-2018-6062 CVE-2018-6063 CVE-2018-6064 CVE-2018-6065
CVE-2018-6066 CVE-2018-6067 CVE-2018-6068 CVE-2018-6069 CVE-2018-6070
CVE-2018-6071
-------------------------------------------------------------------------------
-
References:

  [ 1 ] Bug #1552500 - CVE-2018-6083 chromium-browser: incorrect processing of
 appmanifests
        https://bugzilla.redhat.com/show_bug.cgi?id=1552500
  [ 2 ] Bug #1552499 - CVE-2018-6082 chromium-browser: circumvention of port
 blocking
        https://bugzilla.redhat.com/show_bug.cgi?id=1552499
  [ 3 ] Bug #1552498 - CVE-2018-6081 chromium-browser: xss in interstitials
        https://bugzilla.redhat.com/show_bug.cgi?id=1552498
  [ 4 ] Bug #1552497 - CVE-2018-6080 chromium-browser: information disclosure
 in ipc call
        https://bugzilla.redhat.com/show_bug.cgi?id=1552497
  [ 5 ] Bug #1552496 - CVE-2018-6079 chromium-browser: information disclosure
 via texture data in webgl
        https://bugzilla.redhat.com/show_bug.cgi?id=1552496
  [ 6 ] Bug #1552495 - CVE-2018-6078 chromium-browser: url spoof in omnibox
        https://bugzilla.redhat.com/show_bug.cgi?id=1552495
  [ 7 ] Bug #1552494 - CVE-2018-6077 chromium-browser: timing attack using svg
 filters
        https://bugzilla.redhat.com/show_bug.cgi?id=1552494
  [ 8 ] Bug #1552493 - CVE-2018-6076 chromium-browser: incorrect handling of
 url fragment identifiers in blink
        https://bugzilla.redhat.com/show_bug.cgi?id=1552493
  [ 9 ] Bug #1552492 - CVE-2018-6075 chromium-browser: overly permissive cross
 origin downloads
        https://bugzilla.redhat.com/show_bug.cgi?id=1552492
  [ 10 ] Bug #1552491 - CVE-2018-6074 chromium-browser: mark-of-the-web bypass
        https://bugzilla.redhat.com/show_bug.cgi?id=1552491
  [ 11 ] Bug #1552490 - CVE-2018-6073 chromium-browser: heap bufffer overflow
 in webgl
        https://bugzilla.redhat.com/show_bug.cgi?id=1552490
  [ 12 ] Bug #1552489 - CVE-2018-6072 chromium-browser: integer overflow in
 pdfium
        https://bugzilla.redhat.com/show_bug.cgi?id=1552489
  [ 13 ] Bug #1552488 - CVE-2018-6071 chromium-browser: heap bufffer overflow
 in skia
        https://bugzilla.redhat.com/show_bug.cgi?id=1552488
  [ 14 ] Bug #1552487 - CVE-2018-6070 chromium-browser: csp bypass through
 extensions
        https://bugzilla.redhat.com/show_bug.cgi?id=1552487
  [ 15 ] Bug #1552486 - CVE-2018-6069 chromium-browser: stack buffer overflow
 in skia
        https://bugzilla.redhat.com/show_bug.cgi?id=1552486
  [ 16 ] Bug #1552485 - CVE-2018-6068 chromium-browser: object lifecycle issues
 in chrome custom tab
        https://bugzilla.redhat.com/show_bug.cgi?id=1552485
  [ 17 ] Bug #1552484 - CVE-2018-6067 chromium-browser: buffer overflow in skia
        https://bugzilla.redhat.com/show_bug.cgi?id=1552484
  [ 18 ] Bug #1552483 - CVE-2018-6066 chromium-browser: same origin bypass via
 canvas
        https://bugzilla.redhat.com/show_bug.cgi?id=1552483
  [ 19 ] Bug #1552482 - CVE-2018-6065 chromium-browser: integer overflow in v8
        https://bugzilla.redhat.com/show_bug.cgi?id=1552482
  [ 20 ] Bug #1552481 - CVE-2018-6064 chromium-browser: type confusion in v8
        https://bugzilla.redhat.com/show_bug.cgi?id=1552481
  [ 21 ] Bug #1552480 - CVE-2018-6063 chromium-browser: incorrect permissions
 on shared memory
        https://bugzilla.redhat.com/show_bug.cgi?id=1552480
  [ 22 ] Bug #1552479 - CVE-2018-6057 chromium-browser: incorrect permissions
 on shared memory
        https://bugzilla.redhat.com/show_bug.cgi?id=1552479
  [ 23 ] Bug #1552478 - CVE-2018-6062 chromium-browser: heap buffer overflow in
 skia
        https://bugzilla.redhat.com/show_bug.cgi?id=1552478
  [ 24 ] Bug #1552477 - CVE-2018-6061 chromium-browser: race condition in v8
        https://bugzilla.redhat.com/show_bug.cgi?id=1552477
  [ 25 ] Bug #1552476 - CVE-2018-6060 chromium-browser: use-after-free in blink
        https://bugzilla.redhat.com/show_bug.cgi?id=1552476
  [ 26 ] Bug #1552475 - CVE-2018-6059 chromium-browser: use-after-free in flash
        https://bugzilla.redhat.com/show_bug.cgi?id=1552475
  [ 27 ] Bug #1552474 - CVE-2018-6058 chromium-browser: use-after-free in flash
        https://bugzilla.redhat.com/show_bug.cgi?id=1552474
  [ 28 ] Bug #1547349 - CVE-2018-6406 libwebm: Out of bounds read in
 libwebm_util.cc:ParseVP9SuperFrameIndex() can lead to information leak or potential denial of service
        https://bugzilla.redhat.com/show_bug.cgi?id=1547349
  [ 29 ] Bug #1545062 - CVE-2018-6056 chromium-browser: incorrect derived class
 instantiation in v8
        https://bugzilla.redhat.com/show_bug.cgi?id=1545062
  [ 30 ] Bug #1523141 - CVE-2017-15427 chromium-browser: insufficient blocking
 of javascript in omnibox
        https://bugzilla.redhat.com/show_bug.cgi?id=1523141
  [ 31 ] Bug #1523140 - CVE-2017-15426 chromium-browser: url spoof in omnibox
        https://bugzilla.redhat.com/show_bug.cgi?id=1523140
  [ 32 ] Bug #1523139 - CVE-2017-15425 chromium-browser: url spoof in omnibox
        https://bugzilla.redhat.com/show_bug.cgi?id=1523139
  [ 33 ] Bug #1523138 - CVE-2017-15424 chromium-browser: url spoof in omnibox
        https://bugzilla.redhat.com/show_bug.cgi?id=1523138
  [ 34 ] Bug #1523137 - CVE-2017-15423 chromium-browser: issue with spake
 implementation in boringssl
        https://bugzilla.redhat.com/show_bug.cgi?id=1523137
  [ 35 ] Bug #1523136 - CVE-2017-15422 chromium-browser: integer overflow in
 icu
        https://bugzilla.redhat.com/show_bug.cgi?id=1523136
  [ 36 ] Bug #1523135 - CVE-2017-15420 chromium-browser: url spoofing in
 omnibox
        https://bugzilla.redhat.com/show_bug.cgi?id=1523135
  [ 37 ] Bug #1523134 - CVE-2017-15419 chromium-browser: cross origin leak of
 redirect url in blink
        https://bugzilla.redhat.com/show_bug.cgi?id=1523134
  [ 38 ] Bug #1523133 - CVE-2017-15418 chromium-browser: use of uninitialized
 value in skia
        https://bugzilla.redhat.com/show_bug.cgi?id=1523133
  [ 39 ] Bug #1523132 - CVE-2017-15417 chromium-browser: cross origin
 information disclosure in skia
        https://bugzilla.redhat.com/show_bug.cgi?id=1523132
  [ 40 ] Bug #1523131 - CVE-2017-15416 chromium-browser: out of bounds read in
 blink
        https://bugzilla.redhat.com/show_bug.cgi?id=1523131
  [ 41 ] Bug #1523130 - CVE-2017-15415 chromium-browser: pointer information
 disclosure in ipc call
        https://bugzilla.redhat.com/show_bug.cgi?id=1523130
  [ 42 ] Bug #1523129 - CVE-2017-15413 chromium-browser: type confusion in
 webassembly
        https://bugzilla.redhat.com/show_bug.cgi?id=1523129
  [ 43 ] Bug #1523128 - CVE-2017-15412 chromium-browser: use after free in
 libxml
        https://bugzilla.redhat.com/show_bug.cgi?id=1523128
  [ 44 ] Bug #1523127 - CVE-2017-15411 chromium-browser: use after free in
 pdfium
        https://bugzilla.redhat.com/show_bug.cgi?id=1523127
  [ 45 ] Bug #1523126 - CVE-2017-15410 chromium-browser: use after free in
 pdfium
        https://bugzilla.redhat.com/show_bug.cgi?id=1523126
  [ 46 ] Bug #1523125 - CVE-2017-15409 chromium-browser: out of bounds write in
 skia
        https://bugzilla.redhat.com/show_bug.cgi?id=1523125
  [ 47 ] Bug #1523124 - CVE-2017-15408 chromium-browser: heap buffer overflow
 in pdfium
        https://bugzilla.redhat.com/show_bug.cgi?id=1523124
  [ 48 ] Bug #1523123 - CVE-2017-15407 chromium-browser: out of bounds write in
 quic
        https://bugzilla.redhat.com/show_bug.cgi?id=1523123
-------------------------------------------------------------------------------
-

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade chromium' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung