drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in Google Chrome und Chromium
Name: |
Mehrere Probleme in Google Chrome und Chromium |
|
ID: |
202004-09 |
|
Distribution: |
Gentoo |
|
Plattformen: |
Keine Angabe |
|
Datum: |
Sa, 11. April 2020, 08:01 |
|
Referenzen: |
https://nvd.nist.gov/vuln/detail/CVE-2020-6454
https://nvd.nist.gov/vuln/detail/CVE-2020-6444
https://nvd.nist.gov/vuln/detail/CVE-2020-6456
https://nvd.nist.gov/vuln/detail/CVE-2020-6450
https://nvd.nist.gov/vuln/detail/CVE-2020-6438
https://nvd.nist.gov/vuln/detail/CVE-2020-6436
https://nvd.nist.gov/vuln/detail/CVE-2020-6432
https://nvd.nist.gov/vuln/detail/CVE-2020-6446
https://nvd.nist.gov/vuln/detail/CVE-2020-6448
https://nvd.nist.gov/vuln/detail/CVE-2020-6423
https://nvd.nist.gov/vuln/detail/CVE-2020-6437
https://nvd.nist.gov/vuln/detail/CVE-2020-6434
https://nvd.nist.gov/vuln/detail/CVE-2020-6435
https://nvd.nist.gov/vuln/detail/CVE-2020-6439
https://nvd.nist.gov/vuln/detail/CVE-2020-6455
https://nvd.nist.gov/vuln/detail/CVE-2020-6442
https://nvd.nist.gov/vuln/detail/CVE-2020-6430
https://nvd.nist.gov/vuln/detail/CVE-2020-6431
https://nvd.nist.gov/vuln/detail/CVE-2020-6452
https://nvd.nist.gov/vuln/detail/CVE-2020-6441
https://nvd.nist.gov/vuln/detail/CVE-2020-6433
https://nvd.nist.gov/vuln/detail/CVE-2020-6443
https://nvd.nist.gov/vuln/detail/CVE-2020-6451
https://nvd.nist.gov/vuln/detail/CVE-2020-6447
https://nvd.nist.gov/vuln/detail/CVE-2020-6445
https://nvd.nist.gov/vuln/detail/CVE-2020-6440 |
|
Applikationen: |
Chromium, Chrome |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --UzOU2rTrGryg6cKUjwhzWltAjfQGJZUVt Content-Type: multipart/mixed; boundary="AGGMW492wJm20RDQWnNcSll4Tdpjx9mOX"
--AGGMW492wJm20RDQWnNcSll4Tdpjx9mOX Content-Type: text/plain; charset=utf-8 Content-Language: en-U Content-Transfer-Encoding: quoted-printable
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202004-09 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal Title: Chromium, Google Chrome: Multiple vulnerabilities Date: April 10, 2020 Bugs: #715720, #716612 ID: 202004-09
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis ========
Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary code.
Background ==========
Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web.
Google Chrome is one fast, simple, and secure browser for all your devices.
Affected packages =================
------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-client/chromium < 81.0.4044.92 >= 81.0.4044.92 2 www-client/google-chrome < 81.0.4044.92 >= 81.0.4044.92 ------------------------------------------------------------------- 2 affected packages
Description ===========
Multiple vulnerabilities have been discovered in Chromium and Google Chrome. Please review the referenced CVE identifiers for details.
Impact ======
A remote attacker could entice a user to open a specially crafted HTML or multimedia file using Chromium or Google Chrome, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition.
Workaround ==========
There is no known workaround at this time.
Resolution ==========
All Chromium users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-client/chromium-81.0.4044.92"
All Google Chrome users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-client/google-chrome-81.0.4044.92"
References ==========
[ 1 ] CVE-2020-6423 https://nvd.nist.gov/vuln/detail/CVE-2020-6423 [ 2 ] CVE-2020-6430 https://nvd.nist.gov/vuln/detail/CVE-2020-6430 [ 3 ] CVE-2020-6431 https://nvd.nist.gov/vuln/detail/CVE-2020-6431 [ 4 ] CVE-2020-6432 https://nvd.nist.gov/vuln/detail/CVE-2020-6432 [ 5 ] CVE-2020-6433 https://nvd.nist.gov/vuln/detail/CVE-2020-6433 [ 6 ] CVE-2020-6434 https://nvd.nist.gov/vuln/detail/CVE-2020-6434 [ 7 ] CVE-2020-6435 https://nvd.nist.gov/vuln/detail/CVE-2020-6435 [ 8 ] CVE-2020-6436 https://nvd.nist.gov/vuln/detail/CVE-2020-6436 [ 9 ] CVE-2020-6437 https://nvd.nist.gov/vuln/detail/CVE-2020-6437 [ 10 ] CVE-2020-6438 https://nvd.nist.gov/vuln/detail/CVE-2020-6438 [ 11 ] CVE-2020-6439 https://nvd.nist.gov/vuln/detail/CVE-2020-6439 [ 12 ] CVE-2020-6440 https://nvd.nist.gov/vuln/detail/CVE-2020-6440 [ 13 ] CVE-2020-6441 https://nvd.nist.gov/vuln/detail/CVE-2020-6441 [ 14 ] CVE-2020-6442 https://nvd.nist.gov/vuln/detail/CVE-2020-6442 [ 15 ] CVE-2020-6443 https://nvd.nist.gov/vuln/detail/CVE-2020-6443 [ 16 ] CVE-2020-6444 https://nvd.nist.gov/vuln/detail/CVE-2020-6444 [ 17 ] CVE-2020-6445 https://nvd.nist.gov/vuln/detail/CVE-2020-6445 [ 18 ] CVE-2020-6446 https://nvd.nist.gov/vuln/detail/CVE-2020-6446 [ 19 ] CVE-2020-6447 https://nvd.nist.gov/vuln/detail/CVE-2020-6447 [ 20 ] CVE-2020-6448 https://nvd.nist.gov/vuln/detail/CVE-2020-6448 [ 21 ] CVE-2020-6450 https://nvd.nist.gov/vuln/detail/CVE-2020-6450 [ 22 ] CVE-2020-6451 https://nvd.nist.gov/vuln/detail/CVE-2020-6451 [ 23 ] CVE-2020-6452 https://nvd.nist.gov/vuln/detail/CVE-2020-6452 [ 24 ] CVE-2020-6454 https://nvd.nist.gov/vuln/detail/CVE-2020-6454 [ 25 ] CVE-2020-6455 https://nvd.nist.gov/vuln/detail/CVE-2020-6455 [ 26 ] CVE-2020-6456 https://nvd.nist.gov/vuln/detail/CVE-2020-6456
Availability ============
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202004-09
Concerns? =========
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License =======
Copyright 2020 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
--AGGMW492wJm20RDQWnNcSll4Tdpjx9mOX--
--UzOU2rTrGryg6cKUjwhzWltAjfQGJZUVt Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQGTBAEBCgB9FiEEExKRzo+LDXJgXHuURObr3Jv2BVkFAl6Q7OJfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDEz MTI5MUNFOEY4QjBENzI2MDVDN0I5NDQ0RTZFQkRDOUJGNjA1NTkACgkQRObr3Jv2 BVkd9wf/UA9jimcvPC+UQrpIo5NtDwT3BolsbvxYSRF7driadWiGjkYNgwdRJ09+ 0JAd4Arz0YcKbp1mafhV9N4w0hJbqeUgX1c1jM66RU7xIyraSeWotB8DWZx3CMp6 EJb7H5RGD9l96vOGxW2uvY5yrTSstAiXJZvpwDJLySSxknsiTPE8iPlUghrLhIr0 M6WgexvvLXmJ2fkujxwxCDCQ+W4UBOZMDczDctpP0nCMdKK7C3UCi0cLqd1nidPE Xx6NRv5mcUg9Sz2jjHa/6Jesj/0kJI/IeNaDZX5S86bZCRnpJm5m6XFxAHK917f8 d3hTmrQw1SA7VBxw54xv9qGREwtWfg== =NWNs -----END PGP SIGNATURE-----
--UzOU2rTrGryg6cKUjwhzWltAjfQGJZUVt--
|
|
|
|