Debian Security Advisory DSA-4421-1 chromium security update

Package        : chromium
CVE ID         : CVE-2019-5787 CVE-2019-5788 CVE-2019-5789 CVE-2019-5790
                 CVE-2019-5791 CVE-2019-5792 CVE-2019-5793 CVE-2019-5794
                 CVE-2019-5795 CVE-2019-5796 CVE-2019-5797 CVE-2019-5798
                 CVE-2019-5799 CVE-2019-5800 CVE-2019-5802 CVE-2019-5803

Several vulnerabilities have been discovered in the chromium web browser.

CVE-2019-5787

Zhe Jin discovered a use-after-free issue.

CVE-2019-5788

Mark Brand discovered a use-after-free issue in the in the FileAPI
    implementation.

CVE-2019-5789

Mark Brand discovered a use-after-free issue in the in the WebMIDI
    implementation.

CVE-2019-5790

Dimitri Fourny discovered a buffer overflow issue in the v8 javascript
    library.

CVE-2019-5791

Choongwoo Han discovered a type confusion issue in the v8 javascript
    library.

CVE-2019-5792

pdknsk discovered an integer overflow issue in the pdfium library.

CVE-2019-5793

Jun Kokatsu discovered a permissions issue in the Extensions
    implementation.

CVE-2019-5794

Juno Im of Theori discovered a user interface spoofing issue.

CVE-2019-5795

pdknsk discovered an integer overflow issue in the pdfium library.

CVE-2019-5796

Mark Brand discovered a race condition in the Extensions implementation.

CVE-2019-5797

Mark Brand discovered a race condition in the DOMStorage implementation.

CVE-2019-5798

Tran Tien Hung disoceved an out-of-bounds read issue in the skia library.

CVE-2019-5799

sohalt discovered a way to bypass the Content Security Policy.

CVE-2019-5800

Jun Kokatsu discovered a way to bypass the Content Security Policy.

CVE-2019-5802

Ronni Skansing discovered a user interface spoofing issue.

CVE-2019-5803

Andrew Comminos discovered a way to bypass the Content Security Policy.

These problems have been fixed in version 73.0.3683.75-1~deb9u1.

We recommend that you upgrade your chromium packages.

For the detailed security status of chromium please refer to its security tracker page at: https://security-tracker.debian.org/tracker/chromium

Debian Security Advisory DSA-4421-1 chromium security update的更多相关文章

  1. Debian Security Advisory(Debian安全报告) DSA-4416-1 wireshark security update

    Debian Security Advisory(Debian安全报告) DSA-4416-1 wireshark security update Package:wireshark CVE ID : ...

  2. Debian Security Advisory(Debian安全报告) DSA-4415-1 passenger security update

    Debian Security Advisory(Debian安全报告) DSA-4415-1  passenger security update Package : passenger CVE I ...

  3. Debian Security Advisory(Debian安全报告) DSA-4414-1 libapache2-mod-auth-mellon security update

    Debian Security Advisory(Debian安全报告) DSA-4414-1 libapache2-mod-auth-mellon security update Package:l ...

  4. Debian Security Advisory(Debian安全报告) DSA-4412-1 drupal7 security update

    Debian Security Advisory(Debian安全报告) DSA-4412-1 drupal7 security update Package:drupal7 CVE ID:暂无 Dr ...

  5. Debian Security Advisory(Debian安全报告) DSA-4411-1 firefox-esr security update

    Debian Security Advisory(Debian安全报告) DSA-4411-1  firefox-esr security update Package :firefox-esr CV ...

  6. Debian Security Advisory(Debian安全报告) DSA-4410-1 openjdk-8 security update

    Debian Security Advisory(Debian安全报告) DSA-4410-1 openjdk-8 security update Package :openjdk-8 CVE ID: ...

  7. Atlassian - Confluence Security Advisory - 2019-03-20

    -------------------- This problem refers to the advisory found at https://confluence.atlassian.com/d ...

  8. Big Data Analytics for Security(Big Data Analytics for Security Intelligence)

    http://www.infoq.com/articles/bigdata-analytics-for-security This article first appeared in the IEEE ...

  9. Spring Security 入门(1-6-1)Spring Security - 配置文件解析和访问请求处理

    1.在pom.xml中添加maven坐标 <dependency> <groupId>org.springframework.security</groupId> ...

随机推荐

  1. cmd黑客入侵命令大全

    nbtstat -A ip 对方136到139其中一个端口开了的话,就可查看对方最近登陆的用户名(03前的为用户名)-注意:参数-A要大写 tracert -参数 ip(或计算机名) 跟踪路由(数据包 ...

  2. Navicat Premium 12.1.16.0安装与激活

    声明:本文所提供的所有软件均来自于互联网,仅供个人研究和学习使用,请勿用于商业用途,下载后请于24小时内删除,请支持正版! 本文介绍Navicat Premium 12的安装.激活与基本使用.已于20 ...

  3. Vue的基础使用

    渐进式的前端框架 vue react augular 作者: 尤雨溪 facebook 谷歌公司 前端框架和库的区别 功能上的不同: jquery库:包含DOM(操作DOM)+请求,就是一块功能. a ...

  4. MySQL操作(备份很重要)

    文档一: --修改用户密码的命令 mysqladmin -uroot -proot123 password mysql123 --登录mysql数据库的命令 mysql -uroot -proot12 ...

  5. 03-三层交换机的OSPF实验

    三层交换机的OSPF实验 1.OSPF介绍 开放式最短路径优先(英语:Open Shortest Path First,缩写为 OSPF)是对链路状态路由协议的一种实现,隶属内部网关协议(IGP),故 ...

  6. VSCode python 遇到的问题:vscode can't open file '<unprintable file name>': [Errno 2] No such file or directory

    代码很简单,就两行: import pandas as pd import netCDF4 as nc dataset = nc.Dataset('20150101.nc') 环境:在VSCode中左 ...

  7. Python进阶11---异常及模块化

    异常处理 异常Exception 产生异常

  8. vue中怎么全局引入sass文件

    1.添加依赖 npm install sass-resources-loader --save-dev 2.修改build/utils.js scss: generateLoaders('sass') ...

  9. CentOS7使用yum安装MySQL8.0

    1.yum仓库下载MySQL:sudo yum localinstall https://repo.mysql.com//mysql80-community-release-el7-1.noarch. ...

  10. Java 学习体系结构

    一. JavaWEB 阶段课程体系结构 java se基础学习 二 .JavaWEB 阶段课程体系结构 第一阶段:前端开发阶段 1 HTML   2 CSS JS    3JS    4 JQuery ...