Debian Security Advisory DSA-4421-1 chromium security update

Package        : chromium
CVE ID         : CVE-2019-5787 CVE-2019-5788 CVE-2019-5789 CVE-2019-5790
                 CVE-2019-5791 CVE-2019-5792 CVE-2019-5793 CVE-2019-5794
                 CVE-2019-5795 CVE-2019-5796 CVE-2019-5797 CVE-2019-5798
                 CVE-2019-5799 CVE-2019-5800 CVE-2019-5802 CVE-2019-5803

Several vulnerabilities have been discovered in the chromium web browser.

CVE-2019-5787

Zhe Jin discovered a use-after-free issue.

CVE-2019-5788

Mark Brand discovered a use-after-free issue in the in the FileAPI
    implementation.

CVE-2019-5789

Mark Brand discovered a use-after-free issue in the in the WebMIDI
    implementation.

CVE-2019-5790

Dimitri Fourny discovered a buffer overflow issue in the v8 javascript
    library.

CVE-2019-5791

Choongwoo Han discovered a type confusion issue in the v8 javascript
    library.

CVE-2019-5792

pdknsk discovered an integer overflow issue in the pdfium library.

CVE-2019-5793

Jun Kokatsu discovered a permissions issue in the Extensions
    implementation.

CVE-2019-5794

Juno Im of Theori discovered a user interface spoofing issue.

CVE-2019-5795

pdknsk discovered an integer overflow issue in the pdfium library.

CVE-2019-5796

Mark Brand discovered a race condition in the Extensions implementation.

CVE-2019-5797

Mark Brand discovered a race condition in the DOMStorage implementation.

CVE-2019-5798

Tran Tien Hung disoceved an out-of-bounds read issue in the skia library.

CVE-2019-5799

sohalt discovered a way to bypass the Content Security Policy.

CVE-2019-5800

Jun Kokatsu discovered a way to bypass the Content Security Policy.

CVE-2019-5802

Ronni Skansing discovered a user interface spoofing issue.

CVE-2019-5803

Andrew Comminos discovered a way to bypass the Content Security Policy.

These problems have been fixed in version 73.0.3683.75-1~deb9u1.

We recommend that you upgrade your chromium packages.

For the detailed security status of chromium please refer to its security tracker page at: https://security-tracker.debian.org/tracker/chromium

Debian Security Advisory DSA-4421-1 chromium security update的更多相关文章

  1. Debian Security Advisory(Debian安全报告) DSA-4416-1 wireshark security update

    Debian Security Advisory(Debian安全报告) DSA-4416-1 wireshark security update Package:wireshark CVE ID : ...

  2. Debian Security Advisory(Debian安全报告) DSA-4415-1 passenger security update

    Debian Security Advisory(Debian安全报告) DSA-4415-1  passenger security update Package : passenger CVE I ...

  3. Debian Security Advisory(Debian安全报告) DSA-4414-1 libapache2-mod-auth-mellon security update

    Debian Security Advisory(Debian安全报告) DSA-4414-1 libapache2-mod-auth-mellon security update Package:l ...

  4. Debian Security Advisory(Debian安全报告) DSA-4412-1 drupal7 security update

    Debian Security Advisory(Debian安全报告) DSA-4412-1 drupal7 security update Package:drupal7 CVE ID:暂无 Dr ...

  5. Debian Security Advisory(Debian安全报告) DSA-4411-1 firefox-esr security update

    Debian Security Advisory(Debian安全报告) DSA-4411-1  firefox-esr security update Package :firefox-esr CV ...

  6. Debian Security Advisory(Debian安全报告) DSA-4410-1 openjdk-8 security update

    Debian Security Advisory(Debian安全报告) DSA-4410-1 openjdk-8 security update Package :openjdk-8 CVE ID: ...

  7. Atlassian - Confluence Security Advisory - 2019-03-20

    -------------------- This problem refers to the advisory found at https://confluence.atlassian.com/d ...

  8. Big Data Analytics for Security(Big Data Analytics for Security Intelligence)

    http://www.infoq.com/articles/bigdata-analytics-for-security This article first appeared in the IEEE ...

  9. Spring Security 入门(1-6-1)Spring Security - 配置文件解析和访问请求处理

    1.在pom.xml中添加maven坐标 <dependency> <groupId>org.springframework.security</groupId> ...

随机推荐

  1. Rsync + sersync 实时同步备份

    一      Rsync + Sersync  实时同步介绍 1.Rsync 服务搭建介绍 云机上搭建Rsync server,在本地搭建Rsync Clinet. 2. Sersync 服务搭建介绍 ...

  2. python+selenium运行时,提示元素不可见

    python+selenium运行多次新增项目脚本(出错的元素通过by_id的方式定位),当第三次新增时报Message: element not visible的错误,加入等待时间,等页面加载完成, ...

  3. maven打包如何跳过测试

    Maven打包如何跳过测试?正常来说,不应该这样做,因为测试可以避免很多麻烦排除一些不必要的错误,前提是测试足够规范,这里主要指junit测试,如果junit测试有问题的话,将会直接影响到mvn in ...

  4. Python学习案例之Web版语音合成播报

    前言 语音合成技术能将用户输入的文字,转换成流畅自然的语音输出,并且可以支持语速.音调.音量设置,打破传统文字式人机交互的方式,让人机沟通更自然. 应用场景 将游戏场景中的公告.任务或派单信息通过语音 ...

  5. 零代码第一步,做个添加数据的服务先。node.js + mysql

    node.js + mysql 实现数据添加的功能.万事基于服务! 增删改查之添加数据. 优点:只需要设置一个json文件,就可以实现基本的添加功能,可以视为是零代码. 添加数据的服务实现的功能: 1 ...

  6. (light oj 1102) Problem Makes Problem (组合数 + 乘法逆元)

    题目链接:http://lightoj.com/volume_showproblem.php?problem=1102 As I am fond of making easier problems, ...

  7. iframe 高度自适应

    <iframe id="InputDetail" src style="width:100%"></iframe> <script ...

  8. Java中newInstance()和new()区别

    前言: 最近在看springIOC和AOP是看见代码中很实用newInstance来实例化一个对象,之前对newInstance和new实例化对象的区别很模糊,特意在这里记录一下 一.newInsta ...

  9. Spark2.2 saveAsTable 函数使用 overWrite 设置 Partition 会造成全覆盖的问题

    在使用 CDH 6.0.X 的版本还是自带的是 Spark2.2 的版本,2.2 版本的 Spark 使用 saveAsTable 如果使用overWrite PartitionBy 的功能会有和 h ...

  10. 浅析Java的Object类

    前言:   最近在回顾Java基础,在此过程中,查看源码是少不了的   这里以JDK8以基准,记录一些自己查看源码的观感 Object类,翻阅源码,看看这个类的所在位置,是在 java.lang 包下 ...