Debian Security Advisory DSA-4421-1 chromium security update

Package        : chromium
CVE ID         : CVE-2019-5787 CVE-2019-5788 CVE-2019-5789 CVE-2019-5790
                 CVE-2019-5791 CVE-2019-5792 CVE-2019-5793 CVE-2019-5794
                 CVE-2019-5795 CVE-2019-5796 CVE-2019-5797 CVE-2019-5798
                 CVE-2019-5799 CVE-2019-5800 CVE-2019-5802 CVE-2019-5803

Several vulnerabilities have been discovered in the chromium web browser.

CVE-2019-5787

Zhe Jin discovered a use-after-free issue.

CVE-2019-5788

Mark Brand discovered a use-after-free issue in the in the FileAPI
    implementation.

CVE-2019-5789

Mark Brand discovered a use-after-free issue in the in the WebMIDI
    implementation.

CVE-2019-5790

Dimitri Fourny discovered a buffer overflow issue in the v8 javascript
    library.

CVE-2019-5791

Choongwoo Han discovered a type confusion issue in the v8 javascript
    library.

CVE-2019-5792

pdknsk discovered an integer overflow issue in the pdfium library.

CVE-2019-5793

Jun Kokatsu discovered a permissions issue in the Extensions
    implementation.

CVE-2019-5794

Juno Im of Theori discovered a user interface spoofing issue.

CVE-2019-5795

pdknsk discovered an integer overflow issue in the pdfium library.

CVE-2019-5796

Mark Brand discovered a race condition in the Extensions implementation.

CVE-2019-5797

Mark Brand discovered a race condition in the DOMStorage implementation.

CVE-2019-5798

Tran Tien Hung disoceved an out-of-bounds read issue in the skia library.

CVE-2019-5799

sohalt discovered a way to bypass the Content Security Policy.

CVE-2019-5800

Jun Kokatsu discovered a way to bypass the Content Security Policy.

CVE-2019-5802

Ronni Skansing discovered a user interface spoofing issue.

CVE-2019-5803

Andrew Comminos discovered a way to bypass the Content Security Policy.

These problems have been fixed in version 73.0.3683.75-1~deb9u1.

We recommend that you upgrade your chromium packages.

For the detailed security status of chromium please refer to its security tracker page at: https://security-tracker.debian.org/tracker/chromium

Debian Security Advisory DSA-4421-1 chromium security update的更多相关文章

  1. Debian Security Advisory(Debian安全报告) DSA-4416-1 wireshark security update

    Debian Security Advisory(Debian安全报告) DSA-4416-1 wireshark security update Package:wireshark CVE ID : ...

  2. Debian Security Advisory(Debian安全报告) DSA-4415-1 passenger security update

    Debian Security Advisory(Debian安全报告) DSA-4415-1  passenger security update Package : passenger CVE I ...

  3. Debian Security Advisory(Debian安全报告) DSA-4414-1 libapache2-mod-auth-mellon security update

    Debian Security Advisory(Debian安全报告) DSA-4414-1 libapache2-mod-auth-mellon security update Package:l ...

  4. Debian Security Advisory(Debian安全报告) DSA-4412-1 drupal7 security update

    Debian Security Advisory(Debian安全报告) DSA-4412-1 drupal7 security update Package:drupal7 CVE ID:暂无 Dr ...

  5. Debian Security Advisory(Debian安全报告) DSA-4411-1 firefox-esr security update

    Debian Security Advisory(Debian安全报告) DSA-4411-1  firefox-esr security update Package :firefox-esr CV ...

  6. Debian Security Advisory(Debian安全报告) DSA-4410-1 openjdk-8 security update

    Debian Security Advisory(Debian安全报告) DSA-4410-1 openjdk-8 security update Package :openjdk-8 CVE ID: ...

  7. Atlassian - Confluence Security Advisory - 2019-03-20

    -------------------- This problem refers to the advisory found at https://confluence.atlassian.com/d ...

  8. Big Data Analytics for Security(Big Data Analytics for Security Intelligence)

    http://www.infoq.com/articles/bigdata-analytics-for-security This article first appeared in the IEEE ...

  9. Spring Security 入门(1-6-1)Spring Security - 配置文件解析和访问请求处理

    1.在pom.xml中添加maven坐标 <dependency> <groupId>org.springframework.security</groupId> ...

随机推荐

  1. Windows中通过命令行启动打开Service 管理工具

    经常需要打开Services 管理工具操控Service 的启动,停止. 通过控制面板 --> 管理工具 -->Service  太慢. 学到一个快捷方式. windows + R  启动 ...

  2. windows10下安装kali子系统

    写在前面 为什么我会想到在窗下装一个卡利 作为一个小白,平时做CTF题的时候,有时会用到python2.7环境(比如一些脚本需要,还有窗户下用的SqlMap的话,好像只支持在python2.7,之前被 ...

  3. 浅析C#中new、override、virtual关键字的区别

    Virtual : virtual 关键字用于修饰方法.属性.索引器或事件声明,并使它们可以在派生类中被重写. 默认情况下,方法是非虚拟的.不能重写非虚方法. virtual 修饰符不能与 stati ...

  4. Jenkins-2.154 windows平台部署 FAQ

    部署过程中遇到的问题及解决办法如下 1.如何将 Jenkins 汉化? 1.进入系统管理 -> 插件管理 -> 选中“可选插件” 标签 -> 在过滤条件中输入“local”进行查找插 ...

  5. Kafka Frequently Asked Questions

    This is intended to be an easy to understand FAQ on the topic of Kafka. One part is for beginners, o ...

  6. Pycharm 常用快捷键

    常用快捷键 快捷键 功能 Ctrl + Q 快速查看文档 Ctrl + F1 显示错误描述或警告信息 Ctrl + / 行注释(可选中多行) Ctrl + Alt + L 代码格式化 Ctrl + A ...

  7. Vue的基础使用

    渐进式的前端框架 vue react augular 作者: 尤雨溪 facebook 谷歌公司 前端框架和库的区别 功能上的不同: jquery库:包含DOM(操作DOM)+请求,就是一块功能. a ...

  8. js一些梳理

    浏览器组成 1.Shell部分2.内核内核的组成 1.渲染引擎 负责页面显示 2.JS引擎 3. 其他模块主流内核介绍 >> * Trident(IE内核) >> * Geck ...

  9. c#使用资源文件完成国际化

    路径结构如下 namespace UnitTestProject1 { [TestClass] public class UnitTest1 { [TestMethod] public void Te ...

  10. SpringCloud---网关概念、Zuul项目搭建(六)

    SpringCloud---网关概念.Zuul项目搭建(六) 一.网关概念 1.什么是路由网关 网关是系统的唯一对外的入口,介于客户端和服务器端之间的中间层,处理非业务功能 提供路由请求.鉴权.监控. ...