Debian Security Advisory DSA-4421-1 chromium security update

Package        : chromium
CVE ID         : CVE-2019-5787 CVE-2019-5788 CVE-2019-5789 CVE-2019-5790
                 CVE-2019-5791 CVE-2019-5792 CVE-2019-5793 CVE-2019-5794
                 CVE-2019-5795 CVE-2019-5796 CVE-2019-5797 CVE-2019-5798
                 CVE-2019-5799 CVE-2019-5800 CVE-2019-5802 CVE-2019-5803

Several vulnerabilities have been discovered in the chromium web browser.

CVE-2019-5787

Zhe Jin discovered a use-after-free issue.

CVE-2019-5788

Mark Brand discovered a use-after-free issue in the in the FileAPI
    implementation.

CVE-2019-5789

Mark Brand discovered a use-after-free issue in the in the WebMIDI
    implementation.

CVE-2019-5790

Dimitri Fourny discovered a buffer overflow issue in the v8 javascript
    library.

CVE-2019-5791

Choongwoo Han discovered a type confusion issue in the v8 javascript
    library.

CVE-2019-5792

pdknsk discovered an integer overflow issue in the pdfium library.

CVE-2019-5793

Jun Kokatsu discovered a permissions issue in the Extensions
    implementation.

CVE-2019-5794

Juno Im of Theori discovered a user interface spoofing issue.

CVE-2019-5795

pdknsk discovered an integer overflow issue in the pdfium library.

CVE-2019-5796

Mark Brand discovered a race condition in the Extensions implementation.

CVE-2019-5797

Mark Brand discovered a race condition in the DOMStorage implementation.

CVE-2019-5798

Tran Tien Hung disoceved an out-of-bounds read issue in the skia library.

CVE-2019-5799

sohalt discovered a way to bypass the Content Security Policy.

CVE-2019-5800

Jun Kokatsu discovered a way to bypass the Content Security Policy.

CVE-2019-5802

Ronni Skansing discovered a user interface spoofing issue.

CVE-2019-5803

Andrew Comminos discovered a way to bypass the Content Security Policy.

These problems have been fixed in version 73.0.3683.75-1~deb9u1.

We recommend that you upgrade your chromium packages.

For the detailed security status of chromium please refer to its security tracker page at: https://security-tracker.debian.org/tracker/chromium

Debian Security Advisory DSA-4421-1 chromium security update的更多相关文章

  1. Debian Security Advisory(Debian安全报告) DSA-4416-1 wireshark security update

    Debian Security Advisory(Debian安全报告) DSA-4416-1 wireshark security update Package:wireshark CVE ID : ...

  2. Debian Security Advisory(Debian安全报告) DSA-4415-1 passenger security update

    Debian Security Advisory(Debian安全报告) DSA-4415-1  passenger security update Package : passenger CVE I ...

  3. Debian Security Advisory(Debian安全报告) DSA-4414-1 libapache2-mod-auth-mellon security update

    Debian Security Advisory(Debian安全报告) DSA-4414-1 libapache2-mod-auth-mellon security update Package:l ...

  4. Debian Security Advisory(Debian安全报告) DSA-4412-1 drupal7 security update

    Debian Security Advisory(Debian安全报告) DSA-4412-1 drupal7 security update Package:drupal7 CVE ID:暂无 Dr ...

  5. Debian Security Advisory(Debian安全报告) DSA-4411-1 firefox-esr security update

    Debian Security Advisory(Debian安全报告) DSA-4411-1  firefox-esr security update Package :firefox-esr CV ...

  6. Debian Security Advisory(Debian安全报告) DSA-4410-1 openjdk-8 security update

    Debian Security Advisory(Debian安全报告) DSA-4410-1 openjdk-8 security update Package :openjdk-8 CVE ID: ...

  7. Atlassian - Confluence Security Advisory - 2019-03-20

    -------------------- This problem refers to the advisory found at https://confluence.atlassian.com/d ...

  8. Big Data Analytics for Security(Big Data Analytics for Security Intelligence)

    http://www.infoq.com/articles/bigdata-analytics-for-security This article first appeared in the IEEE ...

  9. Spring Security 入门(1-6-1)Spring Security - 配置文件解析和访问请求处理

    1.在pom.xml中添加maven坐标 <dependency> <groupId>org.springframework.security</groupId> ...

随机推荐

  1. 【内容】MVP 三剑客活动

    最近微软搞了一个活动,叫做三剑客,主旨就是“Cloud+AI本地化社区活动,为微软产品本地化做出自己的贡献”,虽然已是rMVP,但也同样收到的社区经理的来信,本人也报名参加了这个活动,同时给了我三个小 ...

  2. File operations 1

    1:只读(‘r' 和 ’rb'以字节读) f = open('d:\模特主妇护士班主任.txt',mode='r',encoding='UTF-8') content = f.read() print ...

  3. Python之Scripy框架

    为什么要用到cmd界面 --- 在这里操作的是Scripy框架的指令,不是Python代码 Parse --- Scripy的回调函数 fiddler --- 用于爬取JS存储数据的页面 项目: 1. ...

  4. 随机IP

    function rand_ip(){ $ip_longs = array( array('607649792', '608174079'),        //36.56.0.0-36.63.255 ...

  5. 解决Editor.md通过代码块原样输出Emoji被强制解析问题

    Editor.md是一款优秀的开源Markdown 编辑器,在使用中遇到的一些问题和功能改进分享给需要的伙伴. 项目地址 https://github.com/pandao/editor.md 问题 ...

  6. Selenium 4即将发布:每个QA都应该知道的

    阅读原文 Simon Stewart(Selenium的创始成员)在班加罗尔的Selenium大会议上正式确认了Selenium4.0的发布日期和一些主要更新.我们先来提前了解一下Selenium 4 ...

  7. pycharm .sqlite文件拖动到Database里面为空

    pycharm .sqlite文件拖动到Database里面为空 查资料得到解决方法:

  8. think

    https://github.com/crossoverJie/Java-Interview Java-Interview https://github.com/aalansehaiyang/tech ...

  9. python 字典用法

    d = {key1 : value1, key2 : value2 } 1.创建 dict1 = { 'abc': 456 } 2.访问/修改 dict['Name'] 3.删除 del dict[' ...

  10. thinkphp 迁移数据库 -Phinx 简单说明文档

    php think migrate migrate:create Create a new migration ///创建 migrate:rollback Rollback the last or ...