RHSA-2018:3004-01 -- Redhat chromium-browser, chromium-browser-debuginfoID: oval:org.secpod.oval:def:505370 | Date: (C)2021-01-04 (M)2024-01-29 |
Class: PATCH | Family: unix |
Chromium is an open-source web browser, powered by WebKit . This update upgrades Chromium to version 70.0.3538.67. Security Fix: * chromium-browser: Sandbox escape in AppCache * chromium-browser: Remote code execution in V8 * chromium-browser: URL spoof in Omnibox * chromium-browser: Use after free in V8 * chromium-browser: Memory corruption in Angle * lcms2: Integer overflow in AllocateDataSet in cmscgats.c leading to heap-based buffer overflow * chromium-browser: URL spoof in Omnibox * chromium-browser: Cross-origin URL disclosure in Blink * chromium-browser: Heap buffer overflow in PDFium * chromium-browser: Memory corruption in GPU Internals * chromium-browser: Security UI occlusion in full screen mode * chromium-browser: URL spoof in Omnibox * chromium-browser: Use after free in Blink * chromium-browser: Lack of limits on update in ServiceWorker * chromium-browser: URL spoof in Omnibox * chromium-browser: Security UI occlusion in full screen mode * chromium-browser: UI spoof in Extensions For more details about the security issue, including the impact, a CVSS score, and other related information, refer to the CVE page listed in the References section.
Platform: |
Red Hat Enterprise Linux 6 |
Product: |
chromium-browser |
chromium-browser-debuginfo |