RHSA-2019:0708-01 -- Redhat chromium-browser, chromium-browser-debuginfoID: oval:org.secpod.oval:def:505575 | Date: (C)2020-12-31 (M)2024-02-19 |
Class: PATCH | Family: unix |
Chromium is an open-source web browser, powered by WebKit . This update upgrades Chromium to version 73.0.3683.75. Security Fix: * chromium-browser: Use after free in Canvas * chromium-browser: Use after free in FileAPI * chromium-browser: Use after free in WebMIDI * chromium-browser: Heap buffer overflow in V8 * chromium-browser: Type confusion in V8 * chromium-browser: Integer overflow in PDFium * chromium-browser: Excessive permissions for private API in Extensions * chromium-browser: Security UI spoofing * chromium-browser: Integer overflow in PDFium * chromium-browser: Race condition in Extensions * chromium-browser: Race condition in DOMStorage * chromium-browser: Out of bounds read in Skia * chromium-browser: CSP bypass with blob URL * chromium-browser: CSP bypass with blob URL * chromium-browser: Security UI spoofing * chromium-browser: CSP bypass with Javascript URLs For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.
Platform: |
Red Hat Enterprise Linux 6 |
Product: |
chromium-browser |
chromium-browser-debuginfo |