RHSA-2018:0484-01 -- Redhat chromium-browser, chromium-browser-debuginfoID: oval:org.secpod.oval:def:505452 | Date: (C)2021-01-04 (M)2022-06-24 |
Class: PATCH | Family: unix |
Chromium is an open-source web browser, powered by WebKit . This update upgrades Chromium to version 65.0.3325.146. Security Fix: * chromium-browser: incorrect permissions on shared memory * chromium-browser: use-after-free in blink * chromium-browser: race condition in v8 * chromium-browser: heap buffer overflow in skia * chromium-browser: incorrect permissions on shared memory * chromium-browser: type confusion in v8 * chromium-browser: integer overflow in v8 * chromium-browser: same origin bypass via canvas * chromium-browser: buffer overflow in skia * chromium-browser: stack buffer overflow in skia * chromium-browser: csp bypass through extensions * chromium-browser: heap bufffer overflow in skia * chromium-browser: integer overflow in pdfium * chromium-browser: heap bufffer overflow in webgl * chromium-browser: mark-of-the-web bypass * chromium-browser: overly permissive cross origin downloads * chromium-browser: incorrect handling of url fragment identifiers in blink * chromium-browser: timing attack using svg filters * chromium-browser: url spoof in omnibox * chromium-browser: information disclosure via texture data in webgl * chromium-browser: information disclosure in ipc call * chromium-browser: xss in interstitials * chromium-browser: circumvention of port blocking * chromium-browser: incorrect processing of appmanifests For more details about the security issue, including the impact, a CVSS score, and other related information, refer to the CVE page listed in the References section.
Platform: |
Red Hat Enterprise Linux 6 |
Product: |
chromium-browser |
chromium-browser-debuginfo |