RHSA-2019:2427-01 -- Redhat chromium-browser, chromium-browser-debuginfoID: oval:org.secpod.oval:def:505323 | Date: (C)2020-12-31 (M)2022-11-03 |
Class: PATCH | Family: unix |
Chromium is an open-source web browser, powered by WebKit . This update upgrades Chromium to version 76.0.3809.87. Security Fix: * chromium-browser: Use-after-free in offline page fetcher * chromium-browser: Use-after-poison in offline audio context * chromium-browser: Memory corruption in regexp length check * chromium-browser: res: URIs can load alternative browsers * chromium-browser: Use-after-free in PDFium * chromium-browser: Integer overflow in PDFium * chromium-browser: Insufficient checks on filesystem: URI permissions * chromium-browser: Site isolation bypass from compromised renderer * chromium-browser: Object leak of utility functions * chromium-browser: Integer overflow in PDFium text rendering * chromium-browser: Comparison of -0 and null yields crash * chromium-browser: Insufficient filtering of Open URL service parameters * chromium-browser: Click location incorrectly checked * chromium-browser: AppCache not robust to compromised renderers * chromium-browser: Insufficient port filtering in CORS for extensions For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.
Platform: |
Red Hat Enterprise Linux 6 |
Product: |
chromium-browser |
chromium-browser-debuginfo |