RHSA-2020:3377-01 -- Redhat chromium-browser, chromium-browser-debuginfoID: oval:org.secpod.oval:def:505398 | Date: (C)2020-12-30 (M)2024-02-19 |
Class: PATCH | Family: unix |
Chromium is an open-source web browser, powered by WebKit . This update upgrades Chromium to version 84.0.4147.105. Security Fix: * chromium-browser: Heap buffer overflow in background fetch * chromium-browser: Side-channel information leakage in content security policy * chromium-browser: Type Confusion in V8 * chromium-browser: Heap buffer overflow in PDFium * chromium-browser: Inappropriate implementation in WebRTC * chromium-browser: Use after free in tab strip * chromium-browser: Policy bypass in CORS * chromium-browser: Heap buffer overflow in history * chromium-browser: Use after free in SCTP * chromium-browser: Type Confusion in V8 * chromium-browser: Inappropriate implementation in WebView * chromium-browser: Use after free in CSS * chromium-browser: Heap buffer overflow in Skia * chromium-browser: Use after free in WebUSB * chromium-browser: Use after free in developer tools * chromium-browser: Policy bypass in CSP * chromium-browser: Heap buffer overflow in Skia * chromium-browser: Side-channel information leakage in autofill * chromium-browser: Inappropriate implementation in external protocol handlers * chromium-browser: Out of bounds write in Skia * chromium-browser: Heap buffer overflow in WebAudio * chromium-browser: Heap buffer overflow in Skia * chromium-browser: Inappropriate implementation in iframe sandbox * chromium-browser: Insufficient policy enforcement in CSP * chromium-browser: Incorrect security UI in basic auth * chromium-browser: Inappropriate implementation in WebRTC * chromium-browser: Out of bounds memory access in developer tools * chromium-browser: Side-channel information leakage in scroll to text * chromium-browser: Type Confusion in V8 * chromium-browser: Heap buffer overflow in WebRTC * chromium-browser: Insufficient data validation in WebUI * chromium-browser: Incorrect security UI in PWAs For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.
Platform: |
Red Hat Enterprise Linux 6 |
Product: |
chromium-browser |
chromium-browser-debuginfo |