RHSA-2020:0514-01 -- Redhat chromium-browser, chromium-browser-debuginfoID: oval:org.secpod.oval:def:505571 | Date: (C)2020-12-30 (M)2023-11-27 |
Class: PATCH | Family: unix |
Chromium is an open-source web browser, powered by WebKit . This update upgrades Chromium to version 80.0.3987.87. Security Fix: * chromium-browser: Integer overflow in JavaScript * chromium-browser: Type Confusion in JavaScript * chromium-browser: Insufficient policy enforcement in storage * chromium-browser: Out of bounds write in WebRTC * chromium-browser: Out of bounds memory access in WebAudio * chromium-browser: Out of bounds write in WebRTC * chromium-browser: Out of bounds memory access in streams * libxslt: use after free in xsltCopyText in transform.c could lead to information disclosure * sqlite: invalid pointer dereference in exprListAppendList in window.c * sqlite: mishandling of certain uses of SELECT DISTINCT involving a LEFT JOIN in flattenSubquery in select.c leads to a NULL pointer dereference * sqlite: zipfileUpdate in ext/misc/zipfile.c mishandles a NULL pathname during an update of a ZIP archive * sqlite: error mishandling because of incomplete fix of CVE-2019-19880 * chromium-browser: Insufficient validation of untrusted input in Blink * chromium-browser: Insufficient policy enforcement in extensions * chromium-browser: Insufficient policy enforcement in Blink * chromium-browser: Insufficient policy enforcement in Blink * chromium-browser: Out of bounds read in JavaScript * chromium-browser: Inappropriate implementation in Skia * chromium-browser: Incorrect security UI in sharing * chromium-browser: Uninitialized use in PDFium * chromium-browser: Insufficient policy enforcement in AppCache * chromium-browser: Inappropriate implementation in CORS * chromium-browser: Insufficient validation of untrusted input in Omnibox * chromium-browser: Insufficient policy enforcement in downloads * chromium-browser: Incorrect security UI in Omnibox * chromium-browser: Inappropriate implementation in Blink * sqlite: Out-of-bounds read in SELECT with ON/USING clause * chromium-browser: Use after free in audio * chromium-browser: Insufficient policy enforcement in CORS * chromium-browser: Inappropriate implementation in Omnibox * chromium-browser: Insufficient policy enforcement in navigation * chromium-browser: Insufficient validation of untrusted input in Omnibox * chromium-browser: Insufficient validation of untrusted input in Omnibox * chromium-browser: Inappropriate implementation in Blink * chromium-browser: Insufficient policy enforcement in Safe Browsing * chromium-browser: Inappropriate implementation in JavaScript * chromium-browser: Insufficient data validation in streams * chromium-browser: Inappropriate implementation in installer For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.
Platform: |
Red Hat Enterprise Linux 6 |
Product: |
chromium-browser |
chromium-browser-debuginfo |