[SECURITY] [DSA 4917-1] chromium security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4917-1 security@debian.org
https://www.debian.org/security/ Michael Gilbert
May 17, 2021 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : chromium
CVE ID : CVE-2021-30506 CVE-2021-30507 CVE-2021-30508 CVE-2021-30509
CVE-2021-30510 CVE-2021-30511 CVE-2021-30512 CVE-2021-30513
CVE-2021-30514 CVE-2021-30515 CVE-2021-30516 CVE-2021-30517
CVE-2021-30518 CVE-2021-30519 CVE-2021-30520
Several vulnerabilities have been discovered in the chromium web browser.
CVE-2021-30506
@retsew0x01 discovered an error in the Web App installation interface.
CVE-2021-30507
Alison Huffman discovered an error in the Offline mode.
CVE-2021-30508
Leecraso and Guang Gong discovered a buffer overflow issue in the Media
Feeds implementation.
CVE-2021-30509
David Erceg discovered an out-of-bounds write issue in the Tab Strip
implementation.
CVE-2021-30510
Weipeng Jiang discovered a race condition in the aura window manager.
CVE-2021-30511
David Erceg discovered an out-of-bounds read issue in the Tab Strip
implementation.
CVE-2021-30512
ZhanJia Song discovered a use-after-free issue in the notifications
implementation.
CVE-2021-30513
Man Yue Mo discovered an incorrect type in the v8 javascript library.
CVE-2021-30514
koocola and Wang discovered a use-after-free issue in the Autofill
feature.
CVE-2021-30515
Rong Jian and Guang Gong discovered a use-after-free issue in the file
system access API.
CVE-2021-30516
ZhanJia Song discovered a buffer overflow issue in the browsing history.
CVE-2021-30517
Jun Kokatsu discovered a buffer overflow issue in the reader mode.
CVE-2021-30518
laural discovered use of an incorrect type in the v8 javascript library.
CVE-2021-30519
asnine discovered a use-after-free issue in the Payments feature.
CVE-2021-30520
Khalil Zhani discovered a use-after-free issue in the Tab Strip
implementation.
For the stable distribution (buster), these problems have been fixed in
version 90.0.4430.212-1~deb10u1.
We recommend that you upgrade your chromium packages.
For the detailed security status of chromium please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/chromium
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQQzBAEBCgAdFiEEIwTlZiOEpzUxIyp4mD40ZYkUaygFAmCjKigACgkQmD40ZYkU
aygutiAAoTR+pOTfxVWYgdzkPI4z5VSeoFm6nWmE2UhB+yowe7MSczx69hJ9O0DF
c+KyNJkolgkOA6Vu8oywbYhikIj5wSVhFwq3CuAE8IGyDF2T1qNeGiVfXyzO1VHK
r/3zSLZIa7vvRL3/Znb+lhGbrXCAgMEDizzztvIVuZq9vnV6oYDpBVCaSCmk2nBv
AUcuRkBiYp3WEKwOs3N3LJ96WwcObjXUEIyioGXMyczJDRNSN5M7m65A8dlogAvx
tHNipgcMcMU08sAR3Zrw6AwKDqQRaq0tuDmgf85cLDKKAWpJgA8UQQe5l6NJPjlB
WQ0ZvJwO4U2oTKjb7kLBSkZsnqeXqor44Hi+2hcW+4ZhL55N9Cq0rjzeNyUbi5Bl
sGnWrpgg6llIh0e40g6Niq47/1fUMHtiCHrqvn0/lkdpWQ3UvPHV+efWPe1KpIaT
vhq7ja/wS/zIr4glVIvzXprV9vJH1dKcPB/dukdb2jZWBeEF4Dj7GqP+hHMpqR1x
KodWOsInNC+aqiPb6r5VCMpm3l1KxiI8bdTzhPz5cmSlb3n/DuDlGq2bmjA02FGy
2u19R1S7bQbn8yUOB5KGwYnWNVdYo6VugEkfCEnmc0D3ev5LWx9fdqunrZhqWfeZ
izWG5WfutUmIeZ2+SqdFdGUC50ZSCppdnH2Nmc31QvpZfDy2WQk/FtieyCKRm3D1
Oo1rD4GHbw+WCJfQbmSIwit0AZJVG5hyIOComzojMMQdFyihv5N59sZ2LHBOFl3r
J67x9cdPcNCHIKE+hmvnLcf2N+GPSM4PTFyibs5cmUMlsiNnInQVcizV6a25nY8X
iiI7OoG3W+hHcxY3hcl8nHrI/KiQ/ji7yY1bzjfmjR7uEMKhNQz3GH7XAdGo7B5+
HDPg/UH/euXRl+1Gwco6sY5k6Zs/Fl2VdFVFBiqtqd8RO1wltC4XK1JrEKHp3L3d
mADBUgOZHWRNcVNvCLwO59/9hmViQMhwRh1M7Lh1EqhDCfCOuN+2f/rexPDPB7a8
hu9fn4e18Aexc9naqr/JpJxYL+zfbDJgy04ms/2iqR94mQVFd/ON7DtNgfnkfbCB
HXInjHkzTpCxFw8otbPIY2A9aXH1PeT1jNB6oQWF0cJv8WpSw4AV1xU3GaPw323g
4eG0BJ9RlR3cpfvcOQEdvZoaOvZdIgPGM2TvcbHPTjQ7kXYaFlYyCsA7jpwE4aWW
WnYkiY4it9vZi2kmoYNOZbnB7m/w1AA5JmLBkXaNLTHDLU/Lm8YodPirDM9gjae5
3HZLZnmjjZHC0swahD8J8D0XfxwZvonee07pEFKhbL+/pjbs2TeSivOhIwTp9VVo
7KROY+DZ08ZtOkS8mIsHy91+Uh+Wlg==
=7EHh
-----END PGP SIGNATURE-----
Reply to: