Lucene search

K
debianDebianDEBIAN:DSA-5046-1:A18C0
HistoryJan 14, 2022 - 7:31 p.m.

[SECURITY] [DSA 5046-1] chromium security update

2022-01-1419:31:45
lists.debian.org
29

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

60.0%


Debian Security Advisory DSA-5046-1 [email protected]
https://www.debian.org/security/ Moritz Muehlenhoff
January 14, 2022 https://www.debian.org/security/faq


Package : chromium
CVE ID : CVE-2021-4052 CVE-2021-4053 CVE-2021-4054 CVE-2021-4055
CVE-2021-4056 CVE-2021-4057 CVE-2021-4058 CVE-2021-4059
CVE-2021-4061 CVE-2021-4062 CVE-2021-4063 CVE-2021-4064
CVE-2021-4065 CVE-2021-4066 CVE-2021-4067 CVE-2021-4068
CVE-2021-4078 CVE-2021-4079 CVE-2021-4098 CVE-2021-4099
CVE-2021-4100 CVE-2021-4101 CVE-2021-4102 CVE-2021-37956
CVE-2021-37957 CVE-2021-37958 CVE-2021-37959 CVE-2021-37961
CVE-2021-37962 CVE-2021-37963 CVE-2021-37964 CVE-2021-37965
CVE-2021-37966 CVE-2021-37967 CVE-2021-37968 CVE-2021-37969
CVE-2021-37970 CVE-2021-37971 CVE-2021-37972 CVE-2021-37973
CVE-2021-37974 CVE-2021-37975 CVE-2021-37976 CVE-2021-37977
CVE-2021-37978 CVE-2021-37979 CVE-2021-37980 CVE-2021-37981
CVE-2021-37982 CVE-2021-37983 CVE-2021-37984 CVE-2021-37985
CVE-2021-37986 CVE-2021-37987 CVE-2021-37988 CVE-2021-37989
CVE-2021-37990 CVE-2021-37991 CVE-2021-37992 CVE-2021-37993
CVE-2021-37994 CVE-2021-37995 CVE-2021-37996 CVE-2021-37997
CVE-2021-37998 CVE-2021-37999 CVE-2021-38000 CVE-2021-38001
CVE-2021-38002 CVE-2021-38003 CVE-2021-38004 CVE-2021-38005
CVE-2021-38006 CVE-2021-38007 CVE-2021-38008 CVE-2021-38009
CVE-2021-38010 CVE-2021-38011 CVE-2021-38012 CVE-2021-38013
CVE-2021-38014 CVE-2021-38015 CVE-2021-38016 CVE-2021-38017
CVE-2021-38018 CVE-2021-38019 CVE-2021-38020 CVE-2021-38021
CVE-2021-38022 CVE-2022-0096 CVE-2022-0097 CVE-2022-0098
CVE-2022-0099 CVE-2022-0100 CVE-2022-0101 CVE-2022-0102
CVE-2022-0103 CVE-2022-0104 CVE-2022-0105 CVE-2022-0106
CVE-2022-0107 CVE-2022-0108 CVE-2022-0109 CVE-2022-0110
CVE-2022-0111 CVE-2022-0112 CVE-2022-0113 CVE-2022-0114
CVE-2022-0115 CVE-2022-0116 CVE-2022-0117 CVE-2022-0118
CVE-2022-0120

Multiple security issues were discovered in Chromium, which could result
in the execution of arbitrary code, denial of service or information
disclosure.

For the oldstable distribution (buster), security support for Chromium
has been discontinued due to toolchain issues which no longer allow to
build current Chromium releases on buster. You can either upgrade to
the stable release (bullseye) or switch to a browser which continues
to receive security supports in buster (firefox-esr or browsers based
on webkit2gtk)

For the stable distribution (bullseye), these problems have been fixed in
version 97.0.4692.71-0.1~deb11u1.

We recommend that you upgrade your chromium packages.

For the detailed security status of chromium please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/chromium

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

60.0%