(RHSA-2019:1021) Important: chromium-browser security update

2019-05-07T15:56:33
ID RHSA-2019:1021
Type redhat
Reporter RedHat
Modified 2020-06-08T09:21:46

Description

Chromium is an open-source web browser, powered by WebKit (Blink).

This update upgrades Chromium to version 74.0.3729.108.

Security Fix(es):

  • chromium-browser: Use after free in PDFium (CVE-2019-5805)

  • chromium-browser: Integer overflow in Angle (CVE-2019-5806)

  • chromium-browser: Memory corruption in V8 (CVE-2019-5807)

  • chromium-browser: Use after free in Blink (CVE-2019-5808)

  • chromium-browser: Use after free in Blink (CVE-2019-5809)

  • chromium-browser: User information disclosure in Autofill (CVE-2019-5810)

  • chromium-browser: CORS bypass in Blink (CVE-2019-5811)

  • chromium-browser: Out of bounds read in V8 (CVE-2019-5813)

  • chromium-browser: CORS bypass in Blink (CVE-2019-5814)

  • chromium-browser: Heap buffer overflow in Blink (CVE-2019-5815)

  • chromium-browser: Uninitialized value in media reader (CVE-2019-5818)

  • chromium-browser: Incorrect escaping in developer tools (CVE-2019-5819)

  • chromium-browser: Integer overflow in PDFium (CVE-2019-5820)

  • chromium-browser: Integer overflow in PDFium (CVE-2019-5821)

  • chromium-browser: CORS bypass in download manager (CVE-2019-5822)

  • chromium-browser: Forced navigation from service worker (CVE-2019-5823)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.