(RHSA-2019:1477) Important: chromium-browser security update

2019-06-17T11:17:35
ID RHSA-2019:1477
Type redhat
Reporter RedHat
Modified 2019-06-17T11:23:03

Description

Chromium is an open-source web browser, powered by WebKit (Blink).

This update upgrades Chromium to version 75.0.3770.80.

Security Fix(es):

  • chromium-browser: Use after free in ServiceWorker (CVE-2019-5828)

  • chromium-browser: Use after free in Download Manager (CVE-2019-5829)

  • chromium-browser: Incorrectly credentialed requests in CORS (CVE-2019-5830)

  • chromium-browser: Incorrect map processing in V8 (CVE-2019-5831)

  • chromium-browser: Incorrect CORS handling in XHR (CVE-2019-5832)

  • chromium-browser: Inconsistent security UI placement (CVE-2019-5833)

  • chromium-browser: Out of bounds read in Swiftshader (CVE-2019-5835)

  • chromium-browser: Heap buffer overflow in Angle (CVE-2019-5836)

  • chromium-browser: Cross-origin resources size disclosure in Appcache (CVE-2019-5837)

  • chromium-browser: Overly permissive tab access in Extensions (CVE-2019-5838)

  • chromium-browser: Incorrect handling of certain code points in Blink (CVE-2019-5839)

  • chromium-browser: Popup blocker bypass (CVE-2019-5840)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.