Security
Headlines
HeadlinesLatestCVEs

Headline

Debian Security Advisory 5569-1

Debian Linux Security Advisory 5569-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Packet Storm
#linux#debian#dos#js#chrome#sap
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256- -------------------------------------------------------------------------Debian Security Advisory DSA-5569-1                   [email protected]://www.debian.org/security/                           Andres SalomonNovember 30, 2023                     https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : chromiumCVE ID         : CVE-2023-6345 CVE-2023-6346 CVE-2023-6347 CVE-2023-6348                  CVE-2023-6350 CVE-2023-6351Multiple security issues were discovered in Chromium, which could resultin the execution of arbitrary code, denial of service or informationdisclosure.For the oldstable distribution (bullseye), these problems have been fixedin version 119.0.6045.199-1~deb11u1.For the stable distribution (bookworm), these problems have been fixed inversion 119.0.6045.199-1~deb12u1.We recommend that you upgrade your chromium packages.For the detailed security status of chromium please refer toits security tracker page at:https://security-tracker.debian.org/tracker/chromiumFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: [email protected] PGP SIGNATURE-----iQIzBAEBCAAdFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmVouqQACgkQZF0CR8Nudjdmtg//WecYaNpTK78jbWWKXpBZaX5w5XN4gbYH5ky4g1uuyi/ux2U17ynh0b0Q50j5iX4g3obOch8BwNxLDIvsjNoWL30LU6DeiDVBfOP+w+sjMQLUDwI0YU6jW2kYyLnrOUUYEECEE7lIEnMogxVN/o4JESfleShgEgAlDayHfuL4BxwgiqsIM8PZgCVSCtrDamNBbLE7X9FXHPb32mcqUXYh5WoSIPjgo45pOWlUCSizMXBQ47BCm8iuQq38TCIscfvZhjwF7bWrP8NHRimFd1RnQtbQpLsKufJBllnHby7mM1U2+jUq8GIKHpFy2jTQ6q42x5P65H0q6MxOelDkAmdMMOBt68vVgvZ8zIgmpb5/RoIzZNtioPUkpmzFal5/vHTbE1dmIuylffnPOoM4wF16xG6Fs61HuhRWZscrBCflkIuL3UF7Y3rdIyGdyV7Unm2X8fkhVJ00PKg+qC2E73udBYFfTDlvrh8uHf68x12OrmOuNkd6JdNocCnW/se9wVFqLjtyzew//aXC2D3STuyfGMgt9LnGWJDqJx7Lbr+Fp1BCPYPNkinobkjEKKyvx9unR8tM14K16Pf+84xSX/FKpQagcSZ/koqeUjyJ0QpNUC1IuOMrRNgmW6PspLehwd3WExRnclzCsKuE7oNtla8Rjsap3bOGrfBOVeqYA1FjieI==Qn+X-----END PGP SIGNATURE-----

Related news

November 2023 – January 2024: New Vulristics Features, 3 Months of Microsoft Patch Tuesdays and Linux Patch Wednesdays, Year 2023 in Review

Hello everyone! It has been 3 months since the last episode. I spent most of this time improving my Vulristics project. So in this episode, let’s take a look at what’s been done. Alternative video link (for Russia): https://vk.com/video-149273431_456239139 Also, let’s take a look at the Microsoft Patch Tuesdays vulnerabilities, Linux Patch Wednesdays vulnerabilities and […]

Gentoo Linux Security Advisory 202401-34

Gentoo Linux Security Advisory 202401-34 - Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. Versions greater than or equal to 120.0.6099.109 are affected.

Urgent: New Chrome Zero-Day Vulnerability Exploited in the Wild - Update ASAP

Google has rolled out security updates for the Chrome web browser to address a high-severity zero-day flaw that it said has been exploited in the wild. The vulnerability, assigned the CVE identifier CVE-2023-7024, has been described as a heap-based buffer overflow bug in the WebRTC framework that could be exploited to result in program crashes or arbitrary code execution. Clément

Zero-Day Alert: Apple Rolls Out iOS, macOS, and Safari Patches for 2 Actively Exploited Flaws

Apple has released software updates for iOS, iPadOS, macOS, and Safari web browser to address two security flaws that it said have come under active exploitation in the wild on older versions of its software. The vulnerabilities, both of which reside in the WebKit web browser engine, are described below - CVE-2023-42916 - An out-of-bounds read issue that could be exploited to

Update now! Chrome fixes actively exploited zero-day vulnerability

Google's released an update to Chrome which includes seven security fixes. Make sure you're using the latest version!

Google Patches Another Chrome Zero-Day as Browser Attacks Mount

The vulnerability is among a rapidly growing number of zero-day bugs that major browser vendors have reported recently.

CVE-2023-6351: Stable Channel Update for Desktop

Use after free in libavif in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted avif file. (Chromium security severity: High)

Zero-Day Alert: Google Chrome Under Active Attack, Exploiting New Vulnerability

Google has rolled out security updates to fix seven security issues in its Chrome browser, including a zero-day that has come under active exploitation in the wild. Tracked as CVE-2023-6345, the high-severity vulnerability has been described as an integer overflow bug in Skia, an open source 2D graphics library. Benoît Sevens and Clément Lecigne of Google's Threat Analysis Group (TAG) have been

Packet Storm: Latest News

Zeek 6.0.9