Headline
Debian Security Advisory 5569-1
Debian Linux Security Advisory 5569-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256- -------------------------------------------------------------------------Debian Security Advisory DSA-5569-1 [email protected]://www.debian.org/security/ Andres SalomonNovember 30, 2023 https://www.debian.org/security/faq- -------------------------------------------------------------------------Package : chromiumCVE ID : CVE-2023-6345 CVE-2023-6346 CVE-2023-6347 CVE-2023-6348 CVE-2023-6350 CVE-2023-6351Multiple security issues were discovered in Chromium, which could resultin the execution of arbitrary code, denial of service or informationdisclosure.For the oldstable distribution (bullseye), these problems have been fixedin version 119.0.6045.199-1~deb11u1.For the stable distribution (bookworm), these problems have been fixed inversion 119.0.6045.199-1~deb12u1.We recommend that you upgrade your chromium packages.For the detailed security status of chromium please refer toits security tracker page at:https://security-tracker.debian.org/tracker/chromiumFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: [email protected] PGP SIGNATURE-----iQIzBAEBCAAdFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmVouqQACgkQZF0CR8Nudjdmtg//WecYaNpTK78jbWWKXpBZaX5w5XN4gbYH5ky4g1uuyi/ux2U17ynh0b0Q50j5iX4g3obOch8BwNxLDIvsjNoWL30LU6DeiDVBfOP+w+sjMQLUDwI0YU6jW2kYyLnrOUUYEECEE7lIEnMogxVN/o4JESfleShgEgAlDayHfuL4BxwgiqsIM8PZgCVSCtrDamNBbLE7X9FXHPb32mcqUXYh5WoSIPjgo45pOWlUCSizMXBQ47BCm8iuQq38TCIscfvZhjwF7bWrP8NHRimFd1RnQtbQpLsKufJBllnHby7mM1U2+jUq8GIKHpFy2jTQ6q42x5P65H0q6MxOelDkAmdMMOBt68vVgvZ8zIgmpb5/RoIzZNtioPUkpmzFal5/vHTbE1dmIuylffnPOoM4wF16xG6Fs61HuhRWZscrBCflkIuL3UF7Y3rdIyGdyV7Unm2X8fkhVJ00PKg+qC2E73udBYFfTDlvrh8uHf68x12OrmOuNkd6JdNocCnW/se9wVFqLjtyzew//aXC2D3STuyfGMgt9LnGWJDqJx7Lbr+Fp1BCPYPNkinobkjEKKyvx9unR8tM14K16Pf+84xSX/FKpQagcSZ/koqeUjyJ0QpNUC1IuOMrRNgmW6PspLehwd3WExRnclzCsKuE7oNtla8Rjsap3bOGrfBOVeqYA1FjieI==Qn+X-----END PGP SIGNATURE-----Related news
Hello everyone! It has been 3 months since the last episode. I spent most of this time improving my Vulristics project. So in this episode, let’s take a look at what’s been done. Alternative video link (for Russia): https://vk.com/video-149273431_456239139 Also, let’s take a look at the Microsoft Patch Tuesdays vulnerabilities, Linux Patch Wednesdays vulnerabilities and […]
Gentoo Linux Security Advisory 202401-34 - Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. Versions greater than or equal to 120.0.6099.109 are affected.
Google has rolled out security updates for the Chrome web browser to address a high-severity zero-day flaw that it said has been exploited in the wild. The vulnerability, assigned the CVE identifier CVE-2023-7024, has been described as a heap-based buffer overflow bug in the WebRTC framework that could be exploited to result in program crashes or arbitrary code execution. Clément
Apple has released software updates for iOS, iPadOS, macOS, and Safari web browser to address two security flaws that it said have come under active exploitation in the wild on older versions of its software. The vulnerabilities, both of which reside in the WebKit web browser engine, are described below - CVE-2023-42916 - An out-of-bounds read issue that could be exploited to
Plus: Major security patches from Microsoft, Mozilla, Atlassian, Cisco, and more.
Plus: Major security patches from Microsoft, Mozilla, Atlassian, Cisco, and more.
Plus: Major security patches from Microsoft, Mozilla, Atlassian, Cisco, and more.
Google's released an update to Chrome which includes seven security fixes. Make sure you're using the latest version!
The vulnerability is among a rapidly growing number of zero-day bugs that major browser vendors have reported recently.
Use after free in libavif in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted avif file. (Chromium security severity: High)
Google has rolled out security updates to fix seven security issues in its Chrome browser, including a zero-day that has come under active exploitation in the wild. Tracked as CVE-2023-6345, the high-severity vulnerability has been described as an integer overflow bug in Skia, an open source 2D graphics library. Benoît Sevens and Clément Lecigne of Google's Threat Analysis Group (TAG) have been