Headline
Debian Security Advisory 5359-1
Debian Linux Security Advisory 5359-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5359-1 [email protected]://www.debian.org/security/ Moritz MuehlenhoffFebruary 23, 2023 https://www.debian.org/security/faq- -------------------------------------------------------------------------Package : chromiumCVE ID : CVE-2023-0927 CVE-2023-0928 CVE-2023-0929 CVE-2023-0930 CVE-2023-0931 CVE-2023-0932 CVE-2023-0933 CVE-2023-0941Multiple security issues were discovered in Chromium, which could resultin the execution of arbitrary code, denial of service or informationdisclosure.For the stable distribution (bullseye), these problems have been fixed inversion 110.0.5481.177-1~deb11u1.We recommend that you upgrade your chromium packages.For the detailed security status of chromium please refer toits security tracker page at:https://security-tracker.debian.org/tracker/chromiumFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: [email protected] PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmP34kwACgkQEMKTtsN8TjZFwhAAk2JqYKeasa9sMSwiBcpaz+HBtIimsS/ue/TIddRuwcUwpif2qSF+QyL6ac1Wc/jIwW4F7OY9d5Ww8AkvGnxcdzt9dI+g3lPUDByqYJutWahICxm6ZBxrY2ms0NbTYK4hzFBVyobfnQF/EzOGLpyarauFTjBW1sbtCSFnXYeMHd5+rpw5bYTx5JZPoG2fGHuAcXE2CoKGm41tqzegYdKrv33eID3EB91ne/oMqTp4/q1QEVeZiQ0JdRPHq8fJG+FOdPdU3K/eROkkxvakd+QCTcGetKONQ0HFkr43BLP8EAMBAbg4Ds+zaJ+xgenHusSrN+Q7MQraYgqZ6DInzrJXBeeXSu9zm+iwEpJXuerQv3iYDn0o75gzL+qtoh31mePFB6jihIgHo0adqu6upNedFGe+YY1RuJuYWlw2cvjagdaSgotuGbNirXXDYUlQMA82eu+d3yv1hexkbCNQGykGOmuF7J2O+Vwb34Hf6MlDAxrdOuaEcxw8siOsa/MhXKYT1nmxASizffo2mmk/HJatqoTQXtxOWaVIv2Q/ySCc9WsESCRzh1J1gjf8+RH3T/O6T1EfM5oKi4bEZMhcxPhM+ue2DpBxVIB1qPDlOOsqQeLfaBwdcqmeXIl+pZhQBsB9A6okzNfoktEKUysQkKRlTPSl9QCQpd/cdVCwFMfXWA0==4fPc-----END PGP SIGNATURE-----
Related news
Gentoo Linux Security Advisory 202309-17 - Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions greater than or equal to 113.0.5672.126 are affected.
Ubuntu Security Notice 5949-1 - It was discovered that Chromium could be made to write out of bounds in several components. A remote attacker could possibly use this issue to corrupt memory via a crafted HTML page, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that Chromium contained an integer overflow in the PDF component. A remote attacker could possibly use this issue to corrupt memory via a crafted PDF file, resulting in a denial of service, or possibly execute arbitrary code.
Use after free in WebRTC in Google Chrome on Windows prior to 110.0.5481.177 allowed a remote attacker who convinced the user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Integer overflow in PDF in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium)
Use after free in Prompts in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)