Headline
Debian Security Advisory 5546-1
Debian Linux Security Advisory 5546-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Debian Security Advisory DSA-5546-1 [email protected]
https://www.debian.org/security/ Andres Salomon
November 02, 2023 https://www.debian.org/security/faq
Package : chromium
CVE ID : CVE-2023-5480 CVE-2023-5482 CVE-2023-5849 CVE-2023-5850
CVE-2023-5851 CVE-2023-5852 CVE-2023-5853 CVE-2023-5854
CVE-2023-5855 CVE-2023-5856 CVE-2023-5857 CVE-2023-5858
CVE-2023-5859
Multiple security issues were discovered in Chromium, which could result
in the execution of arbitrary code, denial of service or information
disclosure.
For the oldstable distribution (bullseye), these problems have been fixed
in version 119.0.6045.105-1~deb11u1.
For the stable distribution (bookworm), these problems have been fixed in
version 119.0.6045.105-1~deb12u1.
We recommend that you upgrade your chromium packages.
For the detailed security status of chromium please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/chromium
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: [email protected]
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmVFF04ACgkQZF0CR8Nu
djdzWhAAwLgUKUHw7DKsOlj52comEvShKoVSVrMM34ZDpcIizK/MtkQm/d7GsOU2
D6AV6pI4vjR7mlbFiN9l99VIGF919iFsQdXdrq+49m/YafFVV3Q2EMagvhDRFRoF
DJLtNml9gaWgvLoN77Uh0HShpoSWpVc9cXq8w+Xq8mpu+c9dkzquigY0Q0VWZqOs
munuVIouMH7RhhCAiL+uJ67f1rDW49OEFvcFTyGWrdzpAgWP61u9Zq3iC4S9ovZP
UprMUQt6+1wDH3/Mp020/Ln1XhCXfnlsvjXAmpygegbRttJAHwWPTyfvX0+ZdZ2h
uLqDcF7EEtox+mZfLdVJZZVJyYugsGO5tqRk8psc77o1eW3BTaOgdSUYoereOm6O
/47UJvpqQYRSjN52/FTGHAkXJhjOQHi0/BzSwXsi1szeNbAAUUThhSa6tXev0eTN
xgW5xwP40gHScHEzla4rXnM/uyE/cRwBzyiocMQJi3eOREAyMGxUktruRehCSUS1
GtUzWmFOlwtMIDPuzfK2ZJE1iv4stkfzcZtwfpHKiCkqY5fmkeSNrhVP8PmsK0bk
kGW9AHnsLpYJj1MGNuIaGF1AxcWT6n3DrkUU7X/0ETxpA+2EVIrzgkikuq8mFfHe
iEoBHpVeY3/iF1coGhHLFhSRD1OHECJ7ydU46Ji9fPH9tqcmTb0=
=/Wn5
-----END PGP SIGNATURE-----
Related news
Gentoo Linux Security Advisory 202401-34 - Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. Versions greater than or equal to 120.0.6099.109 are affected.
Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.
Plus: Major security patches from Microsoft, Mozilla, Atlassian, Cisco, and more.
Gentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.
Inappropriate implementation in WebApp Provider in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Low)
Incorrect security UI in Picture In Picture in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted local HTML page. (Chromium security severity: Low)
Use after free in Profiles in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium)