Updated Chromium-browser packages has been released for Debian GNU/Linux 9
- -------------------------------------------------------------------------Chromium-browser security update for Debian 9
Debian Security Advisory DSA-3985-1 security@debian.org
https://www.debian.org/security/ Michael Gilbert
September 28, 2017 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : chromium-browser
CVE ID : CVE-2017-5111 CVE-2017-5112 CVE-2017-5113 CVE-2017-5114
CVE-2017-5115 CVE-2017-5116 CVE-2017-5117 CVE-2017-5118
CVE-2017-5119 CVE-2017-5120 CVE-2017-5121 CVE-2017-5122
Several vulnerabilities have been discovered in the chromium web browser.
CVE-2017-5111
Luat Nguyen discovered a use-after-free issue in the pdfium library.
CVE-2017-5112
Tobias Klein discovered a buffer overflow issue in the webgl
library.
CVE-2017-5113
A buffer overflow issue was discovered in the skia library.
CVE-2017-5114
Ke Liu discovered a memory issue in the pdfium library.
CVE-2017-5115
Marco Giovannini discovered a type confusion issue in the v8
javascript library.
CVE-2017-5116
Guang Gong discovered a type confusion issue in the v8 javascript
library.
CVE-2017-5117
Tobias Klein discovered an uninitialized value in the skia library.
CVE-2017-5118
WenXu Wu discovered a way to bypass the Content Security Policy.
CVE-2017-5119
Another uninitialized value was discovered in the skia library.
CVE-2017-5120
Xiaoyin Liu discovered a way downgrade HTTPS connections during
redirection.
CVE-2017-5121
Jordan Rabet discovered an out-of-bounds memory access in the v8
javascript library.
CVE-2017-5122
Choongwoo Han discovered an out-of-bounds memory access in the v8
javascript library.
For the stable distribution (stretch), these problems have been fixed in
version 61.0.3163.100-1~deb9u1.
For the testing distribution (buster), these problems will be fixed soon.
For the unstable distribution (sid), these problems have been fixed in
version 61.0.3163.100-1.
We recommend that you upgrade your chromium-browser packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/