Debian 10261 Published by

A chromium security update has been released for Debian GNU/Linux 10 to address several vulnerabilities in the chromium web browser.



DSA 4911-1: chromium security update



- -------------------------------------------------------------------------
Debian Security Advisory DSA-4911-1 security@debian.org
  https://www.debian.org/security/ Michael Gilbert
May 03, 2021   https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : chromium
CVE ID : CVE-2021-21227 CVE-2021-21228 CVE-2021-21229 CVE-2021-21230
CVE-2021-21231 CVE-2021-21232 CVE-2021-21233

Several vulnerabilities have been discovered in the chromium web browser.

CVE-2021-21227

Gengming Liu discovered a data validation issue in the v8 javascript
library.

CVE-2021-21228

Rob Wu discovered a policy enforcement error.

CVE-2021-21229

Mohit Raj discovered a user interface error in the file downloader.

CVE-2021-21230

Manfred Paul discovered use of an incorrect type.

CVE-2021-21231

Sergei Glazunov discovered a data validation issue in the v8 javascript
library.

CVE-2021-21232

Abdulrahman Alqabandi discovered a use-after-free issue in the developer
tools.

CVE-2021-21233

Omair discovered a buffer overflow issue in the ANGLE library.

For the stable distribution (buster), these problems have been fixed in
version 90.0.4430.93-1~deb10u1.

We recommend that you upgrade your chromium packages.

For the detailed security status of chromium please refer to
its security tracker page at:
  https://security-tracker.debian.org/tracker/chromium

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at:   https://www.debian.org/security/