Debian Security Advisory DSA-4421-1 chromium security update
Debian Security Advisory DSA-4421-1 chromium security update
Package : chromium
CVE ID : CVE-2019-5787 CVE-2019-5788 CVE-2019-5789 CVE-2019-5790
CVE-2019-5791 CVE-2019-5792 CVE-2019-5793 CVE-2019-5794
CVE-2019-5795 CVE-2019-5796 CVE-2019-5797 CVE-2019-5798
CVE-2019-5799 CVE-2019-5800 CVE-2019-5802 CVE-2019-5803
Several vulnerabilities have been discovered in the chromium web browser.
CVE-2019-5787
Zhe Jin discovered a use-after-free issue.
CVE-2019-5788
Mark Brand discovered a use-after-free issue in the in the FileAPI
implementation.
CVE-2019-5789
Mark Brand discovered a use-after-free issue in the in the WebMIDI
implementation.
CVE-2019-5790
Dimitri Fourny discovered a buffer overflow issue in the v8 javascript
library.
CVE-2019-5791
Choongwoo Han discovered a type confusion issue in the v8 javascript
library.
CVE-2019-5792
pdknsk discovered an integer overflow issue in the pdfium library.
CVE-2019-5793
Jun Kokatsu discovered a permissions issue in the Extensions
implementation.
CVE-2019-5794
Juno Im of Theori discovered a user interface spoofing issue.
CVE-2019-5795
pdknsk discovered an integer overflow issue in the pdfium library.
CVE-2019-5796
Mark Brand discovered a race condition in the Extensions implementation.
CVE-2019-5797
Mark Brand discovered a race condition in the DOMStorage implementation.
CVE-2019-5798
Tran Tien Hung disoceved an out-of-bounds read issue in the skia library.
CVE-2019-5799
sohalt discovered a way to bypass the Content Security Policy.
CVE-2019-5800
Jun Kokatsu discovered a way to bypass the Content Security Policy.
CVE-2019-5802
Ronni Skansing discovered a user interface spoofing issue.
CVE-2019-5803
Andrew Comminos discovered a way to bypass the Content Security Policy.
These problems have been fixed in version 73.0.3683.75-1~deb9u1.
We recommend that you upgrade your chromium packages.
For the detailed security status of chromium please refer to its security tracker page at: https://security-tracker.debian.org/tracker/chromium
Debian Security Advisory DSA-4421-1 chromium security update的更多相关文章
- Debian Security Advisory(Debian安全报告) DSA-4416-1 wireshark security update
Debian Security Advisory(Debian安全报告) DSA-4416-1 wireshark security update Package:wireshark CVE ID : ...
- Debian Security Advisory(Debian安全报告) DSA-4415-1 passenger security update
Debian Security Advisory(Debian安全报告) DSA-4415-1 passenger security update Package : passenger CVE I ...
- Debian Security Advisory(Debian安全报告) DSA-4414-1 libapache2-mod-auth-mellon security update
Debian Security Advisory(Debian安全报告) DSA-4414-1 libapache2-mod-auth-mellon security update Package:l ...
- Debian Security Advisory(Debian安全报告) DSA-4412-1 drupal7 security update
Debian Security Advisory(Debian安全报告) DSA-4412-1 drupal7 security update Package:drupal7 CVE ID:暂无 Dr ...
- Debian Security Advisory(Debian安全报告) DSA-4411-1 firefox-esr security update
Debian Security Advisory(Debian安全报告) DSA-4411-1 firefox-esr security update Package :firefox-esr CV ...
- Debian Security Advisory(Debian安全报告) DSA-4410-1 openjdk-8 security update
Debian Security Advisory(Debian安全报告) DSA-4410-1 openjdk-8 security update Package :openjdk-8 CVE ID: ...
- Atlassian - Confluence Security Advisory - 2019-03-20
-------------------- This problem refers to the advisory found at https://confluence.atlassian.com/d ...
- Big Data Analytics for Security(Big Data Analytics for Security Intelligence)
http://www.infoq.com/articles/bigdata-analytics-for-security This article first appeared in the IEEE ...
- Spring Security 入门(1-6-1)Spring Security - 配置文件解析和访问请求处理
1.在pom.xml中添加maven坐标 <dependency> <groupId>org.springframework.security</groupId> ...
随机推荐
- Java 环境下载设置
本篇文章出处: http://www.cnblogs.com/xiaofeixiang/p/4085159.html 和 https://www.cnblogs.com/renqiqiang/p/68 ...
- 基于CAS在.NET中实现SSO单点登录
单点登录(Single Sign On),简称为 SSO,是目前比较流行的企业业务整合的解决方案之一.SSO的定义是在多个应用系统中,用户只需要登录一次就可以访问所有相互信任的应用系统. 单点登录原理 ...
- eclipse导入maven项目,但无法编译的问题
同事今天从git 导入项目到eclipse 后,发现项目所依赖的包找不到依赖,初步判定是maven的依赖没有导入项目中. 最终发现,在项目中的.classpath 文件加入以下代码即可解决问题. &l ...
- Loj #2331. 「清华集训 2017」某位歌姬的故事
Loj #2331. 「清华集训 2017」某位歌姬的故事 IA 是一名会唱歌的女孩子. IOI2018 就要来了,IA 决定给参赛选手们写一首歌,以表达美好的祝愿.这首歌一共有 \(n\) 个音符, ...
- [已解决]报错:Required request body is missing
问题代码: res = requests.post(getXxxxList_url, headers=headers, data={}) 对象网站: angular4 apache 通过验证 (coo ...
- slice 与 splice 的区别
slice: 定义一个数组:let b = ['a','b','c','d','e'] b:["a", "b", "c", "d& ...
- ssrfme 复现
这道题搞了我很长时间,主要太菜了,开始复现吧 <?php $sandbox = "sandbox/" . md5("orange" . $_SER ...
- 使用Builder模式创建复杂可选参数对象
在新建对象时,若需要对大量可选参数进行赋值,最常见的做法是JavaBeans模式,即调用一个无参构造方法创建对象,然后调用setter方法来设置每个必要的参数,以及每个相关的可选参数.代码示例如下: ...
- NodeJs之服务搭建与数据库连接
NodeJs之服务搭建与数据库连接 一,介绍与需求分析 1.1,介绍 Node.js 是一个基于 Chrome V8 引擎的 JavaScript 运行环境. Node.js 使用了一个事件驱动.非阻 ...
- 时间插件datepicker(jQuery-UI,bootstrap)和jquery-steps的冲突解决。。。
日期插件初始化: $('.prelease_time').flatpickr(); let contentSteps = $("#content_form").steps({ h ...