Several vulnerabilities have been discovered in the chromium web browser. CVE-2017-5087 Ned Williamson discovered a way to escape the sandbox. CVE-2017-5088 Xiling Gong discovered an out-of-bounds read issue in the v8 javascript library. CVE-2017-5089 Michal Bentkowski discovered a spoofing issue. CVE-2017-5091 Ned Williamson discovered a use-after-free issue in IndexedDB. CVE-2017-5092 Yu Zhou discovered a use-after-free issue in PPAPI. CVE-2017-5093 Luan Herrera discovered a user interface spoofing issue. CVE-2017-5094 A type confusion issue was discovered in extensions. CVE-2017-5095 An out-of-bounds write issue was discovered in the pdfium library. CVE-2017-5097 An out-of-bounds read issue was discovered in the skia library. CVE-2017-5098 Jihoon Kim discovered a use-after-free issue in the v8 javascript library. CVE-2017-5099 Yuan Deng discovered an out-of-bounds write issue in PPAPI. CVE-2017-5100 A use-after-free issue was discovered in Chrome Apps. CVE-2017-5101 Luan Herrera discovered a URL spoofing issue. CVE-2017-5102 An uninitialized variable was discovered in the skia library. CVE-2017-5103 Another uninitialized variable was discovered in the skia library. CVE-2017-5104 Khalil Zhani discovered a user interface spoofing issue. CVE-2017-5105 Rayyan Bijoora discovered a URL spoofing issue. CVE-2017-5106 Jack Zac discovered a URL spoofing issue. CVE-2017-5107 David Kohlbrenner discovered an information leak in SVG file handling. CVE-2017-5108 Guang Gong discovered a type confusion issue in the pdfium library. CVE-2017-5109 Jose Maria Acuna Morgado discovered a user interface spoofing issue. CVE-2017-5110 xisigr discovered a way to spoof the payments dialog. CVE-2017-7000 Chaitin Security Research Lab discovered an information disclosure issue in the sqlite library. For the stable distribution (stretch), these problems have been fixed in version 60.0.3112.78-1~deb9u1. For the unstable distribution (sid), these problems have been fixed in version 60.0.3112.78-1 or earlier versions. We recommend that you upgrade your chromium-browser packages.
Several vulnerabilities have been discovered in the chromium web browser.
Ned Williamson discovered a way to escape the sandbox.
Xiling Gong discovered an out-of-bounds read issue in the v8 javascript library.
Michal Bentkowski discovered a spoofing issue.
Ned Williamson discovered a use-after-free issue in IndexedDB.
Yu Zhou discovered a use-after-free issue in PPAPI.
Luan Herrera discovered a user interface spoofing issue.
A type confusion issue was discovered in extensions.
An out-of-bounds write issue was discovered in the pdfium library.
An out-of-bounds read issue was discovered in the skia library.
Jihoon Kim discovered a use-after-free issue in the v8 javascript library.
Yuan Deng discovered an out-of-bounds write issue in PPAPI.
A use-after-free issue was discovered in Chrome Apps.
Luan Herrera discovered a URL spoofing issue.
An uninitialized variable was discovered in the skia library.
Another uninitialized variable was discovered in the skia library.
Khalil Zhani discovered a user interface spoofing issue.
Rayyan Bijoora discovered a URL spoofing issue.
Jack Zac discovered a URL spoofing issue.
David Kohlbrenner discovered an information leak in SVG file handling.
Guang Gong discovered a type confusion issue in the pdfium library.
Jose Maria Acuna Morgado discovered a user interface spoofing issue.
xisigr discovered a way to spoof the payments dialog.
Chaitin Security Research Lab discovered an information disclosure issue in the sqlite library.
For the stable distribution (stretch), these problems have been fixed in version 60.0.3112.78-1~deb9u1.
For the unstable distribution (sid), these problems have been fixed in version 60.0.3112.78-1 or earlier versions.
We recommend that you upgrade your chromium-browser packages.