Several vulnerabilities have been discovered in the chromium web browser. CVE-2018-16065 Brendon Tiszka discovered an out-of-bounds write issue in the v8 javascript library. CVE-2018-16066 cloudfuzzer discovered an out-of-bounds read issue in blink/webkit. CVE-2018-16067 Zhe Jin discovered an out-of-bounds read issue in the WebAudio implementation. CVE-2018-16068 Mark Brand discovered an out-of-bounds write issue in the Mojo message passing library. CVE-2018-16069 Mark Brand discovered an out-of-bounds read issue in the swiftshader library. CVE-2018-16070 Ivan Fratric discovered an integer overflow issue in the skia library. CVE-2018-16071 Natalie Silvanovich discovered a use-after-free issue in the WebRTC implementation. CVE-2018-16073 Jun Kokatsu discovered an error in the Site Isolation feature when restoring browser tabs. CVE-2018-16074 Jun Kokatsu discovered an error in the Site Isolation feature when using a Blob URL. CVE-2018-16075 Pepe Vila discovered an error that could allow remote sites to access local files. CVE-2018-16076 Aseksandar Nikolic discovered an out-of-bounds read issue in the pdfium library. CVE-2018-16077 Manuel Caballero discovered a way to bypass the Content Security Policy. CVE-2018-16078 Cailan Sacks discovered that the Autofill feature could leak saved credit card information. CVE-2018-16079 Markus Vervier and Michele Orrù discovered a URL spoofing issue. CVE-2018-16080 Khalil Zhani discovered a URL spoofing issue. CVE-2018-16081 Jann Horn discovered that local files could be accessed in the developer tools. CVE-2018-16082 Omair discovered a buffer overflow issue in the swiftshader library. CVE-2018-16083 Natalie Silvanovich discovered an out-of-bounds read issue in the WebRTC implementation. CVE-2018-16084 Jun Kokatsu discovered a way to bypass a user confirmation dialog. CVE-2018-16085 Roman Kuksin discovered a use-after-free issue. For the stable distribution (stretch), these problems have been fixed in version 69.0.3497.81-1~deb9u1. We recommend that you upgrade your chromium-browser packages. For the detailed security status of chromium-browser please refer to its security tracker page at: https://security-tracker.debian.org/tracker/chromium-browser
Several vulnerabilities have been discovered in the chromium web browser.
Brendon Tiszka discovered an out-of-bounds write issue in the v8 javascript library.
cloudfuzzer discovered an out-of-bounds read issue in blink/webkit.
Zhe Jin discovered an out-of-bounds read issue in the WebAudio implementation.
Mark Brand discovered an out-of-bounds write issue in the Mojo message passing library.
Mark Brand discovered an out-of-bounds read issue in the swiftshader library.
Ivan Fratric discovered an integer overflow issue in the skia library.
Natalie Silvanovich discovered a use-after-free issue in the WebRTC implementation.
Jun Kokatsu discovered an error in the Site Isolation feature when restoring browser tabs.
Jun Kokatsu discovered an error in the Site Isolation feature when using a Blob URL.
Pepe Vila discovered an error that could allow remote sites to access local files.
Aseksandar Nikolic discovered an out-of-bounds read issue in the pdfium library.
Manuel Caballero discovered a way to bypass the Content Security Policy.
Cailan Sacks discovered that the Autofill feature could leak saved credit card information.
Markus Vervier and Michele Orrù discovered a URL spoofing issue.
Khalil Zhani discovered a URL spoofing issue.
Jann Horn discovered that local files could be accessed in the developer tools.
Omair discovered a buffer overflow issue in the swiftshader library.
Natalie Silvanovich discovered an out-of-bounds read issue in the WebRTC implementation.
Jun Kokatsu discovered a way to bypass a user confirmation dialog.
Roman Kuksin discovered a use-after-free issue.
For the stable distribution (stretch), these problems have been fixed in version 69.0.3497.81-1~deb9u1.
We recommend that you upgrade your chromium-browser packages.
For the detailed security status of chromium-browser please refer to its security tracker page at: https://security-tracker.debian.org/tracker/chromium-browser