Several vulnerabilities have been discovered in the chromium web browser. CVE-2017-5111 Luat Nguyen discovered a use-after-free issue in the pdfium library. CVE-2017-5112 Tobias Klein discovered a buffer overflow issue in the webgl library. CVE-2017-5113 A buffer overflow issue was discovered in the skia library. CVE-2017-5114 Ke Liu discovered a memory issue in the pdfium library. CVE-2017-5115 Marco Giovannini discovered a type confusion issue in the v8 javascript library. CVE-2017-5116 Guang Gong discovered a type confusion issue in the v8 javascript library. CVE-2017-5117 Tobias Klein discovered an uninitialized value in the skia library. CVE-2017-5118 WenXu Wu discovered a way to bypass the Content Security Policy. CVE-2017-5119 Another uninitialized value was discovered in the skia library. CVE-2017-5120 Xiaoyin Liu discovered a way downgrade HTTPS connections during redirection. CVE-2017-5121 Jordan Rabet discovered an out-of-bounds memory access in the v8 javascript library. CVE-2017-5122 Choongwoo Han discovered an out-of-bounds memory access in the v8 javascript library. For the stable distribution (stretch), these problems have been fixed in version 61.0.3163.100-1~deb9u1. For the testing distribution (buster), these problems will be fixed soon. For the unstable distribution (sid), these problems have been fixed in version 61.0.3163.100-1. We recommend that you upgrade your chromium-browser packages.
Several vulnerabilities have been discovered in the chromium web browser.
Luat Nguyen discovered a use-after-free issue in the pdfium library.
Tobias Klein discovered a buffer overflow issue in the webgl library.
A buffer overflow issue was discovered in the skia library.
Ke Liu discovered a memory issue in the pdfium library.
Marco Giovannini discovered a type confusion issue in the v8 javascript library.
Guang Gong discovered a type confusion issue in the v8 javascript library.
Tobias Klein discovered an uninitialized value in the skia library.
WenXu Wu discovered a way to bypass the Content Security Policy.
Another uninitialized value was discovered in the skia library.
Xiaoyin Liu discovered a way downgrade HTTPS connections during redirection.
Jordan Rabet discovered an out-of-bounds memory access in the v8 javascript library.
Choongwoo Han discovered an out-of-bounds memory access in the v8 javascript library.
For the stable distribution (stretch), these problems have been fixed in version 61.0.3163.100-1~deb9u1.
For the testing distribution (buster), these problems will be fixed soon.
For the unstable distribution (sid), these problems have been fixed in version 61.0.3163.100-1.
We recommend that you upgrade your chromium-browser packages.