Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Important: chromium-browser security update

Related Vulnerabilities: CVE-2017-5057   CVE-2017-5058   CVE-2017-5059   CVE-2017-5060   CVE-2017-5061   CVE-2017-5062   CVE-2017-5063   CVE-2017-5064   CVE-2017-5065   CVE-2017-5066   CVE-2017-5067   CVE-2017-5069   CVE-2017-5057   CVE-2017-5058   CVE-2017-5059   CVE-2017-5060   CVE-2017-5061   CVE-2017-5062   CVE-2017-5063   CVE-2017-5064   CVE-2017-5065   CVE-2017-5066   CVE-2017-5067   CVE-2017-5069  

Source

Synopsis

Important: chromium-browser security update

Type/Severity

Security Advisory: Important

Topic

An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Chromium is an open-source web browser, powered by WebKit (Blink).

This update upgrades Chromium to version 58.0.3029.81.

Security Fix(es):

  • Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim. (CVE-2017-5057, CVE-2017-5058, CVE-2017-5059, CVE-2017-5060, CVE-2017-5061, CVE-2017-5062, CVE-2017-5063, CVE-2017-5064, CVE-2017-5065, CVE-2017-5066, CVE-2017-5067, CVE-2017-5069)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the update, Chromium must be restarted for the changes to take effect.

Affected Products

  • Red Hat Enterprise Linux Server 6 x86_64
  • Red Hat Enterprise Linux Server 6 i386
  • Red Hat Enterprise Linux Workstation 6 x86_64
  • Red Hat Enterprise Linux Workstation 6 i386
  • Red Hat Enterprise Linux Desktop 6 x86_64
  • Red Hat Enterprise Linux Desktop 6 i386

Fixes

  • BZ - 1443835 - CVE-2017-5057 chromium-browser: type confusion in pdfium
  • BZ - 1443836 - CVE-2017-5058 chromium-browser: heap use after free in print preview
  • BZ - 1443837 - CVE-2017-5059 chromium-browser: type confusion in blink
  • BZ - 1443838 - CVE-2017-5060 chromium-browser: url spoofing in omnibox
  • BZ - 1443839 - CVE-2017-5061 chromium-browser: url spoofing in omnibox
  • BZ - 1443840 - CVE-2017-5062 chromium-browser: use after free in chrome apps
  • BZ - 1443841 - CVE-2017-5063 chromium-browser: heap overflow in skia
  • BZ - 1443845 - CVE-2017-5064 chromium-browser: use after free in blink
  • BZ - 1443847 - CVE-2017-5065 chromium-browser: incorrect ui in blink
  • BZ - 1443848 - CVE-2017-5066 chromium-browser: incorrect signature handing in networking
  • BZ - 1443849 - CVE-2017-5067 chromium-browser: url spoofing in omnibox
  • BZ - 1443850 - CVE-2017-5069 chromium-browser: cross-origin bypass in blink

CVEs

References

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started