MGASA-2020-0078 - Updated chromium-browser-stable packages fix security vulnerability

Publication date: 09 Feb 2020
URL: https://advisories.mageia.org/MGASA-2020-0078.html
Type: security
Affected Mageia releases: 7
CVE: CVE-2019-13725,
     CVE-2019-13726,
     CVE-2019-13727,
     CVE-2019-13728,
     CVE-2019-13729,
     CVE-2019-13730,
     CVE-2019-13732,
     CVE-2019-13734,
     CVE-2019-13735,
     CVE-2019-13736,
     CVE-2019-13737,
     CVE-2019-13738,
     CVE-2019-13739,
     CVE-2019-13740,
     CVE-2019-13741,
     CVE-2019-13742,
     CVE-2019-13743,
     CVE-2019-13744,
     CVE-2019-13745,
     CVE-2019-13746,
     CVE-2019-13747,
     CVE-2019-13748,
     CVE-2019-13749,
     CVE-2019-13750,
     CVE-2019-13751,
     CVE-2019-13752,
     CVE-2019-13753,
     CVE-2019-13754,
     CVE-2019-13755,
     CVE-2019-13756,
     CVE-2019-13757,
     CVE-2019-13758,
     CVE-2019-13759,
     CVE-2019-13761,
     CVE-2019-13762,
     CVE-2019-13763,
     CVE-2019-13764,
     CVE-2019-13767,
     CVE-2020-6377,
     CVE-2020-6378,
     CVE-2020-6379,
     CVE-2020-6380

Multiple flaws were found in the way Chromium 78.0.3904.108 processes
various types of web content, where loading a web page containing
malicious content could cause Chromium to crash, execute arbitrary code,
or disclose sensitive information. (CVE-2019-13725, CVE-2019-13726,
CVE-2019-13727, CVE-2019-13728, CVE-2019-13729, CVE-2019-13730,
CVE-2019-13732, CVE-2019-13734, CVE-2019-13735, CVE-2019-13736,
CVE-2019-13737, CVE-2019-13738, CVE-2019-13739, CVE-2019-13740,
CVE-2019-13741, CVE-2019-13742, CVE-2019-13743, CVE-2019-13744,
CVE-2019-13745, CVE-2019-13746, CVE-2019-13747, CVE-2019-13748,
CVE-2019-13749, CVE-2019-13750, CVE-2019-13751, CVE-2019-13752,
CVE-2019-13753, CVE-2019-13754, CVE-2019-13755, CVE-2019-13756,
CVE-2019-13757, CVE-2019-13758, CVE-2019-13759, CVE-2019-13761,
CVE-2019-13762, CVE-2019-13763, CVE-2019-13764, CVE-2019-13767,
CVE-2020-6377, CVE-2020-6378, CVE-2020-6379, CVE-2020-6380)

References:
- https://bugs.mageia.org/show_bug.cgi?id=26103
- https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html
- https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop_17.html
- https://chromereleases.googleblog.com/2020/01/stable-channel-update-for-desktop.html
- https://chromereleases.googleblog.com/2020/01/stable-channel-update-for-desktop_16.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13725
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13726
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13727
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13728
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13729
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13730
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13732
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13734
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13735
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13736
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13737
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13738
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13739
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13740
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13741
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13742
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13743
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13744
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13745
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13746
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13747
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13748
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13749
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13750
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13751
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13752
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13753
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13754
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13755
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13756
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13757
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13758
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13759
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13761
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13762
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13763
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13764
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13767
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6377
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6378
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6379
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6380

SRPMS:
- 7/core/chromium-browser-stable-79.0.3945.130-1.mga7

Mageia 2020-0078: chromium-browser-stable security update

Multiple flaws were found in the way Chromium 78.0.3904.108 processes various types of web content, where loading a web page containing malicious content could cause Chromium to cr...

Summary

Multiple flaws were found in the way Chromium 78.0.3904.108 processes various types of web content, where loading a web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information. (CVE-2019-13725, CVE-2019-13726, CVE-2019-13727, CVE-2019-13728, CVE-2019-13729, CVE-2019-13730, CVE-2019-13732, CVE-2019-13734, CVE-2019-13735, CVE-2019-13736, CVE-2019-13737, CVE-2019-13738, CVE-2019-13739, CVE-2019-13740, CVE-2019-13741, CVE-2019-13742, CVE-2019-13743, CVE-2019-13744, CVE-2019-13745, CVE-2019-13746, CVE-2019-13747, CVE-2019-13748, CVE-2019-13749, CVE-2019-13750, CVE-2019-13751, CVE-2019-13752, CVE-2019-13753, CVE-2019-13754, CVE-2019-13755, CVE-2019-13756, CVE-2019-13757, CVE-2019-13758, CVE-2019-13759, CVE-2019-13761, CVE-2019-13762, CVE-2019-13763, CVE-2019-13764, CVE-2019-13767, CVE-2020-6377, CVE-2020-6378, CVE-2020-6379, CVE-2020-6380)

References

- https://bugs.mageia.org/show_bug.cgi?id=26103

- https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html

- https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop_17.html

- https://chromereleases.googleblog.com/2020/01/stable-channel-update-for-desktop.html

- https://chromereleases.googleblog.com/2020/01/stable-channel-update-for-desktop_16.html

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13725

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13726

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13727

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13728

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13729

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13730

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13732

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13734

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13735

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13736

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13737

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13738

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13739

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13740

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13741

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13742

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13743

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13744

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13745

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13746

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13747

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13748

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13749

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13750

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13751

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13752

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13753

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13754

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13755

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13756

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13757

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13758

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13759

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13761

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13762

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13763

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13764

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13767

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6377

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6378

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6379

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6380

Resolution

MGASA-2020-0078 - Updated chromium-browser-stable packages fix security vulnerability

SRPMS

- 7/core/chromium-browser-stable-79.0.3945.130-1.mga7

Severity
Publication date: 09 Feb 2020
URL: https://advisories.mageia.org/MGASA-2020-0078.html
Type: security
CVE: CVE-2019-13725, CVE-2019-13726, CVE-2019-13727, CVE-2019-13728, CVE-2019-13729, CVE-2019-13730, CVE-2019-13732, CVE-2019-13734, CVE-2019-13735, CVE-2019-13736, CVE-2019-13737, CVE-2019-13738, CVE-2019-13739, CVE-2019-13740, CVE-2019-13741, CVE-2019-13742, CVE-2019-13743, CVE-2019-13744, CVE-2019-13745, CVE-2019-13746, CVE-2019-13747, CVE-2019-13748, CVE-2019-13749, CVE-2019-13750, CVE-2019-13751, CVE-2019-13752, CVE-2019-13753, CVE-2019-13754, CVE-2019-13755, CVE-2019-13756, CVE-2019-13757, CVE-2019-13758, CVE-2019-13759, CVE-2019-13761, CVE-2019-13762, CVE-2019-13763, CVE-2019-13764, CVE-2019-13767, CVE-2020-6377, CVE-2020-6378, CVE-2020-6379, CVE-2020-6380

Related News

The End of the Road for Linux 6.11: A Call to Upgrade to Kernel 6.12
3 - 5 min read
The Linux kernel community recently issued an EOL announcement regarding the 6.11 kernel series, urging sysadmins to upgrade quickly to 6.12 . This
A Linux Admin
3 - 6 min read
As 2025 approaches, we Linux admins are facing new and often unseen cloud-native security obstacles. While skilled at mitigating known risks,
Leveraging Insights from the Linux Foundation
3 - 5 min read
The Linux Foundation's recent Census III report provides critical insights for Linux administrators, information security professionals, and anyone
Chrome 131 Released: Emergency Security Update Fixes Over a Dozen Significant Vulns
3 - 6 min read
Google recently unveiled a critical security update to their popular web browser, Google Chrome, addressing over a dozen significant security
From Wayland Fixes to Security Boosts: Examining Qt 6.8.1
3 - 6 min read
The recent Qt 6.8.1 release brings significant updates and improvements, strengthening its reputation as a secure and reliable application
Exploring Arch Linux 2024.12.01: Security Implications & Notable Enhancements for Linux Admins
3 - 6 min read
The Arch Linux 2024.12.01 ISO release marks an impressive milestone, offering cutting-edge updates that enhance functionality, streamline
Deck the Halls with Enhanced Security: Linux Kernel 6.13
3 - 5 min read
As Linux admins and infosec professionals prepare for the holiday season, there's much cause for celebration this year! Linus Torvalds recently made
Lessons from Bootkitty: Securing Linux Systems Against UEFI Intrusions
3 - 5 min read
New Linux security threats mark critical junctures that challenge existing policies and test security protocols to their limit. One such milestone

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved