• [SECURITY] [DSA 4911-1] chromium security update

    From Michael Gilbert@21:1/5 to All on Tue May 4 05:20:01 2021
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-4911-1 security@debian.org https://www.debian.org/security/ Michael Gilbert
    May 03, 2021 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : chromium
    CVE ID : CVE-2021-21227 CVE-2021-21228 CVE-2021-21229 CVE-2021-21230
    CVE-2021-21231 CVE-2021-21232 CVE-2021-21233

    Several vulnerabilities have been discovered in the chromium web browser.

    CVE-2021-21227

    Gengming Liu discovered a data validation issue in the v8 javascript
    library.

    CVE-2021-21228

    Rob Wu discovered a policy enforcement error.

    CVE-2021-21229

    Mohit Raj discovered a user interface error in the file downloader.

    CVE-2021-21230

    Manfred Paul discovered use of an incorrect type.

    CVE-2021-21231

    Sergei Glazunov discovered a data validation issue in the v8 javascript
    library.

    CVE-2021-21232

    Abdulrahman Alqabandi discovered a use-after-free issue in the developer
    tools.

    CVE-2021-21233

    Omair discovered a buffer overflow issue in the ANGLE library.

    For the stable distribution (buster), these problems have been fixed in
    version 90.0.4430.93-1~deb10u1.

    We recommend that you upgrade your chromium packages.

    For the detailed security status of chromium please refer to
    its security tracker page at: https://security-tracker.debian.org/tracker/chromium

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQQzBAEBCgAdFiEEIwTlZiOEpzUxIyp4mD40ZYkUaygFAmCQuj8ACgkQmD40ZYkU ayhE0h/9Hs+mYCsZjlxPeksnlzdz/G1wWx/4XSLhAAItYsx38dJQ4ctK0s8LO3IL Qc07rLC6YG+z2iJ3rwkv1DAwCFfheTw4+3RS1/or2Fs+oOmnxvBECxwskL+gdibT FWTmDD3oRsQ4XgV+N8xhEFjJA3iWESnG2gdBbYJuKZVR1uFQQqfVoQTJrpdJyz+u K3hAtLvkCb4Pl5Fxg0BUaLp4rERlqcwpvolQ8iodEl9nNgWJ/qFKcIcFrsDsXyk5 oAAlqmnFTWDbaCJsi0QTu2JrlsvsTJ7TcfaZiVY0eTxLhZlUNQL500b9dAMm+8DH qHPpb67mJprWRL09G4jzkuIbDhASA9p+detMECFm9pMtvwgJ6AnYA2iGww69B+/E HGSO/5jxJvy+rWwXLtD8w9yV7facZZhBWQTgmT1cOFFFsneJ/L/cWnSVyTVKW4pK hrIbC3oPib8n9eIP0M2cexrLWzHuJLygncir8AvBNmmVX/VrY2DKk9b/tV9kXhmm CO4MlHQ+TkhpA9zq2ZhgJqo/oUU5lZXZJoODZ0i8W41eIC4v/vcazQOH3HeH3Waa 4F0QDe5JB7yoDJF2riS2nhwV23YqGqazWAX2nWnxwlYCbniQvZ62g1Ej2lYS6e5y p8XrfSQlhqCuRIX8AZt1a3RNXif1QmyBjjTGmM0raRs4NIjccy3dhxx6/SUgOhxI BoHa5m2OH7brneA/ZCIjB3aoOUSIbtxOZhp6PcZNw4yL1VlRit9gZqqn5hG/f+JF Xtm2OwQhYQl8pOvbmbcZcM7V/Gr2sXqJX8ZmrUMHnDQZbxFnBcyb+nAo0/AYnELV gr9uQEHGvlj/6z9CclGPosHW6RiGtRnRuDE56b57DsD+j5w6TjP09puyb6D+miPu yM4CVvOhYii+3/gSVs4kXbmsZMqmAf1qN9cd5rgkRmdkWc68EivdEZuYMUEjjisv TpsVEgOhnMmnbki74lU7vA3L1nhtoVs8st00uJnh2De/iOnDSmPfDzq1+TWvGHLq veO5CmWbl88fJETovXNXv4x+Z+9IDZOLktMyKB/hsv9QbVSL8K5hpelTa5DBegh+ DbofTY+c4DFvDiyasMof1IXbBo8bQTkCmvV2BELUsFhCYkMo+hWzxeey/yfu1ir1 tDfhH7ZJ+EP8gHbKelu7AlQFTQS5aQJSNGDKEFj8bAoa7s5xdYvh/tx8nksfn/WT aU904mnD9m5dr6OXuHDPvy1fUFIhgD4liJaC620i0/lEyjPR3fkzs450+NDKWgiV yj0C9HPB1ZhdLkWQ4bIhk16li557xoavByzze4WIvzY8+wICadWIGcqdUV5cYJgk 5BrzG4OQKjdRNEHQqbbOMWOjhwHf6w==
    =EvIG
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)