1. Home
  2. Security Advisories
  3. Red Hat
  4. RHSA-2019:0708

[RHSA-2019:0708] chromium-browser security update

Severity Important
Affected Packages 2
CVEs 16
Info Packages References Vulnerabilities

Chromium is an open-source web browser, powered by WebKit (Blink).

This update upgrades Chromium to version 73.0.3683.75.

Security Fix(es):

  • chromium-browser: Use after free in Canvas (CVE-2019-5787)

  • chromium-browser: Use after free in FileAPI (CVE-2019-5788)

  • chromium-browser: Use after free in WebMIDI (CVE-2019-5789)

  • chromium-browser: Heap buffer overflow in V8 (CVE-2019-5790)

  • chromium-browser: Type confusion in V8 (CVE-2019-5791)

  • chromium-browser: Integer overflow in PDFium (CVE-2019-5792)

  • chromium-browser: Excessive permissions for private API in Extensions (CVE-2019-5793)

  • chromium-browser: Security UI spoofing (CVE-2019-5794)

  • chromium-browser: Integer overflow in PDFium (CVE-2019-5795)

  • chromium-browser: Race condition in Extensions (CVE-2019-5796)

  • chromium-browser: Race condition in DOMStorage (CVE-2019-5797)

  • chromium-browser: Out of bounds read in Skia (CVE-2019-5798)

  • chromium-browser: CSP bypass with blob URL (CVE-2019-5799)

  • chromium-browser: CSP bypass with blob URL (CVE-2019-5800)

  • chromium-browser: Security UI spoofing (CVE-2019-5802)

  • chromium-browser: CSP bypass with Javascript URLs (CVE-2019-5803)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Package Affected Version
pkg:rpm/redhat/chromium-browser?arch=x86_64&distro=redhat-6.10 < 73.0.3683.75-1.el6_10
pkg:rpm/redhat/chromium-browser?arch=i686&distro=redhat-6.10 < 73.0.3683.75-1.el6_10
ID
RHSA-2019:0708
Severity
important
URL
https://access.redhat.com/errata/RHSA-2019:0708
Published
2019-04-08T00:00:00
(5 years ago)
Modified
2019-04-08T00:00:00
(5 years ago)
Rights
Copyright 2019 Red Hat, Inc.
Other Advisories
Source # ID Name URL
Bugzilla 1688189 https://bugzilla.redhat.com/1688189
Bugzilla 1688190 https://bugzilla.redhat.com/1688190
Bugzilla 1688191 https://bugzilla.redhat.com/1688191
Bugzilla 1688192 https://bugzilla.redhat.com/1688192
Bugzilla 1688193 https://bugzilla.redhat.com/1688193
Bugzilla 1688194 https://bugzilla.redhat.com/1688194
Bugzilla 1688195 https://bugzilla.redhat.com/1688195
Bugzilla 1688196 https://bugzilla.redhat.com/1688196
Bugzilla 1688197 https://bugzilla.redhat.com/1688197
Bugzilla 1688198 https://bugzilla.redhat.com/1688198
Bugzilla 1688199 https://bugzilla.redhat.com/1688199
Bugzilla 1688200 https://bugzilla.redhat.com/1688200
Bugzilla 1688201 https://bugzilla.redhat.com/1688201
Bugzilla 1688202 https://bugzilla.redhat.com/1688202
Bugzilla 1688204 https://bugzilla.redhat.com/1688204
Bugzilla 1688205 https://bugzilla.redhat.com/1688205
RHSA RHSA-2019:0708 https://access.redhat.com/errata/RHSA-2019:0708
CVE CVE-2019-5787 https://access.redhat.com/security/cve/CVE-2019-5787
CVE CVE-2019-5788 https://access.redhat.com/security/cve/CVE-2019-5788
CVE CVE-2019-5789 https://access.redhat.com/security/cve/CVE-2019-5789
CVE CVE-2019-5790 https://access.redhat.com/security/cve/CVE-2019-5790
CVE CVE-2019-5791 https://access.redhat.com/security/cve/CVE-2019-5791
CVE CVE-2019-5792 https://access.redhat.com/security/cve/CVE-2019-5792
CVE CVE-2019-5793 https://access.redhat.com/security/cve/CVE-2019-5793
CVE CVE-2019-5794 https://access.redhat.com/security/cve/CVE-2019-5794
CVE CVE-2019-5795 https://access.redhat.com/security/cve/CVE-2019-5795
CVE CVE-2019-5796 https://access.redhat.com/security/cve/CVE-2019-5796
CVE CVE-2019-5797 https://access.redhat.com/security/cve/CVE-2019-5797
CVE CVE-2019-5798 https://access.redhat.com/security/cve/CVE-2019-5798
CVE CVE-2019-5799 https://access.redhat.com/security/cve/CVE-2019-5799
CVE CVE-2019-5800 https://access.redhat.com/security/cve/CVE-2019-5800
CVE CVE-2019-5802 https://access.redhat.com/security/cve/CVE-2019-5802
CVE CVE-2019-5803 https://access.redhat.com/security/cve/CVE-2019-5803
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/redhat/chromium-browser?arch=x86_64&distro=redhat-6.10 redhat chromium-browser < 73.0.3683.75-1.el6_10 redhat-6.10 x86_64
Affected pkg:rpm/redhat/chromium-browser?arch=i686&distro=redhat-6.10 redhat chromium-browser < 73.0.3683.75-1.el6_10 redhat-6.10 i686
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date