openSUSE-SU-2019:1666

https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html

https://crbug.com/939239

FEDORA-2019-a1af621faf

FEDORA-2019-8fb8240d14

GLSA-201908-18

The remote host is affected by the vulnerability described in GLSA-201908-18 (Chromium, Google Chrome: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Chromium and Google       Chrome. Please review the referenced CVE identifiers and Google Chrome       Releases for details.
  Impact :

    Please review the referenced CVE identifiers for details.
  Workaround :

    There is no known workaround at this time.

Fix itinerant crashes.

----

Update to Chromium 75.0.3770.100. The usual pile of bugs and CVE fixes. vaapi support disabled, just too broken. :(

Fixes CVE-2019-5805 CVE-2019-5806 CVE-2019-5807 CVE-2019-5808 CVE-2019-5809 CVE-2019-5810 CVE-2019-5811 CVE-2019-5813 CVE-2019-5814 CVE-2019-5815 CVE-2019-5818 CVE-2019-5819 CVE-2019-5820 CVE-2019-5821 CVE-2019-5822 CVE-2019-5824 CVE-2019-5825 CVE-2019-5826 CVE-2019-5827 CVE-2019-5828 CVE-2019-5829 CVE-2019-5830 CVE-2019-5831 CVE-2019-5832 CVE-2019-5833 CVE-2019-5834 CVE-2019-5835 CVE-2019-5836 CVE-2019-5837 CVE-2019-5838 CVE-2019-5839 CVE-2019-5840 CVE-2019-5842

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

This update for chromium fixes the following issues :

Chromium was updated to 75.0.3770.90 (boo#1137332 boo#1138287) :

  - CVE-2019-5842: Use-after-free in Blink.

Also updated to 75.0.3770.80 boo#1137332 :

  - CVE-2019-5828: Use after free in ServiceWorker

  - CVE-2019-5829: Use after free in Download Manager

  - CVE-2019-5830: Incorrectly credentialed requests in CORS

  - CVE-2019-5831: Incorrect map processing in V8

  - CVE-2019-5832: Incorrect CORS handling in XHR

  - CVE-2019-5833: Inconsistent security UI placemen

  - CVE-2019-5835: Out of bounds read in Swiftshader

  - CVE-2019-5836: Heap buffer overflow in Angle

  - CVE-2019-5837: Cross-origin resources size disclosure in     Appcache

  - CVE-2019-5838: Overly permissive tab access in     Extensions

  - CVE-2019-5839: Incorrect handling of certain code points     in Blink

  - CVE-2019-5840: Popup blocker bypass

  - Various fixes from internal audits, fuzzing and other     initiatives

  - CVE-2019-5834: URL spoof in Omnibox on iOS

Update to 74.0.3729.169 :

  - Feature fixes update only

Update to 74.0.3729.157 :

  - Various security fixes from internal audits, fuzzing and     other initiatives

Includes security fixes from 74.0.3729.131 (boo#1134218) :

  - CVE-2019-5827: Out-of-bounds access in SQLite

  - CVE-2019-5824: Parameter passing error in media player

Update to 74.0.3729.108 boo#1133313 :

  - CVE-2019-5805: Use after free in PDFium

  - CVE-2019-5806: Integer overflow in Angle

  - CVE-2019-5807: Memory corruption in V8

  - CVE-2019-5808: Use after free in Blink

  - CVE-2019-5809: Use after free in Blink

  - CVE-2019-5810: User information disclosure in Autofill

  - CVE-2019-5811: CORS bypass in Blink

  - CVE-2019-5813: Out of bounds read in V8

  - CVE-2019-5814: CORS bypass in Blink

  - CVE-2019-5815: Heap buffer overflow in Blink

  - CVE-2019-5818: Uninitialized value in media reader

  - CVE-2019-5819: Incorrect escaping in developer tools

  - CVE-2019-5820: Integer overflow in PDFium

  - CVE-2019-5821: Integer overflow in PDFium

  - CVE-2019-5822: CORS bypass in download manager

  - CVE-2019-5823: Forced navigation from service worker

  - CVE-2019-5812: URL spoof in Omnibox on iOS

  - CVE-2019-5816: Exploit persistence extension on Android

  - CVE-2019-5817: Heap buffer overflow in Angle on Windows

Update to 73.0.3686.103 :

  - Various feature fixes

Update to 73.0.3683.86 :

  - Just feature fixes around

  - Update conditions to use system harfbuzz on TW+

  - Require java during build

  - Enable using pipewire when available

  - Rebase chromium-vaapi.patch to match up the Fedora one

Update to 73.0.3683.75 boo#1129059 :

  - CVE-2019-5787: Use after free in Canvas.

  - CVE-2019-5788: Use after free in FileAPI.

  - CVE-2019-5789: Use after free in WebMIDI.

  - CVE-2019-5790: Heap buffer overflow in V8.

  - CVE-2019-5791: Type confusion in V8.

  - CVE-2019-5792: Integer overflow in PDFium.

  - CVE-2019-5793: Excessive permissions for private API in     Extensions.

  - CVE-2019-5794: Security UI spoofing.

  - CVE-2019-5795: Integer overflow in PDFium.

  - CVE-2019-5796: Race condition in Extensions.

  - CVE-2019-5797: Race condition in DOMStorage.

  - CVE-2019-5798: Out of bounds read in Skia.

  - CVE-2019-5799: CSP bypass with blob URL.

  - CVE-2019-5800: CSP bypass with blob URL.

  - CVE-2019-5801: Incorrect Omnibox display on iOS.

  - CVE-2019-5802: Security UI spoofing.

  - CVE-2019-5803: CSP bypass with JavaScript URLs'.

  - CVE-2019-5804: Command line command injection on     Windows.

Update to Chromium 75.0.3770.100. The usual pile of bugs and CVE fixes. vaapi support disabled, just too broken. :(

Fixes CVE-2019-5805 CVE-2019-5806 CVE-2019-5807 CVE-2019-5808 CVE-2019-5809 CVE-2019-5810 CVE-2019-5811 CVE-2019-5813 CVE-2019-5814 CVE-2019-5815 CVE-2019-5818 CVE-2019-5819 CVE-2019-5820 CVE-2019-5821 CVE-2019-5822 CVE-2019-5824 CVE-2019-5825 CVE-2019-5826 CVE-2019-5827 CVE-2019-5828 CVE-2019-5829 CVE-2019-5830 CVE-2019-5831 CVE-2019-5832 CVE-2019-5833 CVE-2019-5834 CVE-2019-5835 CVE-2019-5836 CVE-2019-5837 CVE-2019-5838 CVE-2019-5839 CVE-2019-5840 CVE-2019-5842

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

This update for chromium to version 75.0.3770.80 fixes the following issues: Security issues fixed :

  - CVE-2019-5828: Fixed a Use after free in ServiceWorker

  - CVE-2019-5829: Fixed Use after free in Download Manager

  - CVE-2019-5830: Fixed an incorrectly credentialed     requests in CORS

  - CVE-2019-5831: Fixed an incorrect map processing in V8

  - CVE-2019-5832: Fixed an incorrect CORS handling in XHR

  - CVE-2019-5833: Fixed an inconsistent security UI     placemen

  - CVE-2019-5835: Fixed an out of bounds read in     Swiftshader

  - CVE-2019-5836: Fixed a heap buffer overflow in Angle

  - CVE-2019-5837: Fixed a cross-origin resources size     disclosure in Appcache

  - CVE-2019-5838: Fixed an overly permissive tab access in     Extensions

  - CVE-2019-5839: Fixed an incorrect handling of certain     code points in Blink

  - CVE-2019-5840: Fixed a popup blocker bypass

This update for chromium to version 75.0.3770.80 fixes the following issues :

Security issues fixed :

&#9; - CVE-2019-5828: Fixed a Use after free in ServiceWorker

  - CVE-2019-5829: Fixed Use after free in Download Manager

  - CVE-2019-5830: Fixed an incorrectly credentialed     requests in CORS

  - CVE-2019-5831: Fixed an incorrect map processing in V8

  - CVE-2019-5832: Fixed an incorrect CORS handling in XHR

  - CVE-2019-5833: Fixed an inconsistent security UI     placemen

  - CVE-2019-5835: Fixed an out of bounds read in     Swiftshader

  - CVE-2019-5836: Fixed a heap buffer overflow in Angle

  - CVE-2019-5837: Fixed a cross-origin resources size     disclosure in Appcache

  - CVE-2019-5838: Fixed an overly permissive tab access in     Extensions

  - CVE-2019-5839: Fixed an incorrect handling of certain     code points in Blink

  - CVE-2019-5840: Fixed a popup blocker bypass

  - CVE-2019-5834: Fixed a URL spoof in Omnibox on iOS

An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Chromium is an open source web browser, powered by WebKit (Blink).

This update upgrades Chromium to version 75.0.3770.80.

Security Fix(es) :

* chromium-browser: Use after free in ServiceWorker (CVE-2019-5828)

* chromium-browser: Use after free in Download Manager (CVE-2019-5829)

* chromium-browser: Incorrectly credentialed requests in CORS (CVE-2019-5830)

* chromium-browser: Incorrect map processing in V8 (CVE-2019-5831)

* chromium-browser: Incorrect CORS handling in XHR (CVE-2019-5832)

* chromium-browser: Inconsistent security UI placement (CVE-2019-5833)

* chromium-browser: Out of bounds read in Swiftshader (CVE-2019-5835)

* chromium-browser: Heap buffer overflow in Angle (CVE-2019-5836)

* chromium-browser: Cross-origin resources size disclosure in Appcache (CVE-2019-5837)

* chromium-browser: Overly permissive tab access in Extensions (CVE-2019-5838)

* chromium-browser: Incorrect handling of certain code points in Blink (CVE-2019-5839)

* chromium-browser: Popup blocker bypass (CVE-2019-5840)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

The version of Google Chrome installed on the remote Windows host is prior to 75.0.3770.80. It is, therefore, affected by multiple vulnerabilities as referenced in the 2019_06_stable-channel-update- for-desktop advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Google Chrome installed on the remote macOS host is prior to 75.0.3770.80. It is, therefore, affected by multiple vulnerabilities as referenced in the 2019_06_stable-channel-update- for-desktop advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
127967	GLSA-201908-18 : Chromium, Google Chrome: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	medium
126995	Fedora 29 : chromium (2019-a1af621faf)	Nessus	Fedora Local Security Checks	medium
126368	openSUSE Security Update : chromium (openSUSE-2019-1666)	Nessus	SuSE Local Security Checks	high
126359	Fedora 30 : chromium (2019-8fb8240d14)	Nessus	Fedora Local Security Checks	medium
125943	openSUSE Security Update : chromium (openSUSE-2019-1559)	Nessus	SuSE Local Security Checks	medium
125942	openSUSE Security Update : chromium (openSUSE-2019-1558)	Nessus	SuSE Local Security Checks	medium
125941	openSUSE Security Update : chromium (openSUSE-2019-1557)	Nessus	SuSE Local Security Checks	medium
125940	RHEL 6 : chromium-browser (RHSA-2019:1477)	Nessus	Red Hat Local Security Checks	medium
125729	Google Chrome < 75.0.3770.80 Multiple Vulnerabilities	Nessus	Windows	medium
125728	Google Chrome < 75.0.3770.80 Multiple Vulnerabilities	Nessus	MacOS X Local Security Checks	medium

CVE-2019-5835

Description

References

Details

Risk Information

CVSS v2.0

CVSS v3.0

Vulnerable Software

Configuration 1

Configuration 2

Configuration 3

Tenable Plugins