lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <CANTw=MNTSCdMyVdc0zGUOb47zNAqGP6P0zAhM2RuJrK=t5fOMA@mail.gmail.com>
Date: Wed, 19 Sep 2018 01:15:22 -0400
From: Michael Gilbert <mgilbert@...ian.org>
To: bugtraq@...urityfocus.com
Subject: [SECURITY] [DSA 4297-1] chromium-browser security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4297-1                   security@...ian.org
https://www.debian.org/security/                          Michael Gilbert
September 19, 2018                    https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : chromium-browser

Two vulnerabilities have been discovered in the chromium web browser.
Kevin Cheung discovered an error in the WebAssembly implementation and
evil1m0 discovered a URL spoofing issue.

For the stable distribution (stretch), this problem has been fixed in
version 69.0.3497.92-1~deb9u1.

We recommend that you upgrade your chromium-browser packages.

For the detailed security status of chromium-browser please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/chromium-browser

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@...ts.debian.org
-----BEGIN PGP SIGNATURE-----

iQQzBAEBCgAdFiEEluhy7ASCBulP9FUWuNayzQLW9HMFAluh2gQACgkQuNayzQLW
9HPdHR/7BN5RFf2Z1pB+we2Xaxz3TSzVKT1iSjAM1Hh3npM8Bgiy5um6lzHnddP9
vUYuaO9HXuWgYKoRO2i73RjCisxdf5OsgexFPQAUHFe/ocCGIqxVZpQRHkDhWxdK
EUfr331ibgUfDXzOxQSJ6tBfAW66rhixrARR1g/b3eQN4SdOZo0W/VpT7PaG0L3/
Ljpo+ifxQ0Kgh31LeAKuFCnkyfMGOjy7ZWzdTc2OHK0Yqr9gi4/boErercyFrIGb
Y4EhVxIVpePxfzUfNuCc21YKcnyeXcD4ocd61OdcrXMTswrCLJ/euvp8w4f85Irg
bxdpAeb7KRZn3OnH5nA4jF2zRYjuPkb46+SJieCkfB+JYCF59Krpgyd4JqJ1vEWX
bAPcd0RR/6JzLTofEcY+/qkX6sYPoFSctTlexzLLzoFK336rFYRrGk02VM6vtK11
depXtFqt3aGQb+gBv78rkmncRGFLYGYgrUJWuC311uuYFHNPhCR7syKFqtNQOro/
7v0hr0CcExqVIBSRzHEhr3lYELjUr+xFOYc6Ca8qPK/2yodHClGjPB1l7xD4OtNa
TSe0xmQMVqZLLXDpdmkY3jH+3bS8fHcUHc5dDmsCz5R0850HRUAqNp0Qkyb8cyME
4Oy33m0GzgYvG/1rd8KajKJjBRg45vz+68Ax9UIz1DU7q2guCy1tZGnsr4vZZyOR
24NgYUVZj882hjIcQjzQ/KweBdN+pZGv+otdh2dyusyLbFKeptO8UXgEeRigYYP2
J/lgIuC/AvV3vdHqfSV+KmXYRtI9BV3TcPjG6SSUuV6sdtXq1BPfAU6dmemhQqac
CtEFsWmtfNjC5SkS6fV1q5cpKQrQFlhdrFlizl4nKqvBMupiG1RODOC7Dbqw8U68
tR1Z8KqfsoNgowREfdiPysQSmCySYMDTXwIKpFpoWRjG+HQ0BNi14167POEygk3z
KwIBjq3CeuqnnkXLpkiZiTdkQv883FNFTuz96YXHnMYZ2oxUJOyt1UvDpPUExopA
G1U4uAxFnU6mvGj88m83QW9EOLCoTYTBpobJoMO+RAXW8rGR3/oso+bIdsJe/8lJ
lBf3AtU8wROielWPjF6WSBQt81iQyS33xy6XnV89RhLIVGg9fJ4etZcVud0tmVgs
Nv1AGlhAc9lepQkelNP7b0lweKSpCgqhwp6Pdshp9QnTS86iyL5VSmtW3FjKge90
11C/n5adTSaPSRMqS7x/UQX9hpYhr0i2Pf6lnLqrZObCVs21gqMfxKqY2Q73MWU7
173oMqjH/AOweQ7sm0NyV4fCodXTVeA2pkv++rBplN0ENeClY+RxY+mvP51mfkG/
MqWrr3fyREQljdoBx1PA3UpTdFI7uQ==
=oXdP
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ