ESB-2018.2190 - [Debian] chromium-browser: Multiple vulnerabilities 2018-07-30

Printable version
PGP/GPG verifiable version

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2018.2190
                     chromium-browser security update
                               30 July 2018

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           chromium-browser
Publisher:         Debian
Operating System:  Debian GNU/Linux 9
Impact/Access:     Execute Arbitrary Code/Commands -- Remote with User Interaction
                   Increased Privileges            -- Remote with User Interaction
                   Denial of Service               -- Remote with User Interaction
                   Provide Misleading Information  -- Unknown/Unspecified         
                   Access Confidential Data        -- Remote with User Interaction
                   Reduced Security                -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2018-6179 CVE-2018-6178 CVE-2018-6177
                   CVE-2018-6176 CVE-2018-6175 CVE-2018-6174
                   CVE-2018-6173 CVE-2018-6172 CVE-2018-6171
                   CVE-2018-6170 CVE-2018-6169 CVE-2018-6168
                   CVE-2018-6167 CVE-2018-6166 CVE-2018-6165
                   CVE-2018-6164 CVE-2018-6163 CVE-2018-6162
                   CVE-2018-6161 CVE-2018-6159 CVE-2018-6158
                   CVE-2018-6157 CVE-2018-6156 CVE-2018-6155
                   CVE-2018-6154 CVE-2018-6153 CVE-2018-6152
                   CVE-2018-6151 CVE-2018-6150 CVE-2018-6044
                   CVE-2018-4117  

Reference:         ASB-2018.0185
                   ESB-2018.1327
                   ESB-2018.0970
                   ESB-2018.0969
                   ESB-2018.0968

Original Bulletin: 
   http://www.debian.org/security/2018/dsa-4256

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- - -------------------------------------------------------------------------
Debian Security Advisory DSA-4256-1                   security@debian.org
https://www.debian.org/security/                          Michael Gilbert
July 26, 2018                         https://www.debian.org/security/faq
- - -------------------------------------------------------------------------

Package        : chromium-browser
CVE ID         : CVE-2018-4117 CVE-2018-6044 CVE-2018-6150 CVE-2018-6151
                 CVE-2018-6152 CVE-2018-6153 CVE-2018-6154 CVE-2018-6155
                 CVE-2018-6156 CVE-2018-6157 CVE-2018-6158 CVE-2018-6159
                 CVE-2018-6161 CVE-2018-6162 CVE-2018-6163 CVE-2018-6164
                 CVE-2018-6165 CVE-2018-6166 CVE-2018-6167 CVE-2018-6168
                 CVE-2018-6169 CVE-2018-6170 CVE-2018-6171 CVE-2018-6172
                 CVE-2018-6173 CVE-2018-6174 CVE-2018-6175 CVE-2018-6176
                 CVE-2018-6177 CVE-2018-6178 CVE-2018-6179

Several vulnerabilities have been discovered in the chromium web browser.

CVE-2018-4117

    AhsanEjaz discovered an information leak.

CVE-2018-6044

    Rob Wu discovered a way to escalate privileges using extensions.

CVE-2018-6150

    Rob Wu discovered an information disclosure issue (this problem was
    fixed in a previous release but was mistakenly omitted from upstream's
    announcement at the time).

CVE-2018-6151

    Rob Wu discovered an issue in the developer tools (this problem  was
    fixed in a previous release but was mistakenly omitted from upstream's
    announcement at the time).

CVE-2018-6152

    Rob Wu discovered an issue in the developer tools (this problem  was
    fixed in a previous release but was mistakenly omitted from upstream's
    announcement at the time).

CVE-2018-6153

    Zhen Zhou discovered a buffer overflow issue in the skia library.

CVE-2018-6154

    Omair discovered a buffer overflow issue in the WebGL implementation.

CVE-2018-6155

    Natalie Silvanovich discovered a use-after-free issue in the WebRTC
    implementation.

CVE-2018-6156

    Natalie Silvanovich discovered a buffer overflow issue in the WebRTC
    implementation.

CVE-2018-6157

    Natalie Silvanovich discovered a type confusion issue in the WebRTC
    implementation.

CVE-2018-6158

    Zhe Jin discovered a use-after-free issue.

CVE-2018-6159

    Jun Kokatsu discovered a way to bypass the same origin policy.

CVE-2018-6161

    Jun Kokatsu discovered a way to bypass the same origin policy.

CVE-2018-6162

    Omair discovered a buffer overflow issue in the WebGL implementation.

CVE-2018-6163

    Khalil Zhani discovered a URL spoofing issue.

CVE-2018-6164

    Jun Kokatsu discovered a way to bypass the same origin policy.

CVE-2018-6165

    evil1m0 discovered a URL spoofing issue.

CVE-2018-6166

    Lynas Zhang discovered a URL spoofing issue.

CVE-2018-6167

    Lynas Zhang discovered a URL spoofing issue.

CVE-2018-6168

    Gunes Acar and Danny Y. Huang discovered a way to bypass the Cross
    Origin Resource Sharing policy.

CVE-2018-6169

    Sam P discovered a way to bypass permissions when installing
    extensions.

CVE-2018-6170

    A type confusion issue was discovered in the pdfium library.

CVE-2018-6171

    A use-after-free issue was discovered in the WebBluetooth
    implementation.

CVE-2018-6172

    Khalil Zhani discovered a URL spoofing issue.

CVE-2018-6173

    Khalil Zhani discovered a URL spoofing issue.

CVE-2018-6174

    Mark Brand discovered an integer overflow issue in the swiftshader
    library.

CVE-2018-6175

    Khalil Zhani discovered a URL spoofing issue.

CVE-2018-6176

    Jann Horn discovered a way to escalate privileges using extensions.

CVE-2018-6177

    Ron Masas discovered an information leak.

CVE-2018-6178

    Khalil Zhani discovered a user interface spoofing issue.

CVE-2018-6179

    It was discovered that information about files local to the system
    could be leaked to extensions.

This version also fixes a regression introduced in the previous security
update that could prevent decoding of particular audio/video codecs.

For the stable distribution (stretch), these problems have been fixed in
version 68.0.3440.75-1~deb9u1.

We recommend that you upgrade your chromium-browser packages.

For the detailed security status of chromium-browser please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/chromium-browser

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
- -----BEGIN PGP SIGNATURE-----

iQQzBAEBCgAdFiEEluhy7ASCBulP9FUWuNayzQLW9HMFAltaqvAACgkQuNayzQLW
9HN1Tx//TF/lR0JT7+g9ZV4C8b9QUjd8RziW1x3Dr1c6FdO01qRzRTmuolgGkd16
irPIel0bnvM7Q707UaX3YlfP9teWThneAXl69wPxg4l/cD6KQy6TYyxY3VzvUiYO
7q1cEixQDqnB2w7sdT2vpg0xc9a8NR5Bgraf+GPUm72R7HHlRHL9G0hVYozjERz/
s09oGrou9neITKMEu7KBPONpWXR8UTJuaCDRW39TeafRVJHDhXUg4wZQihStBMN3
vSNOIhS4TbpFCZqpJRijGh2W2wIz72zq9Fk+FgwDF9cm2Z6aeh/HwGUNFo9IGfc1
e6FnCDTVp3SxJmYdKZSmnqM87+uKBx135G7Y3nVFXZbsUlGuifa4YGNQkkSgr0Be
K2B2dkPDwrFJpJuO2E43q66su2/bAoD/pUC/51Rb+WQBMBfmjZ3vQN9cUybH6Ove
VLRRkv9ADFpHgZ2JcRdKcVFMQRoBZ9gPr7oWeC/f4CjYSJl0ZCrq+0zCO0LUl0/H
QE2Wf0kDDJggsftQfwLwi2LokXNB7VtO3y57RsGB5Mrx/vfy8lB/7p5WAW9c0OJq
C/XUmowWn7PP0s5RyWU0m0w5ioIgDVy+OH5pNsO68L1RZUwaFwRvmaiEbipBr00a
CO7XCQkokcaHm4iXx2aPIwj9ndbtYOu7ve/6BxZhbCgzeVlJiUCcLARHNpagyBOv
WQ43ymkLPYc/RurSQbrn/JVEoCXRpOvTUrPPt7S2shBJfsU9kN5k34s8oN7ytFll
cU6DwGY7n4EDd3sbB3oRwSdu8WGEKK6hDqTo9dPEy8x6owiyUqLFs1+aBjUeoQxQ
80PM0g2Qqdqk/aYgJU243UH3Wx63cCubowDkRnXxGlIxbTl1Wfi5GlmXIrKXQBl9
os4xcpEXTYkghQHzAwi6++cbVLTS4/MNV2S9SfriTEr39jPt0hscFhldg9cnJcGC
nHBt6QDrr/GzObSxhxOl82viimrmt6N8AZpfu6xGtf+XIwk/Kz8wI15MJN5TOnR7
l+2U0I3vzW4BBTR9qfFpaXr4WCelsVstJMmdMspTQLeea83rCdX2IzH7mIgg3pRl
6tWqesRJGUa/JgsTMMz26o9GM+hlpSsm1qsFuGLI3pOC+nBZYaFlQAORx+kgOdvf
hnXPVcYLQBNkFForr92CikMziCYlxPUiUSNDRNRAJ7ksDxsknkuaLx1tV/WY6tvv
ELlY4nH9DD7fqhtecCCvsor9A3F+pswb661m0uYyTlmOx4b2SJizybgud+SZ09O1
v5XJQX795NDf0Mvsn0hM/judmojCRfw8M6tkhUfIP6YIlKYJ7TWhRBBNudyMSbjZ
3/DBJTGBplvJm/5iIODSqHWu1ZQS7A==
=tUJt
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBW15etGaOgq3Tt24GAQhlOA//blu58ZIC1iei82EPQsRK+9cUPXSJgw12
UpeoQLuLKnidSplJUdZ4wANckuMbFMYXPYp+7d0jYOIN4jpxnyi8MQFlY+zU1jBH
YMPFdn9R9ZIWveFJaZ0E+jKydlGBXAjnoMn2Tj/pF057nBj1EH/de7PYKtdB9ega
9Yd5upqtKvQN8DNu+92pUM3y8X+8AJsHpKo1iNiXpU+gPR4mnnVPuy6F1QuAnj7l
SZIL/xAW9l0fxel0YrUU9uQ/q/v8nwbYvk0jD3l+t6cOEBfz+bqEBp2fMs27THB5
DLNu/JpRyC42DQiGiytI3iwQDs7/fiSD/IrWmq4nGZP0yfxJaXciz4ZuAV7FlzJ9
eCXzhH3Q+RQiuqM8YD/t2oBtpgA3ggA74qtQU2Ti1QulXjmlT1JIPyxsHasCPlug
A1hpkO36FLVduWpfp9QtA4to35utZExOOhH2/v4OYJWNl++fu4vYQCNm4vexwwKH
mqr6u34SS+5bCipYebf86m6aw51W1LcHuOYh5RaYfxV8/rjJL0m7Ch4LdKEZjvWW
F/Am2iLXUk8nVbxXXJmqWNteYrHNYO/gDXi4jSmb0MnoDxNsTpHmQgAX5y+xpumi
IQGV4/2UQ++dPYdtyRWn5NqRGgnrnR0X1CxvnESp8R2VWZsF4NdpdYdBh+jQznmV
egx95EzP8eU=
=VnSi
-----END PGP SIGNATURE-----

« Back to bulletins