Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2020.2068 chromium-browser security update 16 June 2020 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: chromium-browser Publisher: Red Hat Operating System: Red Hat Enterprise Linux Server 6 Red Hat Enterprise Linux WS/Desktop 6 Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Denial of Service -- Remote with User Interaction Provide Misleading Information -- Remote with User Interaction Access Confidential Data -- Remote with User Interaction Reduced Security -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2020-6496 CVE-2020-6495 CVE-2020-6494 CVE-2020-6493 CVE-2020-6491 CVE-2020-6490 CVE-2020-6489 CVE-2020-6488 CVE-2020-6487 CVE-2020-6486 CVE-2020-6485 CVE-2020-6484 CVE-2020-6483 CVE-2020-6482 CVE-2020-6481 CVE-2020-6480 CVE-2020-6479 CVE-2020-6478 CVE-2020-6476 CVE-2020-6475 CVE-2020-6474 CVE-2020-6473 CVE-2020-6472 CVE-2020-6471 CVE-2020-6470 CVE-2020-6469 CVE-2020-6468 CVE-2020-6467 CVE-2020-6466 CVE-2020-6465 Reference: ASB-2020.0106 ASB-2020.0105 Original Bulletin: https://access.redhat.com/errata/RHSA-2020:2544 - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: chromium-browser security update Advisory ID: RHSA-2020:2544-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://access.redhat.com/errata/RHSA-2020:2544 Issue date: 2020-06-15 CVE Names: CVE-2020-6465 CVE-2020-6466 CVE-2020-6467 CVE-2020-6468 CVE-2020-6469 CVE-2020-6470 CVE-2020-6471 CVE-2020-6472 CVE-2020-6473 CVE-2020-6474 CVE-2020-6475 CVE-2020-6476 CVE-2020-6478 CVE-2020-6479 CVE-2020-6480 CVE-2020-6481 CVE-2020-6482 CVE-2020-6483 CVE-2020-6484 CVE-2020-6485 CVE-2020-6486 CVE-2020-6487 CVE-2020-6488 CVE-2020-6489 CVE-2020-6490 CVE-2020-6491 CVE-2020-6493 CVE-2020-6494 CVE-2020-6495 CVE-2020-6496 ===================================================================== 1. Summary: An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, i686, x86_64 Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - i686, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, i686, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, i686, x86_64 3. Description: Chromium is an open-source web browser, powered by WebKit (Blink). This update upgrades Chromium to version 83.0.4103.97. Security Fix(es): * chromium-browser: Use after free in reader mode (CVE-2020-6465) * chromium-browser: Use after free in media (CVE-2020-6466) * chromium-browser: Use after free in WebRTC (CVE-2020-6467) * chromium-browser: Type Confusion in V8 (CVE-2020-6468) * chromium-browser: Insufficient policy enforcement in developer tools (CVE-2020-6469) * chromium-browser: Use after free in WebAuthentication (CVE-2020-6493) * chromium-browser: Incorrect security UI in payments (CVE-2020-6494) * chromium-browser: Insufficient policy enforcement in developer tools (CVE-2020-6495) * chromium-browser: Use after free in payments (CVE-2020-6496) * chromium-browser: Insufficient validation of untrusted input in clipboard (CVE-2020-6470) * chromium-browser: Insufficient policy enforcement in developer tools (CVE-2020-6471) * chromium-browser: Insufficient policy enforcement in developer tools (CVE-2020-6472) * chromium-browser: Insufficient policy enforcement in Blink (CVE-2020-6473) * chromium-browser: Use after free in Blink (CVE-2020-6474) * chromium-browser: Incorrect security UI in full screen (CVE-2020-6475) * chromium-browser: Insufficient policy enforcement in tab strip (CVE-2020-6476) * chromium-browser: Inappropriate implementation in full screen (CVE-2020-6478) * chromium-browser: Inappropriate implementation in sharing (CVE-2020-6479) * chromium-browser: Insufficient policy enforcement in enterprise (CVE-2020-6480) * chromium-browser: Insufficient policy enforcement in URL formatting (CVE-2020-6481) * chromium-browser: Insufficient policy enforcement in developer tools (CVE-2020-6482) * chromium-browser: Insufficient policy enforcement in payments (CVE-2020-6483) * chromium-browser: Insufficient data validation in ChromeDriver (CVE-2020-6484) * chromium-browser: Insufficient data validation in media router (CVE-2020-6485) * chromium-browser: Insufficient policy enforcement in navigations (CVE-2020-6486) * chromium-browser: Insufficient policy enforcement in downloads (CVE-2020-6487) * chromium-browser: Insufficient policy enforcement in downloads (CVE-2020-6488) * chromium-browser: Inappropriate implementation in developer tools (CVE-2020-6489) * chromium-browser: Insufficient data validation in loader (CVE-2020-6490) * chromium-browser: Incorrect security UI in site information (CVE-2020-6491) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the update, Chromium must be restarted for the changes to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1837877 - CVE-2020-6465 chromium-browser: Use after free in reader mode 1837878 - CVE-2020-6466 chromium-browser: Use after free in media 1837879 - CVE-2020-6467 chromium-browser: Use after free in WebRTC 1837880 - CVE-2020-6468 chromium-browser: Type Confusion in V8 1837882 - CVE-2020-6470 chromium-browser: Insufficient validation of untrusted input in clipboard 1837883 - CVE-2020-6471 chromium-browser: Insufficient policy enforcement in developer tools 1837884 - CVE-2020-6472 chromium-browser: Insufficient policy enforcement in developer tools 1837885 - CVE-2020-6473 chromium-browser: Insufficient policy enforcement in Blink 1837886 - CVE-2020-6474 chromium-browser: Use after free in Blink 1837887 - CVE-2020-6475 chromium-browser: Incorrect security UI in full screen 1837889 - CVE-2020-6478 chromium-browser: Inappropriate implementation in full screen 1837890 - CVE-2020-6480 chromium-browser: Insufficient policy enforcement in enterprise 1837891 - CVE-2020-6481 chromium-browser: Insufficient policy enforcement in URL formatting 1837892 - CVE-2020-6482 chromium-browser: Insufficient policy enforcement in developer tools 1837893 - CVE-2020-6483 chromium-browser: Insufficient policy enforcement in payments 1837894 - CVE-2020-6484 chromium-browser: Insufficient data validation in ChromeDriver 1837896 - CVE-2020-6485 chromium-browser: Insufficient data validation in media router 1837897 - CVE-2020-6486 chromium-browser: Insufficient policy enforcement in navigations 1837898 - CVE-2020-6487 chromium-browser: Insufficient policy enforcement in downloads 1837899 - CVE-2020-6488 chromium-browser: Insufficient policy enforcement in downloads 1837900 - CVE-2020-6489 chromium-browser: Inappropriate implementation in developer tools 1837901 - CVE-2020-6490 chromium-browser: Insufficient data validation in loader 1837902 - CVE-2020-6491 chromium-browser: Incorrect security UI in site information 1837907 - CVE-2020-6469 chromium-browser: Insufficient policy enforcement in developer tools 1837912 - CVE-2020-6476 chromium-browser: Insufficient policy enforcement in tab strip 1837927 - CVE-2020-6479 chromium-browser: Inappropriate implementation in sharing 1844554 - CVE-2020-6493 chromium-browser: Use after free in WebAuthentication 1844555 - CVE-2020-6494 chromium-browser: Incorrect security UI in payments 1844556 - CVE-2020-6495 chromium-browser: Insufficient policy enforcement in developer tools 1844557 - CVE-2020-6496 chromium-browser: Use after free in payments 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: chromium-browser-83.0.4103.97-1.el6_10.i686.rpm chromium-browser-debuginfo-83.0.4103.97-1.el6_10.i686.rpm i686: chromium-browser-83.0.4103.97-1.el6_10.i686.rpm chromium-browser-debuginfo-83.0.4103.97-1.el6_10.i686.rpm x86_64: chromium-browser-83.0.4103.97-1.el6_10.x86_64.rpm chromium-browser-debuginfo-83.0.4103.97-1.el6_10.x86_64.rpm Red Hat Enterprise Linux HPC Node Supplementary (v. 6): i686: chromium-browser-83.0.4103.97-1.el6_10.i686.rpm chromium-browser-debuginfo-83.0.4103.97-1.el6_10.i686.rpm x86_64: chromium-browser-83.0.4103.97-1.el6_10.x86_64.rpm chromium-browser-debuginfo-83.0.4103.97-1.el6_10.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: chromium-browser-83.0.4103.97-1.el6_10.i686.rpm chromium-browser-debuginfo-83.0.4103.97-1.el6_10.i686.rpm i686: chromium-browser-83.0.4103.97-1.el6_10.i686.rpm chromium-browser-debuginfo-83.0.4103.97-1.el6_10.i686.rpm x86_64: chromium-browser-83.0.4103.97-1.el6_10.x86_64.rpm chromium-browser-debuginfo-83.0.4103.97-1.el6_10.x86_64.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: chromium-browser-83.0.4103.97-1.el6_10.i686.rpm chromium-browser-debuginfo-83.0.4103.97-1.el6_10.i686.rpm i686: chromium-browser-83.0.4103.97-1.el6_10.i686.rpm chromium-browser-debuginfo-83.0.4103.97-1.el6_10.i686.rpm x86_64: chromium-browser-83.0.4103.97-1.el6_10.x86_64.rpm chromium-browser-debuginfo-83.0.4103.97-1.el6_10.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-6465 https://access.redhat.com/security/cve/CVE-2020-6466 https://access.redhat.com/security/cve/CVE-2020-6467 https://access.redhat.com/security/cve/CVE-2020-6468 https://access.redhat.com/security/cve/CVE-2020-6469 https://access.redhat.com/security/cve/CVE-2020-6470 https://access.redhat.com/security/cve/CVE-2020-6471 https://access.redhat.com/security/cve/CVE-2020-6472 https://access.redhat.com/security/cve/CVE-2020-6473 https://access.redhat.com/security/cve/CVE-2020-6474 https://access.redhat.com/security/cve/CVE-2020-6475 https://access.redhat.com/security/cve/CVE-2020-6476 https://access.redhat.com/security/cve/CVE-2020-6478 https://access.redhat.com/security/cve/CVE-2020-6479 https://access.redhat.com/security/cve/CVE-2020-6480 https://access.redhat.com/security/cve/CVE-2020-6481 https://access.redhat.com/security/cve/CVE-2020-6482 https://access.redhat.com/security/cve/CVE-2020-6483 https://access.redhat.com/security/cve/CVE-2020-6484 https://access.redhat.com/security/cve/CVE-2020-6485 https://access.redhat.com/security/cve/CVE-2020-6486 https://access.redhat.com/security/cve/CVE-2020-6487 https://access.redhat.com/security/cve/CVE-2020-6488 https://access.redhat.com/security/cve/CVE-2020-6489 https://access.redhat.com/security/cve/CVE-2020-6490 https://access.redhat.com/security/cve/CVE-2020-6491 https://access.redhat.com/security/cve/CVE-2020-6493 https://access.redhat.com/security/cve/CVE-2020-6494 https://access.redhat.com/security/cve/CVE-2020-6495 https://access.redhat.com/security/cve/CVE-2020-6496 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXudvttzjgjWX9erEAQhS0A//VAEUo1J+vMah8qfsROL8jz5Db5dYA5Ek T3afaNa9OX0j/pfpYsmjqUky+lsKk3rn/J4+OuBZ5/6pasx4Eh1opFSXJ2UbFHNM siBhAbBlhgS93Geb+Q+7s2G44d03UIAx2r0jeJr3Z1LzTyM+7OUyM/vq1k7g2HAx KwuzW6nkL1kfU84sjiyyYu0eGggmqRZhYu5kOCAMLAHzJI5JvQPwBUU3AhwTlVwr qWy5GjNbTeAFQFoGnrJpopmCTl9kN1tRtdB9BV6ZkDxtVJzWrjRNRoLwTdv6OKuc bhYwDjC/Dl7CMBv3ouIg6sCJP1iuJ+6BZE5lLCaMxtXLpmhwhWHWfpBnEnt+Y6Mv T65uz1WGbwpOl+owHP+vwP5r3mpOl24uIROJ+6XNb5ghbVq624FvAbLrTfnzriII 9FZp/IRHnvr+D38CiKxHdBixmICnyZKU9snaHxJKouIChpHb6G1Oc+sjmrPqxcBt YdAvXacyqFmY8/zFOMS7/0vXTNNMZn30CdTU0yKHH4/nS9R+0dRXum1Q2+eIKdI0 N1aFZAfQ+3AqOOUY/a+gr3D8TQZ9QzbFpIQ4L3cZ3fxN0J+4DiVdvck0/MvnZEgF VLffKDE4Tf3RGbACiwyhw2is7hefCMgJ16bZANxcyIcxvWl1CqXW8JEFlkGdOotp n4/CXViDMxQ= =zRlY - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXuglJuNLKJtyKPYoAQgE/g/+IuRJLE9fE5yPdVKcr+vKWb6LAmbvTgIH tQd1pkfDdpcJQheoEZY44aDXsxCrg9LcrvmAHpC66fk1U1CSO2pjcxUEjjefkP5q WeYCeldz+XorVqMIq/c+gihWaFjLlwi4dKPdsXk4xJ65lPOswXjeNsHYaPTLyemz a81Fno+de8jTuFy++6SNtS9+4tlmKrIBOALle+WGbf+s6A9ZAXvCgJXwUDIyoW1E 5mrM7O0/M86B/FpYkZlOBLmbXS2pKcjTI1ut2ggxbTT0N11un1D4tcx7fUvWaq7Z zhLB0cPqIuOGH7j+rdCUMSXdE1ajXhPXHx9YzcZm+grffZpy7oaLTBF7CEOGRxCQ wQhVF2WkQUbyuxqJ9iFuJE25qWxc+v5Snx5Gu1sy+XH7xXKJuxLDw5ZGsgoCKy8d bqdztVtrF1x8cxbY1voXWFohl8MBAaiQidwBCwXOhCiFcBGaNBvFbst9V99Rtlo2 S53PplwxeBuXn7m2d6Yvjyfx0Qy+SB3/Fjcx2aYaQbAKaOcm8MuH/8SLBuzt/5uo hpc6mGFx6f5S58ltEnyqTwQJmfxhxH0gsER3kyzVY38zFYnrUiDC4B5cmkD3Q28S gX395tXP5ofGM/45cm25l0eWiDZ1tyeULkk8WvUjW4wcZSJ6tFlHSo2K+/3Wxasr qKJu7tuodlE= =93jG -----END PGP SIGNATURE-----