[arch-security] [ASA-201704-5] chromium: multiple issues
Remi Gacogne
rgacogne at archlinux.org
Thu Apr 20 10:16:59 UTC 2017
Arch Linux Security Advisory ASA-201704-5
=========================================
Severity: Critical
Date : 2017-04-20
CVE-ID : CVE-2017-5057 CVE-2017-5058 CVE-2017-5059 CVE-2017-5060
CVE-2017-5061 CVE-2017-5062 CVE-2017-5063 CVE-2017-5064
CVE-2017-5065 CVE-2017-5066 CVE-2017-5067 CVE-2017-5069
Package : chromium
Type : multiple issues
Remote : Yes
Link : https://security.archlinux.org/AVG-250
Summary
=======
The package chromium before version 58.0.3029.81-1 is vulnerable to
multiple issues including arbitrary code execution, content spoofing,
incorrect calculation and same-origin policy bypass.
Resolution
==========
Upgrade to 58.0.3029.81-1.
# pacman -Syu "chromium>=58.0.3029.81-1"
The problems have been fixed upstream in version 58.0.3029.81.
Workaround
==========
None.
Description
===========
- CVE-2017-5057 (arbitrary code execution)
A type confusion issue has been found in the PDFium component of the
Chromium browser.
- CVE-2017-5058 (arbitrary code execution)
A heap use after free issue has been found in the Print Preview
component of the Chromium browser.
- CVE-2017-5059 (arbitrary code execution)
A type confusion issue has been found in the Blink component of the
Chromium browser.
- CVE-2017-5060 (content spoofing)
A URL spoofing issue has been found in the Omnibox component of the
Chromium browser.
- CVE-2017-5061 (content spoofing)
A URL spoofing issue has been found in the Omnibox component of the
Chromium browser.
- CVE-2017-5062 (arbitrary code execution)
A use after free issue has been found in the Chrome Apps component of
the Chromium browser.
- CVE-2017-5063 (arbitrary code execution)
A heap overflow issue has been found in the Skia component of the
Chromium browser.
- CVE-2017-5064 (arbitrary code execution)
A use after free flaw has been found in the Blink component of the
Chromium browser.
- CVE-2017-5065 (content spoofing)
An incorrect UI issue has been found in the Blink component of the
Chromium browser.
- CVE-2017-5066 (incorrect calculation)
An incorrect signature handing issue has been found in the Networking
component of the Chromium browser.
- CVE-2017-5067 (content spoofing)
A URL spoofing issue has been found in the Omnibox component of the
Chromium browser.
- CVE-2017-5069 (same-origin policy bypass)
A cross-origin bypass issue has been found in the Blink component of
the Chromium browser.
Impact
======
A remote attacker can spoof URL, bypass security checks and execute
arbitrary code on the affected host.
References
==========
https://chromereleases.googleblog.com/2017/04/stable-channel-update-for-desktop.html
https://crbug.com/695826
https://crbug.com/694382
https://crbug.com/684684
https://crbug.com/683314
https://crbug.com/672847
https://crbug.com/702896
https://crbug.com/700836
https://crbug.com/693974
https://crbug.com/704560
https://crbug.com/690821
https://crbug.com/648117
https://crbug.com/691726
https://security.archlinux.org/CVE-2017-5057
https://security.archlinux.org/CVE-2017-5058
https://security.archlinux.org/CVE-2017-5059
https://security.archlinux.org/CVE-2017-5060
https://security.archlinux.org/CVE-2017-5061
https://security.archlinux.org/CVE-2017-5062
https://security.archlinux.org/CVE-2017-5063
https://security.archlinux.org/CVE-2017-5064
https://security.archlinux.org/CVE-2017-5065
https://security.archlinux.org/CVE-2017-5066
https://security.archlinux.org/CVE-2017-5067
https://security.archlinux.org/CVE-2017-5069
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-security/attachments/20170420/c1a3c4cb/attachment.asc>
More information about the arch-security
mailing list