RHSA-2020:3377-01: Critical: chromium-browser security update

Red Hat 8875 Published 2020-08-11 04:14 by Philipp Esselbach

News

A chromium-browser security update has been released for Red Hat Enterprise Linux 6.

RHSA-2020:3377-01: Critical: chromium-browser security update

=====================================================================
Red Hat Security Advisory

Synopsis: Critical: chromium-browser security update
Advisory ID: RHSA-2020:3377-01
Product: Red Hat Enterprise Linux Supplementary
Advisory URL: https://access.redhat.com/errata/RHSA-2020:3377
Issue date: 2020-08-10
CVE Names: CVE-2020-6510 CVE-2020-6511 CVE-2020-6512
CVE-2020-6513 CVE-2020-6514 CVE-2020-6515
CVE-2020-6516 CVE-2020-6517 CVE-2020-6518
CVE-2020-6519 CVE-2020-6520 CVE-2020-6521
CVE-2020-6522 CVE-2020-6523 CVE-2020-6524
CVE-2020-6525 CVE-2020-6526 CVE-2020-6527
CVE-2020-6528 CVE-2020-6529 CVE-2020-6530
CVE-2020-6531 CVE-2020-6532 CVE-2020-6533
CVE-2020-6534 CVE-2020-6535 CVE-2020-6536
CVE-2020-6537 CVE-2020-6538 CVE-2020-6539
CVE-2020-6540 CVE-2020-6541
=====================================================================

1. Summary:

An update for chromium-browser is now available for Red Hat Enterprise
Linux 6 Supplementary.

Red Hat Product Security has rated this update as having a security impact
of Critical. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, i686, x86_64
Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - i686, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, i686, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, i686, x86_64

3. Description:

Chromium is an open-source web browser, powered by WebKit (Blink).

This update upgrades Chromium to version 84.0.4147.105.

Security Fix(es):

* chromium-browser: Heap buffer overflow in background fetch
(CVE-2020-6510)

* chromium-browser: Side-channel information leakage in content security
policy (CVE-2020-6511)

* chromium-browser: Type Confusion in V8 (CVE-2020-6512)

* chromium-browser: Heap buffer overflow in PDFium (CVE-2020-6513)

* chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514)

* chromium-browser: Use after free in tab strip (CVE-2020-6515)

* chromium-browser: Policy bypass in CORS (CVE-2020-6516)

* chromium-browser: Heap buffer overflow in history (CVE-2020-6517)

* chromium-browser: Use after free in SCTP (CVE-2020-6532)

* chromium-browser: Type Confusion in V8 (CVE-2020-6537)

* chromium-browser: Inappropriate implementation in WebView (CVE-2020-6538)

* chromium-browser: Use after free in CSS (CVE-2020-6539)

* chromium-browser: Heap buffer overflow in Skia (CVE-2020-6540)

* chromium-browser: Use after free in WebUSB (CVE-2020-6541)

* chromium-browser: Use after free in developer tools (CVE-2020-6518)

* chromium-browser: Policy bypass in CSP (CVE-2020-6519)

* chromium-browser: Heap buffer overflow in Skia (CVE-2020-6520)

* chromium-browser: Side-channel information leakage in autofill
(CVE-2020-6521)

* chromium-browser: Inappropriate implementation in external protocol
handlers (CVE-2020-6522)

* chromium-browser: Out of bounds write in Skia (CVE-2020-6523)

* chromium-browser: Heap buffer overflow in WebAudio (CVE-2020-6524)

* chromium-browser: Heap buffer overflow in Skia (CVE-2020-6525)

* chromium-browser: Inappropriate implementation in iframe sandbox
(CVE-2020-6526)

* chromium-browser: Insufficient policy enforcement in CSP (CVE-2020-6527)

* chromium-browser: Incorrect security UI in basic auth (CVE-2020-6528)

* chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6529)

* chromium-browser: Out of bounds memory access in developer tools
(CVE-2020-6530)

* chromium-browser: Side-channel information leakage in scroll to text
(CVE-2020-6531)

* chromium-browser: Type Confusion in V8 (CVE-2020-6533)

* chromium-browser: Heap buffer overflow in WebRTC (CVE-2020-6534)

* chromium-browser: Insufficient data validation in WebUI (CVE-2020-6535)

* chromium-browser: Incorrect security UI in PWAs (CVE-2020-6536)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the update, Chromium must be restarted for the changes to
take effect.

5. Bugs fixed ( https://bugzilla.redhat.com/):

1857320 - CVE-2020-6511 chromium-browser: Side-channel information leakage in content security policy
1857321 - CVE-2020-6512 chromium-browser: Type Confusion in V8
1857322 - CVE-2020-6513 chromium-browser: Heap buffer overflow in PDFium
1857323 - CVE-2020-6515 chromium-browser: Use after free in tab strip
1857324 - CVE-2020-6516 chromium-browser: Policy bypass in CORS
1857325 - CVE-2020-6518 chromium-browser: Use after free in developer tools
1857326 - CVE-2020-6519 chromium-browser: Policy bypass in CSP
1857327 - CVE-2020-6520 chromium-browser: Heap buffer overflow in Skia
1857328 - CVE-2020-6521 chromium-browser: Side-channel information leakage in autofill
1857329 - CVE-2020-6523 chromium-browser: Out of bounds write in Skia
1857330 - CVE-2020-6524 chromium-browser: Heap buffer overflow in WebAudio
1857331 - CVE-2020-6525 chromium-browser: Heap buffer overflow in Skia
1857332 - CVE-2020-6526 chromium-browser: Inappropriate implementation in iframe sandbox
1857333 - CVE-2020-6527 chromium-browser: Insufficient policy enforcement in CSP
1857334 - CVE-2020-6528 chromium-browser: Incorrect security UI in basic auth
1857336 - CVE-2020-6529 chromium-browser: Inappropriate implementation in WebRTC
1857337 - CVE-2020-6530 chromium-browser: Out of bounds memory access in developer tools
1857338 - CVE-2020-6531 chromium-browser: Side-channel information leakage in scroll to text
1857339 - CVE-2020-6533 chromium-browser: Type Confusion in V8
1857340 - CVE-2020-6534 chromium-browser: Heap buffer overflow in WebRTC
1857341 - CVE-2020-6535 chromium-browser: Insufficient data validation in WebUI
1857342 - CVE-2020-6536 chromium-browser: Incorrect security UI in PWAs
1857349 - CVE-2020-6514 chromium-browser: Inappropriate implementation in WebRTC
1857351 - CVE-2020-6517 chromium-browser: Heap buffer overflow in history
1857352 - CVE-2020-6522 chromium-browser: Inappropriate implementation in external protocol handlers
1857400 - CVE-2020-6510 chromium-browser: Heap buffer overflow in background fetch
1861464 - CVE-2020-6537 chromium-browser: Type Confusion in V8
1861465 - CVE-2020-6538 chromium-browser: Inappropriate implementation in WebView
1861466 - CVE-2020-6532 chromium-browser: Use after free in SCTP
1861467 - CVE-2020-6539 chromium-browser: Use after free in CSS
1861468 - CVE-2020-6540 chromium-browser: Heap buffer overflow in Skia
1861469 - CVE-2020-6541 chromium-browser: Use after free in WebUSB

6. Package List:

Red Hat Enterprise Linux Desktop Supplementary (v. 6):

i386:
chromium-browser-84.0.4147.105-2.el6_10.i686.rpm
chromium-browser-debuginfo-84.0.4147.105-2.el6_10.i686.rpm

i686:
chromium-browser-84.0.4147.105-2.el6_10.i686.rpm
chromium-browser-debuginfo-84.0.4147.105-2.el6_10.i686.rpm

x86_64:
chromium-browser-84.0.4147.105-2.el6_10.x86_64.rpm
chromium-browser-debuginfo-84.0.4147.105-2.el6_10.x86_64.rpm

Red Hat Enterprise Linux HPC Node Supplementary (v. 6):

i686:
chromium-browser-84.0.4147.105-2.el6_10.i686.rpm
chromium-browser-debuginfo-84.0.4147.105-2.el6_10.i686.rpm

x86_64:
chromium-browser-84.0.4147.105-2.el6_10.x86_64.rpm
chromium-browser-debuginfo-84.0.4147.105-2.el6_10.x86_64.rpm

Red Hat Enterprise Linux Server Supplementary (v. 6):

i386:
chromium-browser-84.0.4147.105-2.el6_10.i686.rpm
chromium-browser-debuginfo-84.0.4147.105-2.el6_10.i686.rpm

i686:
chromium-browser-84.0.4147.105-2.el6_10.i686.rpm
chromium-browser-debuginfo-84.0.4147.105-2.el6_10.i686.rpm

x86_64:
chromium-browser-84.0.4147.105-2.el6_10.x86_64.rpm
chromium-browser-debuginfo-84.0.4147.105-2.el6_10.x86_64.rpm

Red Hat Enterprise Linux Workstation Supplementary (v. 6):

i386:
chromium-browser-84.0.4147.105-2.el6_10.i686.rpm
chromium-browser-debuginfo-84.0.4147.105-2.el6_10.i686.rpm

i686:
chromium-browser-84.0.4147.105-2.el6_10.i686.rpm
chromium-browser-debuginfo-84.0.4147.105-2.el6_10.i686.rpm

x86_64:
chromium-browser-84.0.4147.105-2.el6_10.x86_64.rpm
chromium-browser-debuginfo-84.0.4147.105-2.el6_10.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-6510
https://access.redhat.com/security/cve/CVE-2020-6511
https://access.redhat.com/security/cve/CVE-2020-6512
https://access.redhat.com/security/cve/CVE-2020-6513
https://access.redhat.com/security/cve/CVE-2020-6514
https://access.redhat.com/security/cve/CVE-2020-6515
https://access.redhat.com/security/cve/CVE-2020-6516
https://access.redhat.com/security/cve/CVE-2020-6517
https://access.redhat.com/security/cve/CVE-2020-6518
https://access.redhat.com/security/cve/CVE-2020-6519
https://access.redhat.com/security/cve/CVE-2020-6520
https://access.redhat.com/security/cve/CVE-2020-6521
https://access.redhat.com/security/cve/CVE-2020-6522
https://access.redhat.com/security/cve/CVE-2020-6523
https://access.redhat.com/security/cve/CVE-2020-6524
https://access.redhat.com/security/cve/CVE-2020-6525
https://access.redhat.com/security/cve/CVE-2020-6526
https://access.redhat.com/security/cve/CVE-2020-6527
https://access.redhat.com/security/cve/CVE-2020-6528
https://access.redhat.com/security/cve/CVE-2020-6529
https://access.redhat.com/security/cve/CVE-2020-6530
https://access.redhat.com/security/cve/CVE-2020-6531
https://access.redhat.com/security/cve/CVE-2020-6532
https://access.redhat.com/security/cve/CVE-2020-6533
https://access.redhat.com/security/cve/CVE-2020-6534
https://access.redhat.com/security/cve/CVE-2020-6535
https://access.redhat.com/security/cve/CVE-2020-6536
https://access.redhat.com/security/cve/CVE-2020-6537
https://access.redhat.com/security/cve/CVE-2020-6538
https://access.redhat.com/security/cve/CVE-2020-6539
https://access.redhat.com/security/cve/CVE-2020-6540
https://access.redhat.com/security/cve/CVE-2020-6541
https://access.redhat.com/security/updates/classification/#critical

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.

GNOME Online Accounts 3.34.2 released

ELBA-2020-3353 Oracle Linux 7 fence-agents bug fix and enhancement update

RHSA-2020:3377-01: Critical: chromium-browser security update

RHSA-2020:3377-01: Critical: chromium-browser security update

Windows

Linux

macOS

Community