-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

====================================================================                   Red Hat Security Advisory

Synopsis:          Important: chromium-browser security update
Advisory ID:       RHSA-2018:1815-01
Product:           Red Hat Enterprise Linux Supplementary
Advisory URL:      https://access.redhat.com/errata/RHSA-2018:1815
Issue date:        2018-06-07
CVE Names:         CVE-2018-6123 CVE-2018-6124 CVE-2018-6125 
                   CVE-2018-6126 CVE-2018-6127 CVE-2018-6129 
                   CVE-2018-6130 CVE-2018-6131 CVE-2018-6132 
                   CVE-2018-6133 CVE-2018-6134 CVE-2018-6135 
                   CVE-2018-6136 CVE-2018-6137 CVE-2018-6138 
                   CVE-2018-6139 CVE-2018-6140 CVE-2018-6141 
                   CVE-2018-6142 CVE-2018-6143 CVE-2018-6144 
                   CVE-2018-6145 CVE-2018-6147 
====================================================================
1. Summary:

An update for chromium-browser is now available for Red Hat Enterprise
Linux 6 Supplementary.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64

3. Description:

Chromium is an open-source web browser, powered by WebKit (Blink).

This update upgrades Chromium to version 67.0.3396.62.

Security Fix(es):

* chromium-browser: Use after free in Blink (CVE-2018-6123)

* chromium-browser: Type confusion in Blink (CVE-2018-6124)

* chromium-browser: Overly permissive policy in WebUSB (CVE-2018-6125)

* chromium-browser: Heap buffer overflow in Skia (CVE-2018-6126)

* chromium-browser: Use after free in indexedDB (CVE-2018-6127)

* chromium-browser: Out of bounds memory access in WebRTC (CVE-2018-6129)

* chromium-browser: Out of bounds memory access in WebRTC (CVE-2018-6130)

* chromium-browser: Incorrect mutability protection in WebAssembly
(CVE-2018-6131)

* chromium-browser: Use of uninitialized memory in WebRTC (CVE-2018-6132)

* chromium-browser: URL spoof in Omnibox (CVE-2018-6133)

* chromium-browser: Referrer Policy bypass in Blink (CVE-2018-6134)

* chromium-browser: UI spoofing in Blink (CVE-2018-6135)

* chromium-browser: Out of bounds memory access in V8 (CVE-2018-6136)

* chromium-browser: Leak of visited status of page in Blink (CVE-2018-6137)

* chromium-browser: Overly permissive policy in Extensions (CVE-2018-6138)

* chromium-browser: Restrictions bypass in the debugger extension API
(CVE-2018-6139)

* chromium-browser: Restrictions bypass in the debugger extension API
(CVE-2018-6140)

* chromium-browser: Heap buffer overflow in Skia (CVE-2018-6141)

* chromium-browser: Out of bounds memory access in V8 (CVE-2018-6142)

* chromium-browser: Out of bounds memory access in V8 (CVE-2018-6143)

* chromium-browser: Out of bounds memory access in PDFium (CVE-2018-6144)

* chromium-browser: Incorrect escaping of MathML in Blink (CVE-2018-6145)

* chromium-browser: Password fields not taking advantage of OS protections
in Views (CVE-2018-6147)

For more details about the security issue(s), including the impact, a CVSS
score, and other related information, refer to the CVE page(s) listed in
the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the update, Chromium must be restarted for the changes to
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1584032 - CVE-2018-6123 chromium-browser: Use after free in Blink
1584033 - CVE-2018-6124 chromium-browser: Type confusion in Blink
1584034 - CVE-2018-6125 chromium-browser: Overly permissive policy in WebUSB
1584035 - CVE-2018-6126 chromium-browser: Heap buffer overflow in Skia
1584037 - CVE-2018-6127 chromium-browser: Use after free in indexedDB
1584039 - CVE-2018-6129 chromium-browser: Out of bounds memory access in WebRTC
1584040 - CVE-2018-6130 chromium-browser: Out of bounds memory access in WebRTC
1584042 - CVE-2018-6131 chromium-browser: Incorrect mutability protection in WebAssembly
1584043 - CVE-2018-6132 chromium-browser: Use of uninitialized memory in WebRTC
1584044 - CVE-2018-6133 chromium-browser: URL spoof in Omnibox
1584045 - CVE-2018-6134 chromium-browser: Referrer Policy bypass in Blink
1584046 - CVE-2018-6135 chromium-browser: UI spoofing in Blink
1584047 - CVE-2018-6136 chromium-browser: Out of bounds memory access in V8
1584048 - CVE-2018-6137 chromium-browser: Leak of visited status of page in Blink
1584049 - CVE-2018-6138 chromium-browser: Overly permissive policy in Extensions
1584050 - CVE-2018-6139 chromium-browser: Restrictions bypass in the debugger extension API
1584051 - CVE-2018-6140 chromium-browser: Restrictions bypass in the debugger extension API
1584052 - CVE-2018-6141 chromium-browser: Heap buffer overflow in Skia
1584054 - CVE-2018-6142 chromium-browser: Out of bounds memory access in V8
1584055 - CVE-2018-6143 chromium-browser: Out of bounds memory access in V8
1584056 - CVE-2018-6144 chromium-browser: Out of bounds memory access in PDFium
1584057 - CVE-2018-6145 chromium-browser: Incorrect escaping of MathML in Blink
1584058 - CVE-2018-6147 chromium-browser: Password fields not taking advantage of OS protections in Views

6. Package List:

Red Hat Enterprise Linux Desktop Supplementary (v. 6):

i386:
chromium-browser-67.0.3396.62-2.el6_9.i686.rpm
chromium-browser-debuginfo-67.0.3396.62-2.el6_9.i686.rpm

x86_64:
chromium-browser-67.0.3396.62-2.el6_9.x86_64.rpm
chromium-browser-debuginfo-67.0.3396.62-2.el6_9.x86_64.rpm

Red Hat Enterprise Linux Server Supplementary (v. 6):

i386:
chromium-browser-67.0.3396.62-2.el6_9.i686.rpm
chromium-browser-debuginfo-67.0.3396.62-2.el6_9.i686.rpm

x86_64:
chromium-browser-67.0.3396.62-2.el6_9.x86_64.rpm
chromium-browser-debuginfo-67.0.3396.62-2.el6_9.x86_64.rpm

Red Hat Enterprise Linux Workstation Supplementary (v. 6):

i386:
chromium-browser-67.0.3396.62-2.el6_9.i686.rpm
chromium-browser-debuginfo-67.0.3396.62-2.el6_9.i686.rpm

x86_64:
chromium-browser-67.0.3396.62-2.el6_9.x86_64.rpm
chromium-browser-debuginfo-67.0.3396.62-2.el6_9.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2018-6123
https://access.redhat.com/security/cve/CVE-2018-6124
https://access.redhat.com/security/cve/CVE-2018-6125
https://access.redhat.com/security/cve/CVE-2018-6126
https://access.redhat.com/security/cve/CVE-2018-6127
https://access.redhat.com/security/cve/CVE-2018-6129
https://access.redhat.com/security/cve/CVE-2018-6130
https://access.redhat.com/security/cve/CVE-2018-6131
https://access.redhat.com/security/cve/CVE-2018-6132
https://access.redhat.com/security/cve/CVE-2018-6133
https://access.redhat.com/security/cve/CVE-2018-6134
https://access.redhat.com/security/cve/CVE-2018-6135
https://access.redhat.com/security/cve/CVE-2018-6136
https://access.redhat.com/security/cve/CVE-2018-6137
https://access.redhat.com/security/cve/CVE-2018-6138
https://access.redhat.com/security/cve/CVE-2018-6139
https://access.redhat.com/security/cve/CVE-2018-6140
https://access.redhat.com/security/cve/CVE-2018-6141
https://access.redhat.com/security/cve/CVE-2018-6142
https://access.redhat.com/security/cve/CVE-2018-6143
https://access.redhat.com/security/cve/CVE-2018-6144
https://access.redhat.com/security/cve/CVE-2018-6145
https://access.redhat.com/security/cve/CVE-2018-6147
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2018 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBWxmXtNzjgjWX9erEAQh6hg/+JzUb3/GvJKHR72pzvjPUufy6SvIyZAxs
yq71yIKqEnlPuDhEunrsl4kQGmQ7QkqHJPvOxvW3aX1/pRg7t4/bqZa2LElUolAJ
QvG/E0SS3irTIHc4gxVEwEMgdgfgbv/KtUZsWfi+1i62mJaAJ7Z4kavzrCDrAna5
JEAqfzA+OXPmCD+8FMO8x17ZEfgYXF2DCXTFOXO6WmwhlOMYTtMCw1Mr24kEtAmr
YTIG2y7jwYHHOiqqUHPQKxpRQO9+OMtwMs5N7WeKhP7RHuIV1xtRv5te3sRZnPtZ
aSEvWirzimnIqJSiWB0tM9PNPjs954R7j8IdILxV5SVdfzohzfQDab4VLoCoCsZ8
CyvjeWP+/JvSbPHFfSU4GrF35QMWXosOJsvjEmK+W8msKxdqgkPV4WrHzncqiYrv
3HHfVumR2lpAy/17LG8k5dzG17luNm6q3dJrXECQ3pDAvLUY7DlM8eYqXVBfQcr1
qg3O2fkE8zuzZ7oApVbBKiUeB7Ss0ZNqq6ojSKxr9tlx9dlXxLEHeJgLTbEnPyLG
Xij7MNBtQ04HsbZFgw3rkqMzoAgocHePTi0zlTpkoNJfmCcD7W7bTpmfmDc7Uymu
JJ0wQ3OZn/YYyxfqLch+J9LaVQG8z9cTP6m4bkg+DtdN4YwliOeyo1IBTOzr9nGr
Q3JaSbxNHho=iHek
-----END PGP SIGNATURE-----

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

RedHat: RHSA-2018-1815:01 Important: chromium-browser security update

An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary

Summary

Chromium is an open-source web browser, powered by WebKit (Blink).
This update upgrades Chromium to version 67.0.3396.62.
Security Fix(es):
* chromium-browser: Use after free in Blink (CVE-2018-6123)
* chromium-browser: Type confusion in Blink (CVE-2018-6124)
* chromium-browser: Overly permissive policy in WebUSB (CVE-2018-6125)
* chromium-browser: Heap buffer overflow in Skia (CVE-2018-6126)
* chromium-browser: Use after free in indexedDB (CVE-2018-6127)
* chromium-browser: Out of bounds memory access in WebRTC (CVE-2018-6129)
* chromium-browser: Out of bounds memory access in WebRTC (CVE-2018-6130)
* chromium-browser: Incorrect mutability protection in WebAssembly (CVE-2018-6131)
* chromium-browser: Use of uninitialized memory in WebRTC (CVE-2018-6132)
* chromium-browser: URL spoof in Omnibox (CVE-2018-6133)
* chromium-browser: Referrer Policy bypass in Blink (CVE-2018-6134)
* chromium-browser: UI spoofing in Blink (CVE-2018-6135)
* chromium-browser: Out of bounds memory access in V8 (CVE-2018-6136)
* chromium-browser: Leak of visited status of page in Blink (CVE-2018-6137)
* chromium-browser: Overly permissive policy in Extensions (CVE-2018-6138)
* chromium-browser: Restrictions bypass in the debugger extension API (CVE-2018-6139)
* chromium-browser: Restrictions bypass in the debugger extension API (CVE-2018-6140)
* chromium-browser: Heap buffer overflow in Skia (CVE-2018-6141)
* chromium-browser: Out of bounds memory access in V8 (CVE-2018-6142)
* chromium-browser: Out of bounds memory access in V8 (CVE-2018-6143)
* chromium-browser: Out of bounds memory access in PDFium (CVE-2018-6144)
* chromium-browser: Incorrect escaping of MathML in Blink (CVE-2018-6145)
* chromium-browser: Password fields not taking advantage of OS protections in Views (CVE-2018-6147)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.



Summary


Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, Chromium must be restarted for the changes to take effect.

References

https://access.redhat.com/security/cve/CVE-2018-6123 https://access.redhat.com/security/cve/CVE-2018-6124 https://access.redhat.com/security/cve/CVE-2018-6125 https://access.redhat.com/security/cve/CVE-2018-6126 https://access.redhat.com/security/cve/CVE-2018-6127 https://access.redhat.com/security/cve/CVE-2018-6129 https://access.redhat.com/security/cve/CVE-2018-6130 https://access.redhat.com/security/cve/CVE-2018-6131 https://access.redhat.com/security/cve/CVE-2018-6132 https://access.redhat.com/security/cve/CVE-2018-6133 https://access.redhat.com/security/cve/CVE-2018-6134 https://access.redhat.com/security/cve/CVE-2018-6135 https://access.redhat.com/security/cve/CVE-2018-6136 https://access.redhat.com/security/cve/CVE-2018-6137 https://access.redhat.com/security/cve/CVE-2018-6138 https://access.redhat.com/security/cve/CVE-2018-6139 https://access.redhat.com/security/cve/CVE-2018-6140 https://access.redhat.com/security/cve/CVE-2018-6141 https://access.redhat.com/security/cve/CVE-2018-6142 https://access.redhat.com/security/cve/CVE-2018-6143 https://access.redhat.com/security/cve/CVE-2018-6144 https://access.redhat.com/security/cve/CVE-2018-6145 https://access.redhat.com/security/cve/CVE-2018-6147 https://access.redhat.com/security/updates/classification/#important

Package List

Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: chromium-browser-67.0.3396.62-2.el6_9.i686.rpm chromium-browser-debuginfo-67.0.3396.62-2.el6_9.i686.rpm
x86_64: chromium-browser-67.0.3396.62-2.el6_9.x86_64.rpm chromium-browser-debuginfo-67.0.3396.62-2.el6_9.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: chromium-browser-67.0.3396.62-2.el6_9.i686.rpm chromium-browser-debuginfo-67.0.3396.62-2.el6_9.i686.rpm
x86_64: chromium-browser-67.0.3396.62-2.el6_9.x86_64.rpm chromium-browser-debuginfo-67.0.3396.62-2.el6_9.x86_64.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: chromium-browser-67.0.3396.62-2.el6_9.i686.rpm chromium-browser-debuginfo-67.0.3396.62-2.el6_9.i686.rpm
x86_64: chromium-browser-67.0.3396.62-2.el6_9.x86_64.rpm chromium-browser-debuginfo-67.0.3396.62-2.el6_9.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/


Severity
Advisory ID: RHSA-2018:1815-01
Product: Red Hat Enterprise Linux Supplementary
Advisory URL: https://access.redhat.com/errata/RHSA-2018:1815
Issued Date: : 2018-06-07
CVE Names: CVE-2018-6123 CVE-2018-6124 CVE-2018-6125 CVE-2018-6126 CVE-2018-6127 CVE-2018-6129 CVE-2018-6130 CVE-2018-6131 CVE-2018-6132 CVE-2018-6133 CVE-2018-6134 CVE-2018-6135 CVE-2018-6136 CVE-2018-6137 CVE-2018-6138 CVE-2018-6139 CVE-2018-6140 CVE-2018-6141 CVE-2018-6142 CVE-2018-6143 CVE-2018-6144 CVE-2018-6145 CVE-2018-6147

Topic

An update for chromium-browser is now available for Red Hat EnterpriseLinux 6 Supplementary.Red Hat Product Security has rated this update as having a security impactof Important. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the CVE link(s) in the References section.


Topic


 

Relevant Releases Architectures

Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64

Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64

Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64


Bugs Fixed

1584032 - CVE-2018-6123 chromium-browser: Use after free in Blink

1584033 - CVE-2018-6124 chromium-browser: Type confusion in Blink

1584034 - CVE-2018-6125 chromium-browser: Overly permissive policy in WebUSB

1584035 - CVE-2018-6126 chromium-browser: Heap buffer overflow in Skia

1584037 - CVE-2018-6127 chromium-browser: Use after free in indexedDB

1584039 - CVE-2018-6129 chromium-browser: Out of bounds memory access in WebRTC

1584040 - CVE-2018-6130 chromium-browser: Out of bounds memory access in WebRTC

1584042 - CVE-2018-6131 chromium-browser: Incorrect mutability protection in WebAssembly

1584043 - CVE-2018-6132 chromium-browser: Use of uninitialized memory in WebRTC

1584044 - CVE-2018-6133 chromium-browser: URL spoof in Omnibox

1584045 - CVE-2018-6134 chromium-browser: Referrer Policy bypass in Blink

1584046 - CVE-2018-6135 chromium-browser: UI spoofing in Blink

1584047 - CVE-2018-6136 chromium-browser: Out of bounds memory access in V8

1584048 - CVE-2018-6137 chromium-browser: Leak of visited status of page in Blink

1584049 - CVE-2018-6138 chromium-browser: Overly permissive policy in Extensions

1584050 - CVE-2018-6139 chromium-browser: Restrictions bypass in the debugger extension API

1584051 - CVE-2018-6140 chromium-browser: Restrictions bypass in the debugger extension API

1584052 - CVE-2018-6141 chromium-browser: Heap buffer overflow in Skia

1584054 - CVE-2018-6142 chromium-browser: Out of bounds memory access in V8

1584055 - CVE-2018-6143 chromium-browser: Out of bounds memory access in V8

1584056 - CVE-2018-6144 chromium-browser: Out of bounds memory access in PDFium

1584057 - CVE-2018-6145 chromium-browser: Incorrect escaping of MathML in Blink

1584058 - CVE-2018-6147 chromium-browser: Password fields not taking advantage of OS protections in Views


Related News

23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved