From: [email protected]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------- Debian Security Advisory DSA-4562-1 [email protected] https://www.debian.org/security/ Michael Gilbert November 10, 2019 https://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package : chromium
CVE ID : CVE-2019-5869 CVE-2019-5870 CVE-2019-5871 CVE-2019-5872
CVE-2019-5874 CVE-2019-5875 CVE-2019-5876 CVE-2019-5877
CVE-2019-5878 CVE-2019-5879 CVE-2019-5880 CVE-2019-13659
CVE-2019-13660 CVE-2019-13661 CVE-2019-13662 CVE-2019-13663
CVE-2019-13664 CVE-2019-13665 CVE-2019-13666 CVE-2019-13667
CVE-2019-13668 CVE-2019-13669 CVE-2019-13670 CVE-2019-13671
CVE-2019-13673 CVE-2019-13674 CVE-2019-13675 CVE-2019-13676
CVE-2019-13677 CVE-2019-13678 CVE-2019-13679 CVE-2019-13680
CVE-2019-13681 CVE-2019-13682 CVE-2019-13683 CVE-2019-13685
CVE-2019-13686 CVE-2019-13687 CVE-2019-13688 CVE-2019-13691
CVE-2019-13692 CVE-2019-13693 CVE-2019-13694 CVE-2019-13695
CVE-2019-13696 CVE-2019-13697 CVE-2019-13699 CVE-2019-13700
CVE-2019-13701 CVE-2019-13702 CVE-2019-13703 CVE-2019-13704
CVE-2019-13705 CVE-2019-13706 CVE-2019-13707 CVE-2019-13708
CVE-2019-13709 CVE-2019-13710 CVE-2019-13711 CVE-2019-13713
CVE-2019-13714 CVE-2019-13715 CVE-2019-13716 CVE-2019-13717
CVE-2019-13718 CVE-2019-13719 CVE-2019-13720 CVE-2019-13721

Several vulnerabilities have been discovered in the chromium web browser.

CVE-2019-5869

Zhe Jin discovered a use-after-free issue.

CVE-2019-5870

Guang Gong discovered a use-after-free issue.

CVE-2019-5871

A buffer overflow issue was discovered in the skia library.

CVE-2019-5872

Zhe Jin discovered a use-after-free issue.

CVE-2019-5874

James Lee discovered an issue with external Uniform Resource Identifiers.

CVE-2019-5875

Khalil Zhani discovered a URL spoofing issue.

CVE-2019-5876

Man Yue Mo discovered a use-after-free issue.

CVE-2019-5877

Guang Gong discovered an out-of-bounds read issue.

CVE-2019-5878

Guang Gong discovered an use-after-free issue in the v8 javascript
library.

CVE-2019-5879

Jinseo Kim discover that extensions could read files on the local
system.

CVE-2019-5880

Jun Kokatsu discovered a way to bypass the SameSite cookie feature.

CVE-2019-13659

Lnyas Zhang discovered a URL spoofing issue.

CVE-2019-13660

Wenxu Wu discovered a user interface error in full screen mode.

CVE-2019-13661

Wenxu Wu discovered a user interface spoofing issue in full screen mode.

CVE-2019-13662

David Erceg discovered a way to bypass the Content Security Policy.

CVE-2019-13663

Lnyas Zhang discovered a way to spoof Internationalized Domain Names.

CVE-2019-13664

Thomas Shadwell discovered a way to bypass the SameSite cookie feature.

CVE-2019-13665

Jun Kokatsu discovered a way to bypass the multiple file download
protection feature.

CVE-2019-13666

Tom Van Goethem discovered an information leak.

CVE-2019-13667

Khalil Zhani discovered a URL spoofing issue.

CVE-2019-13668

David Erceg discovered an information leak.

CVE-2019-13669

Khalil Zhani discovered an authentication spoofing issue.

CVE-2019-13670

Guang Gong discovered a memory corruption issue in the v8 javascript
library.

CVE-2019-13671

xisigr discovered a user interface error.

CVE-2019-13673

David Erceg discovered an information leak.

CVE-2019-13674

Khalil Zhani discovered a way to spoof Internationalized Domain Names.

CVE-2019-13675

Jun Kokatsu discovered a way to disable extensions.

CVE-2019-13676

Wenxu Wu discovered an error in a certificate warning.

CVE-2019-13677

Jun Kokatsu discovered an error in the chrome web store.

CVE-2019-13678

Ronni Skansing discovered a spoofing issue in the download dialog window.

CVE-2019-13679

Conrad Irwin discovered that user activation was not required for
printing.

CVE-2019-13680

Thijs Alkamade discovered an IP address spoofing issue.

CVE-2019-13681

David Erceg discovered a way to bypass download restrictions.

CVE-2019-13682

Jun Kokatsu discovered a way to bypass the site isolation feature.

CVE-2019-13683

David Erceg discovered an information leak.

CVE-2019-13685

Khalil Zhani discovered a use-after-free issue.

CVE-2019-13686

Brendon discovered a use-after-free issue.

CVE-2019-13687

Man Yue Mo discovered a use-after-free issue.

CVE-2019-13688

Man Yue Mo discovered a use-after-free issue.

CVE-2019-13691

David Erceg discovered a user interface spoofing issue.

CVE-2019-13692

Jun Kokatsu discovered a way to bypass the Same Origin Policy.

CVE-2019-13693

Guang Gong discovered a use-after-free issue.

CVE-2019-13694

banananapenguin discovered a use-after-free issue.

CVE-2019-13695

Man Yue Mo discovered a use-after-free issue.

CVE-2019-13696

Guang Gong discovered a use-after-free issue in the v8 javascript library.

CVE-2019-13697

Luan Herrera discovered an information leak.

CVE-2019-13699

Man Yue Mo discovered a use-after-free issue.

CVE-2019-13700

Man Yue Mo discovered a buffer overflow issue.

CVE-2019-13701

David Erceg discovered a URL spoofing issue.

CVE-2019-13702

Phillip Langlois and Edward Torkington discovered a privilege escalation
issue in the installer.

CVE-2019-13703

Khalil Zhani discovered a URL spoofing issue.

CVE-2019-13704

Jun Kokatsu discovered a way to bypass the Content Security Policy.

CVE-2019-13705


[continued in next message]

--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)