Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
aports
aports
  • Project overview
    • Project overview
    • Details
    • Activity
    • Releases
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 674
    • Issues 674
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Merge Requests 166
    • Merge Requests 166
  • CI / CD
    • CI / CD
    • Pipelines
    • Jobs
    • Schedules
  • Operations
    • Operations
    • Incidents
    • Environments
  • Analytics
    • Analytics
    • CI / CD
    • Repository
    • Value Stream
  • Members
    • Members
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar

Gitlab has been upgraded to v13.9 🎉. Enjoy

  • alpine
  • aportsaports
  • Issues
  • #10596

Closed
Open
Opened Jun 21, 2019 by Alicha CH@alichaReporter

[3.10] chromium: Multiple vulnerabilities (CVE-2019-5824, CVE-2019-5825, CVE…CVE-2019-5838, CVE-2019-5839, CVE-2019-5840)

CVE-2019-5825: Out-of-bounds write in V8
CVE-2019-5826: Use-after-free in IndexedDB
CVE-2019-5827: Out-of-bounds access in SQLite
CVE-2019-5824: Parameter passing error in media player

Fixed In Version:

chromium 74.0.3729.131

Reference:

https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop\_30.html

CVE-2019-5828: Use after free in ServiceWorker.
CVE-2019-5829: Use after free in Download Manager.
CVE-2019-5830: Incorrectly credentialed requests in CORS.
CVE-2019-5831: Incorrect map processing in V8.
CVE-2019-5832: Incorrect CORS handling in XHR.
CVE-2019-5833: Inconsistent security UI placement.
CVE-2019-5835: Out of bounds read in Swiftshader.
CVE-2019-5836: Heap buffer overflow in Angle.
CVE-2019-5837: Cross-origin resources size disclosure in Appcache .
CVE-2019-5838: Overly permissive tab access in Extensions.
CVE-2019-5839: Incorrect handling of certain code points in Blink.
CVE-2019-5840: Popup blocker bypass.

Fixed In Version:

Chromium 75.0.3770.80

Reference:

https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html

(from redmine: issue id 10596, created on 2019-06-21)

  • Relations:
    • parent #10594
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
3.10.3
Milestone
3.10.3 (Past due)
Assign milestone
Time tracking
None
Due date
None
Reference: alpine/aports#10596