[3.9] chromium: Multiple vulnerabilities (CVE-2018-16065, CVE-2018-16066, CVE-2018-16067, CVE-2018-16068, CVE…CVE-2018-16088)
CVE-2018-16065: Out of bounds write in V8
CVE-2018-16066:Out of bounds read in Blink.
CVE-2018-16067: Out of bounds read in WebAudio.
CVE-2018-16068: Out of bounds write in Mojo.
CVE-2018-16069:Out of bounds read in SwiftShader.
CVE-2018-16070: Integer overflow in Skia.
CVE-2018-16071: Use after free in WebRTC.
CVE-2018-16073: Site Isolation bypass after tab restore.
CVE-2018-16074: Site Isolation bypass using Blob URLS.
CVE-2018-16075: Local file access in Blink.
CVE-2018-16076: Out of bounds read in PDFium.
CVE-2018-16077: Content security policy bypass in Blink.
CVE-2018-16078: Credit card information leak in Autofill.
CVE-2018-16079: URL spoof in permission dialogs.
CVE-2018-16080: URL spoof in full screen mode.
CVE-2018-16081: Local file access in DevTools
CVE-2018-16082: Stack buffer overflow in SwiftShader.
CVE-2018-16083: Out of bounds read in WebRTC.
CVE-2018-16084: User confirmation bypass in external protocol
handling.
CVE-2018-16085: Use after free in Memory Instrumentation.
CVE-2018-16086: Script injection in New Tab Page.
CVE-2018-16087: Multiple download restriction bypass.
CVE-2018-16088: User gesture requirement bypass.
Fixed In Version:
chromium 69.0.3497.81
Reference:
https://chromereleases.googleblog.com/2018/09/stable-channel-update-for-desktop.html
(from redmine: issue id 9414, created on 2018-09-11, closed on 2019-05-04)
- Relations:
- copied_to #9413
- parent #9413