Subject: [ASA-201701-33] chromium: multiple issues Arch Linux Security Advisory ASA-201701-33 ========================================== Severity: Critical Date : 2017-01-27 CVE-ID : CVE-2017-5006 CVE-2017-5007 CVE-2017-5008 CVE-2017-5009 CVE-2017-5010 CVE-2017-5011 CVE-2017-5012 CVE-2017-5013 CVE-2017-5014 CVE-2017-5015 CVE-2017-5016 CVE-2017-5017 CVE-2017-5018 CVE-2017-5019 CVE-2017-5020 CVE-2017-5021 CVE-2017-5022 CVE-2017-5023 CVE-2017-5024 CVE-2017-5025 CVE-2017-5026 Package : chromium Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-156 Summary ======= The package chromium before version 56.0.2924.76-1 is vulnerable to multiple issues including arbitrary code execution, arbitrary filesystem access, cross-site scripting, content spoofing, information disclosure, access restriction bypass and denial of service. Resolution ========== Upgrade to 56.0.2924.76-1. # pacman -Syu "chromium>=56.0.2924.76-1" The problems have been fixed upstream in version 56.0.2924.76. Workaround ========== None. Description =========== - CVE-2017-5006 (cross-site scripting) An universal XSS flaw was found in the Blink component of the Chromium browser. - CVE-2017-5007 (cross-site scripting) An universal XSS flaw was found in the Blink component of the Chromium browser. - CVE-2017-5008 (cross-site scripting) An universal XSS flaw was found in the Blink component of the Chromium browser. - CVE-2017-5009 (arbitrary code execution) An out of bounds memory access flaw was found in the WebRTC component of the Chromium browser. - CVE-2017-5010 (cross-site scripting) An universal XSS flaw was found in the Blink component of the Chromium browser. - CVE-2017-5011 (arbitrary filesystem access) An unauthorised file access flaw was found in the Devtools component of the Chromium browser. - CVE-2017-5012 (arbitrary code execution) A heap overflow flaw was found in the V8 component of the Chromium browser. - CVE-2017-5013 (content spoofing) An address spoofing flaw was found in the Omnibox component of the Chromium browser - CVE-2017-5014 (arbitrary code execution) A heap overflow flaw was found in the Skia component of the Chromium browser. - CVE-2017-5015 (content spoofing) An address spoofing flaw was found in the Omnibox component of the Chromium browser. - CVE-2017-5016 (content spoofing) An UI spoofing flaw was found in the Blink component of the Chromium browser. - CVE-2017-5017 (information disclosure) An uninitialised memory access flaw was found in the webm video component of the Chromium browser. - CVE-2017-5018 (cross-site scripting) An universal XSS flaw was found in the chrome://apps component of the Chromium browser. - CVE-2017-5019 (arbitrary code execution) An use after free flaw was found in the Renderer component of the Chromium browser. - CVE-2017-5020 (cross-site scripting) An universal XSS flaw was found in the chrome://downloads component of the Chromium browser. - CVE-2017-5021 (arbitrary code execution) A use-after-free flaw was found in the Extensions component of the Chromium browser. - CVE-2017-5022 (access restriction bypass) A bypass of content security policy flaw was found in the Blink component of the Chromium browser. - CVE-2017-5023 (denial of service) A type confusion flaw was found in the metrics component of the Chromium browser. - CVE-2017-5024 (arbitrary code execution) A heap overflow flaw was found in FFmpeg < 3.2.4. - CVE-2017-5025 (arbitrary code execution) A heap overflow flaw was found in FFmpeg < 3.2.4. - CVE-2017-5026 (content spoofing) A UI spoofing flaw was found in the Chromium browser. Impact ====== A remote attacker can access sensitive information and arbitrary files, bypass security restrictions, spoof content and execute arbitrary code on the affected host. References ========== https://chromereleases.googleblog.com/2017/01/stable-channel-update-for-desktop.html https://bugzilla.redhat.com/show_bug.cgi?id=1416658 https://code.google.com/p/chromium/issues/detail?id=673170 https://code.google.com/p/chromium/issues/detail?id=671102 https://bugzilla.redhat.com/show_bug.cgi?id=1416657 https://bugzilla.redhat.com/show_bug.cgi?id=1416659 https://code.google.com/p/chromium/issues/detail?id=668552 https://bugzilla.redhat.com/show_bug.cgi?id=1416662 https://code.google.com/p/chromium/issues/detail?id=667504 https://bugzilla.redhat.com/show_bug.cgi?id=1416660 https://code.google.com/p/chromium/issues/detail?id=663476 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-5011 https://code.google.com/p/chromium/issues/detail?id=662859 https://bugzilla.redhat.com/show_bug.cgi?id=1416663 https://code.google.com/p/chromium/issues/detail?id=681843 https://code.google.com/p/chromium/issues/detail?id=677716 https://bugzilla.redhat.com/show_bug.cgi?id=1416664 https://bugzilla.redhat.com/show_bug.cgi?id=1416665 https://code.google.com/p/chromium/issues/detail?id=675332 https://bugzilla.redhat.com/show_bug.cgi?id=1416666 https://code.google.com/p/chromium/issues/detail?id=673971 https://bugzilla.redhat.com/show_bug.cgi?id=1416668 https://code.google.com/p/chromium/issues/detail?id=673163 https://bugzilla.redhat.com/show_bug.cgi?id=1416669 https://code.google.com/p/chromium/issues/detail?id=676975 https://bugzilla.redhat.com/show_bug.cgi?id=1416670 https://code.google.com/p/chromium/issues/detail?id=668665 https://bugzilla.redhat.com/show_bug.cgi?id=1416667 https://code.google.com/p/chromium/issues/detail?id=666714 https://bugzilla.redhat.com/show_bug.cgi?id=1416671 https://code.google.com/p/chromium/issues/detail?id=668653 https://bugzilla.redhat.com/show_bug.cgi?id=1416672 https://code.google.com/p/chromium/issues/detail?id=663726 https://bugzilla.redhat.com/show_bug.cgi?id=1416673 https://code.google.com/p/chromium/issues/detail?id=663620 https://bugzilla.redhat.com/show_bug.cgi?id=1416674 https://code.google.com/p/chromium/issues/detail?id=651443 https://bugzilla.redhat.com/show_bug.cgi?id=1416675 https://code.google.com/p/chromium/issues/detail?id=643951 https://code.google.com/p/chromium/issues/detail?id=643950 https://bugzilla.redhat.com/show_bug.cgi?id=1416676 https://code.google.com/p/chromium/issues/detail?id=634108 https://bugzilla.redhat.com/show_bug.cgi?id=1416677 https://security.archlinux.org/CVE-2017-5006 https://security.archlinux.org/CVE-2017-5007 https://security.archlinux.org/CVE-2017-5008 https://security.archlinux.org/CVE-2017-5009 https://security.archlinux.org/CVE-2017-5010 https://security.archlinux.org/CVE-2017-5011 https://security.archlinux.org/CVE-2017-5012 https://security.archlinux.org/CVE-2017-5013 https://security.archlinux.org/CVE-2017-5014 https://security.archlinux.org/CVE-2017-5015 https://security.archlinux.org/CVE-2017-5016 https://security.archlinux.org/CVE-2017-5017 https://security.archlinux.org/CVE-2017-5018 https://security.archlinux.org/CVE-2017-5019 https://security.archlinux.org/CVE-2017-5020 https://security.archlinux.org/CVE-2017-5021 https://security.archlinux.org/CVE-2017-5022 https://security.archlinux.org/CVE-2017-5023 https://security.archlinux.org/CVE-2017-5024 https://security.archlinux.org/CVE-2017-5025 https://security.archlinux.org/CVE-2017-5026