ASA-201908-6 log original external raw

[ASA-201908-6] chromium: arbitrary code execution
Arch Linux Security Advisory ASA-201908-6 ========================================= Severity: High Date : 2019-08-10 CVE-ID : CVE-2019-5867 CVE-2019-5868 Package : chromium Type : arbitrary code execution Remote : Yes Link : Summary ======= The package chromium before version 76.0.3809.100-1 is vulnerable to arbitrary code execution. Resolution ========== Upgrade to 76.0.3809.100-1. # pacman -Syu "chromium>=76.0.3809.100-1" The problems have been fixed upstream in version 76.0.3809.100. Workaround ========== None. Description =========== - CVE-2019-5867 (arbitrary code execution) An out-of-bounds read has been found in the V8 component of the chromium browser before 76.0.3809.100. - CVE-2019-5868 (arbitrary code execution) A use-after-free issue has been found in PDFium's ExecuteFieldAction, in the chromium browser before 76.0.3809.100. Impact ====== A remote attacker can execute arbitrary code on the affected host. References ==========