Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2018.2203 Important: chromium-browser security update 31 July 2018 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: chromium-browser Publisher: Red Hat Operating System: Red Hat Enterprise Linux Server 6 Red Hat Enterprise Linux WS/Desktop 6 Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Increased Privileges -- Remote with User Interaction Denial of Service -- Remote with User Interaction Provide Misleading Information -- Unknown/Unspecified Access Confidential Data -- Remote with User Interaction Reduced Security -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2018-6179 CVE-2018-6178 CVE-2018-6177 CVE-2018-6176 CVE-2018-6175 CVE-2018-6174 CVE-2018-6173 CVE-2018-6172 CVE-2018-6171 CVE-2018-6170 CVE-2018-6169 CVE-2018-6168 CVE-2018-6167 CVE-2018-6166 CVE-2018-6165 CVE-2018-6164 CVE-2018-6163 CVE-2018-6162 CVE-2018-6161 CVE-2018-6159 CVE-2018-6158 CVE-2018-6157 CVE-2018-6156 CVE-2018-6155 CVE-2018-6154 CVE-2018-6153 CVE-2018-6152 CVE-2018-6151 CVE-2018-6150 CVE-2018-6044 CVE-2018-4117 Reference: ASB-2018.0185 ESB-2018.2190 ESB-2018.1327 ESB-2018.0970 ESB-2018.0969 ESB-2018.0968 Original Bulletin: https://access.redhat.com/errata/RHSA-2018:2282 - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: chromium-browser security update Advisory ID: RHSA-2018:2282-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://access.redhat.com/errata/RHSA-2018:2282 Issue date: 2018-07-30 CVE Names: CVE-2018-4117 CVE-2018-6044 CVE-2018-6150 CVE-2018-6151 CVE-2018-6152 CVE-2018-6153 CVE-2018-6154 CVE-2018-6155 CVE-2018-6156 CVE-2018-6157 CVE-2018-6158 CVE-2018-6159 CVE-2018-6161 CVE-2018-6162 CVE-2018-6163 CVE-2018-6164 CVE-2018-6165 CVE-2018-6166 CVE-2018-6167 CVE-2018-6168 CVE-2018-6169 CVE-2018-6170 CVE-2018-6171 CVE-2018-6172 CVE-2018-6173 CVE-2018-6174 CVE-2018-6175 CVE-2018-6176 CVE-2018-6177 CVE-2018-6178 CVE-2018-6179 ===================================================================== 1. Summary: An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: Chromium is an open-source web browser, powered by WebKit (Blink). This update upgrades Chromium to version 68.0.3440.75. Security Fix(es): * chromium-browser: Stack buffer overflow in Skia (CVE-2018-6153) * chromium-browser: Heap buffer overflow in WebGL (CVE-2018-6154) * chromium-browser: Use after free in WebRTC (CVE-2018-6155) * chromium-browser: Heap buffer overflow in WebRTC (CVE-2018-6156) * chromium-browser: Type confusion in WebRTC (CVE-2018-6157) * chromium-browser: Cross origin information disclosure in Service Workers (CVE-2018-6150) * chromium-browser: Bad cast in DevTools (CVE-2018-6151) * chromium-browser: Local file write in DevTools (CVE-2018-6152) * chromium-browser: Use after free in Blink (CVE-2018-6158) * chromium-browser: Same origin policy bypass in ServiceWorker (CVE-2018-6159) * chromium-browser: Same origin policy bypass in WebAudio (CVE-2018-6161) * chromium-browser: Heap buffer overflow in WebGL (CVE-2018-6162) * chromium-browser: URL spoof in Omnibox (CVE-2018-6163) * chromium-browser: Same origin policy bypass in ServiceWorker (CVE-2018-6164) * chromium-browser: URL spoof in Omnibox (CVE-2018-6165) * chromium-browser: URL spoof in Omnibox (CVE-2018-6166) * chromium-browser: URL spoof in Omnibox (CVE-2018-6167) * chromium-browser: CORS bypass in Blink (CVE-2018-6168) * chromium-browser: Permissions bypass in extension installation (CVE-2018-6169) * chromium-browser: Type confusion in PDFium (CVE-2018-6170) * chromium-browser: Use after free in WebBluetooth (CVE-2018-6171) * chromium-browser: URL spoof in Omnibox (CVE-2018-6172) * chromium-browser: URL spoof in Omnibox (CVE-2018-6173) * chromium-browser: Integer overflow in SwiftShader (CVE-2018-6174) * chromium-browser: URL spoof in Omnibox (CVE-2018-6175) * chromium-browser: Local user privilege escalation in Extensions (CVE-2018-6176) * chromium-browser: Cross origin information leak in Blink (CVE-2018-4117) * chromium-browser: Request privilege escalation in Extensions (CVE-2018-6044) * chromium-browser: Cross origin information leak in Blink (CVE-2018-6177) * chromium-browser: UI spoof in Extensions (CVE-2018-6178) * chromium-browser: Local file information leak in Extensions (CVE-2018-6179) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the update, Chromium must be restarted for the changes to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1608177 - CVE-2018-6153 chromium-browser: Stack buffer overflow in Skia 1608178 - CVE-2018-6154 chromium-browser: Heap buffer overflow in WebGL 1608179 - CVE-2018-6155 chromium-browser: Use after free in WebRTC 1608180 - CVE-2018-6156 chromium-browser: Heap buffer overflow in WebRTC 1608181 - CVE-2018-6157 chromium-browser: Type confusion in WebRTC 1608182 - CVE-2018-6158 chromium-browser: Use after free in Blink 1608183 - CVE-2018-6159 chromium-browser: Same origin policy bypass in ServiceWorker 1608185 - CVE-2018-6161 chromium-browser: Same origin policy bypass in WebAudio 1608186 - CVE-2018-6162 chromium-browser: Heap buffer overflow in WebGL 1608187 - CVE-2018-6163 chromium-browser: URL spoof in Omnibox 1608188 - CVE-2018-6164 chromium-browser: Same origin policy bypass in ServiceWorker 1608189 - CVE-2018-6165 chromium-browser: URL spoof in Omnibox 1608190 - CVE-2018-6166 chromium-browser: URL spoof in Omnibox 1608191 - CVE-2018-6167 chromium-browser: URL spoof in Omnibox 1608192 - CVE-2018-6168 chromium-browser: CORS bypass in Blink 1608193 - CVE-2018-6169 chromium-browser: Permissions bypass in extension installation 1608194 - CVE-2018-6170 chromium-browser: Type confusion in PDFium 1608195 - CVE-2018-6171 chromium-browser: Use after free in WebBluetooth 1608196 - CVE-2018-6172 chromium-browser: URL spoof in Omnibox 1608197 - CVE-2018-6173 chromium-browser: URL spoof in Omnibox 1608198 - CVE-2018-6174 chromium-browser: Integer overflow in SwiftShader 1608199 - CVE-2018-6175 chromium-browser: URL spoof in Omnibox 1608200 - CVE-2018-6176 chromium-browser: Local user privilege escalation in Extensions 1608201 - CVE-2018-6177 chromium-browser: Cross origin information leak in Blink 1608202 - CVE-2018-6178 chromium-browser: UI spoof in Extensions 1608203 - CVE-2018-6179 chromium-browser: Local file information leak in Extensions 1608204 - CVE-2018-6044 chromium-browser: Request privilege escalation in Extensions 1608205 - CVE-2018-4117 chromium-browser: Cross origin information leak in Blink 1608206 - CVE-2018-6150 chromium-browser: Cross origin information disclosure in Service Workers 1608207 - CVE-2018-6151 chromium-browser: Bad cast in DevTools 1608208 - CVE-2018-6152 chromium-browser: Local file write in DevTools 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: chromium-browser-68.0.3440.75-1.el6_10.i686.rpm chromium-browser-debuginfo-68.0.3440.75-1.el6_10.i686.rpm x86_64: chromium-browser-68.0.3440.75-1.el6_10.x86_64.rpm chromium-browser-debuginfo-68.0.3440.75-1.el6_10.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: chromium-browser-68.0.3440.75-1.el6_10.i686.rpm chromium-browser-debuginfo-68.0.3440.75-1.el6_10.i686.rpm x86_64: chromium-browser-68.0.3440.75-1.el6_10.x86_64.rpm chromium-browser-debuginfo-68.0.3440.75-1.el6_10.x86_64.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: chromium-browser-68.0.3440.75-1.el6_10.i686.rpm chromium-browser-debuginfo-68.0.3440.75-1.el6_10.i686.rpm x86_64: chromium-browser-68.0.3440.75-1.el6_10.x86_64.rpm chromium-browser-debuginfo-68.0.3440.75-1.el6_10.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2018-4117 https://access.redhat.com/security/cve/CVE-2018-6044 https://access.redhat.com/security/cve/CVE-2018-6150 https://access.redhat.com/security/cve/CVE-2018-6151 https://access.redhat.com/security/cve/CVE-2018-6152 https://access.redhat.com/security/cve/CVE-2018-6153 https://access.redhat.com/security/cve/CVE-2018-6154 https://access.redhat.com/security/cve/CVE-2018-6155 https://access.redhat.com/security/cve/CVE-2018-6156 https://access.redhat.com/security/cve/CVE-2018-6157 https://access.redhat.com/security/cve/CVE-2018-6158 https://access.redhat.com/security/cve/CVE-2018-6159 https://access.redhat.com/security/cve/CVE-2018-6161 https://access.redhat.com/security/cve/CVE-2018-6162 https://access.redhat.com/security/cve/CVE-2018-6163 https://access.redhat.com/security/cve/CVE-2018-6164 https://access.redhat.com/security/cve/CVE-2018-6165 https://access.redhat.com/security/cve/CVE-2018-6166 https://access.redhat.com/security/cve/CVE-2018-6167 https://access.redhat.com/security/cve/CVE-2018-6168 https://access.redhat.com/security/cve/CVE-2018-6169 https://access.redhat.com/security/cve/CVE-2018-6170 https://access.redhat.com/security/cve/CVE-2018-6171 https://access.redhat.com/security/cve/CVE-2018-6172 https://access.redhat.com/security/cve/CVE-2018-6173 https://access.redhat.com/security/cve/CVE-2018-6174 https://access.redhat.com/security/cve/CVE-2018-6175 https://access.redhat.com/security/cve/CVE-2018-6176 https://access.redhat.com/security/cve/CVE-2018-6177 https://access.redhat.com/security/cve/CVE-2018-6178 https://access.redhat.com/security/cve/CVE-2018-6179 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2018 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBW18qZtzjgjWX9erEAQhZ2w/+O2aOCGCk2DIKqwT/ErfmvasFiNz7u8I1 +yPMYTQ1NFrs8cjt/ym7PH50aFOMS/YO3n/YL5ROLzoDW/PqXvJdxvi9opWG958V ftc20yBBa4EdJExqkKQYefxg9qD4emt6jkVBzSd/xZ3XcF50oKBG0m1aEPmCzM/G +o3ohQPiKgAMXJMtqTvSXxy1dV0LuoFOWYS6FPrO2F2MzY0Vd8/GXP1bnxqqqYxT ohA0f2yoPWVGzQQBRGCeHvTjv6Mt0PdGejKAoUxptgXenOQ9xAyRBuhSBkvBXAAN 3m+pEmWpHdOdEWoiIx07QcaH408ji+gs2oMSybS16PUwe9VsuOOJBOgFSLjxdb3d bzUjIKZHHscjxA1KIVtAx2JdqTLUKlSjSvaaZxa5d/wFq2UticBM8+EotuIOdE5J 6BVLVX+0GUCizPNbgC2f4i2G3xd60uiym9KP70Z7X+W7vMl9qXcab+GOJCAufwY8 +dfchywwsT19FdQLBJEjKPm7b33FNdr0oLvg6D5RK4pdJMYiEXoCt6ElLBBQzSEA 3vXsagWAaeDEBsLeDNapkLh1BHUx86iMVLGUtiwFgbtAXg7Jbz82AHZmtwT1bf6I KR7aOFFs2zKjRSuQDQZlOPNQVCt04+NbMZYEw6cHIT/+wX7ZrXaNZp+4tTo9gnOf R1+VLpZrH1Q= =jHL1 - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBW1+pdGaOgq3Tt24GAQgGmA/9E15XlWfV4f+tYG0ZdQUTejvrK11KyzNy MtdyMndcKX9JFTm6GL7+CtZs9GNakfkBVkVHw+jc+HMqi29YOWno80nfVFdOLFXs W2zWOpcyga7IWNNIiBH9iXRXTLeLCzC6cPtqK1yjshdw9prJk5cx4Vhe25Eotg57 CgXlLghhRI7wYT/YBpsZpS67imyXGJo3Y/9p1nH92hbkiIb7LHck7SKlftKzBH+W V41+lyvPtnHxdX7XSZycPJIa93pb9N4Yt865YnNBp452AJSABngSI1e2+mBcnZAd 2kdTePi5rMyWu9wpmd92es0zbmxRPMfVeQnpXfkYSvPFGOWsRooC1nXEHnszFm4P fD3CLhMXo72nyS4bXpad0MIwkqnW0XA7pK0nfTEYzCOn02GwAdA4JY2p+WnyDwSt TdPfRUKM5Ri5jnw9Oe/LF81JOhtALsMWOdCBpvvnlDCDPfmNHaLy3KzIIrw6pMDE tR7k76ArIJCnr0OLF1C+2jbmIy3ysTBWZBiwN+3W0KP3gU62pf+/hHAYLMHqsfmg 5ato1h4HRjDFXaU/e4KJ/WNYJjCBi9Yi2UX0aAgJ4IBd5dGeVc2u5dfrvFkHZB66 tgjoRoVBawlN7UzX23mjrTeUK7drPbX+ovdGkGq40KNUuPrKRvlD7LXXsGqdpkbY fG6nWUF/AjQ= =TD5H -----END PGP SIGNATURE-----