-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2020.1353
                     chromium-browser security update
                               17 April 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           chromium-browser
Publisher:         Red Hat
Operating System:  Red Hat Enterprise Linux Server 6
                   Red Hat Enterprise Linux WS/Desktop 6
Impact/Access:     Execute Arbitrary Code/Commands -- Unknown/Unspecified         
                   Denial of Service               -- Unknown/Unspecified         
                   Provide Misleading Information  -- Remote with User Interaction
                   Reduced Security                -- Unknown/Unspecified         
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-6456 CVE-2020-6455 CVE-2020-6454
                   CVE-2020-6448 CVE-2020-6447 CVE-2020-6446
                   CVE-2020-6445 CVE-2020-6444 CVE-2020-6443
                   CVE-2020-6442 CVE-2020-6441 CVE-2020-6440
                   CVE-2020-6439 CVE-2020-6438 CVE-2020-6437
                   CVE-2020-6436 CVE-2020-6435 CVE-2020-6434
                   CVE-2020-6433 CVE-2020-6432 CVE-2020-6431
                   CVE-2020-6430 CVE-2020-6423 

Reference:         ASB-2020.0070

Original Bulletin: 
   https://access.redhat.com/errata/RHSA-2020:1487

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: chromium-browser security update
Advisory ID:       RHSA-2020:1487-01
Product:           Red Hat Enterprise Linux Supplementary
Advisory URL:      https://access.redhat.com/errata/RHSA-2020:1487
Issue date:        2020-04-16
CVE Names:         CVE-2020-6423 CVE-2020-6430 CVE-2020-6431 
                   CVE-2020-6432 CVE-2020-6433 CVE-2020-6434 
                   CVE-2020-6435 CVE-2020-6436 CVE-2020-6437 
                   CVE-2020-6438 CVE-2020-6439 CVE-2020-6440 
                   CVE-2020-6441 CVE-2020-6442 CVE-2020-6443 
                   CVE-2020-6444 CVE-2020-6445 CVE-2020-6446 
                   CVE-2020-6447 CVE-2020-6448 CVE-2020-6454 
                   CVE-2020-6455 CVE-2020-6456 
=====================================================================

1. Summary:

An update for chromium-browser is now available for Red Hat Enterprise
Linux 6 Supplementary.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, i686, x86_64
Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - i686, x86_64
Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, i686, x86_64
Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, i686, x86_64

3. Description:

Chromium is an open-source web browser, powered by WebKit (Blink).

This update upgrades Chromium to version 81.0.4044.92.

Security Fix(es):

* chromium-browser: Use after free in audio (CVE-2020-6423)

* chromium-browser: Use after free in extensions (CVE-2020-6454)

* chromium-browser: Out of bounds read in WebSQL (CVE-2020-6455)

* chromium-browser: Type Confusion in V8 (CVE-2020-6430)

* chromium-browser: Insufficient policy enforcement in full screen
(CVE-2020-6431)

* chromium-browser: Insufficient policy enforcement in navigations
(CVE-2020-6432)

* chromium-browser: Insufficient policy enforcement in extensions
(CVE-2020-6433)

* chromium-browser: Use after free in devtools (CVE-2020-6434)

* chromium-browser: Insufficient policy enforcement in extensions
(CVE-2020-6435)

* chromium-browser: Use after free in window management (CVE-2020-6436)

* chromium-browser: Insufficient validation of untrusted input in clipboard
(CVE-2020-6456)

* chromium-browser: Inappropriate implementation in WebView (CVE-2020-6437)

* chromium-browser: Insufficient policy enforcement in extensions
(CVE-2020-6438)

* chromium-browser: Insufficient policy enforcement in navigations
(CVE-2020-6439)

* chromium-browser: Inappropriate implementation in extensions
(CVE-2020-6440)

* chromium-browser: Insufficient policy enforcement in omnibox
(CVE-2020-6441)

* chromium-browser: Inappropriate implementation in cache (CVE-2020-6442)

* chromium-browser: Insufficient data validation in developer tools
(CVE-2020-6443)

* chromium-browser: Uninitialized use in WebRTC (CVE-2020-6444)

* chromium-browser: Insufficient policy enforcement in trusted types
(CVE-2020-6445)

* chromium-browser: Insufficient policy enforcement in trusted types
(CVE-2020-6446)

* chromium-browser: Inappropriate implementation in developer tools
(CVE-2020-6447)

* chromium-browser: Use after free in V8 (CVE-2020-6448)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the update, Chromium must be restarted for the changes to
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1822604 - CVE-2020-6454 chromium-browser: Use after free in extensions
1822605 - CVE-2020-6423 chromium-browser: Use after free in audio
1822606 - CVE-2020-6455 chromium-browser: Out of bounds read in WebSQL
1822607 - CVE-2020-6430 chromium-browser: Type Confusion in V8
1822608 - CVE-2020-6456 chromium-browser: Insufficient validation of untrusted input in clipboard
1822609 - CVE-2020-6431 chromium-browser: Insufficient policy enforcement in full screen
1822610 - CVE-2020-6433 chromium-browser: Insufficient policy enforcement in extensions
1822611 - CVE-2020-6434 chromium-browser: Use after free in devtools
1822612 - CVE-2020-6435 chromium-browser: Insufficient policy enforcement in extensions
1822613 - CVE-2020-6436 chromium-browser: Use after free in window management
1822614 - CVE-2020-6437 chromium-browser: Inappropriate implementation in WebView
1822615 - CVE-2020-6438 chromium-browser: Insufficient policy enforcement in extensions
1822616 - CVE-2020-6439 chromium-browser: Insufficient policy enforcement in navigations
1822617 - CVE-2020-6440 chromium-browser: Inappropriate implementation in extensions
1822618 - CVE-2020-6441 chromium-browser: Insufficient policy enforcement in omnibox
1822619 - CVE-2020-6442 chromium-browser: Inappropriate implementation in cache
1822620 - CVE-2020-6443 chromium-browser: Insufficient data validation in developer tools
1822621 - CVE-2020-6444 chromium-browser: Uninitialized use in WebRTC
1822622 - CVE-2020-6445 chromium-browser: Insufficient policy enforcement in trusted types
1822623 - CVE-2020-6446 chromium-browser: Insufficient policy enforcement in trusted types
1822624 - CVE-2020-6447 chromium-browser: Inappropriate implementation in developer tools
1822625 - CVE-2020-6448 chromium-browser: Use after free in V8
1822636 - CVE-2020-6432 chromium-browser: Insufficient policy enforcement in navigations

6. Package List:

Red Hat Enterprise Linux Desktop Supplementary (v. 6):

i386:
chromium-browser-81.0.4044.92-2.el6_10.i686.rpm
chromium-browser-debuginfo-81.0.4044.92-2.el6_10.i686.rpm

i686:
chromium-browser-81.0.4044.92-2.el6_10.i686.rpm
chromium-browser-debuginfo-81.0.4044.92-2.el6_10.i686.rpm

x86_64:
chromium-browser-81.0.4044.92-2.el6_10.x86_64.rpm
chromium-browser-debuginfo-81.0.4044.92-2.el6_10.x86_64.rpm

Red Hat Enterprise Linux HPC Node Supplementary (v. 6):

i686:
chromium-browser-81.0.4044.92-2.el6_10.i686.rpm
chromium-browser-debuginfo-81.0.4044.92-2.el6_10.i686.rpm

x86_64:
chromium-browser-81.0.4044.92-2.el6_10.x86_64.rpm
chromium-browser-debuginfo-81.0.4044.92-2.el6_10.x86_64.rpm

Red Hat Enterprise Linux Server Supplementary (v. 6):

i386:
chromium-browser-81.0.4044.92-2.el6_10.i686.rpm
chromium-browser-debuginfo-81.0.4044.92-2.el6_10.i686.rpm

i686:
chromium-browser-81.0.4044.92-2.el6_10.i686.rpm
chromium-browser-debuginfo-81.0.4044.92-2.el6_10.i686.rpm

x86_64:
chromium-browser-81.0.4044.92-2.el6_10.x86_64.rpm
chromium-browser-debuginfo-81.0.4044.92-2.el6_10.x86_64.rpm

Red Hat Enterprise Linux Workstation Supplementary (v. 6):

i386:
chromium-browser-81.0.4044.92-2.el6_10.i686.rpm
chromium-browser-debuginfo-81.0.4044.92-2.el6_10.i686.rpm

i686:
chromium-browser-81.0.4044.92-2.el6_10.i686.rpm
chromium-browser-debuginfo-81.0.4044.92-2.el6_10.i686.rpm

x86_64:
chromium-browser-81.0.4044.92-2.el6_10.x86_64.rpm
chromium-browser-debuginfo-81.0.4044.92-2.el6_10.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-6423
https://access.redhat.com/security/cve/CVE-2020-6430
https://access.redhat.com/security/cve/CVE-2020-6431
https://access.redhat.com/security/cve/CVE-2020-6432
https://access.redhat.com/security/cve/CVE-2020-6433
https://access.redhat.com/security/cve/CVE-2020-6434
https://access.redhat.com/security/cve/CVE-2020-6435
https://access.redhat.com/security/cve/CVE-2020-6436
https://access.redhat.com/security/cve/CVE-2020-6437
https://access.redhat.com/security/cve/CVE-2020-6438
https://access.redhat.com/security/cve/CVE-2020-6439
https://access.redhat.com/security/cve/CVE-2020-6440
https://access.redhat.com/security/cve/CVE-2020-6441
https://access.redhat.com/security/cve/CVE-2020-6442
https://access.redhat.com/security/cve/CVE-2020-6443
https://access.redhat.com/security/cve/CVE-2020-6444
https://access.redhat.com/security/cve/CVE-2020-6445
https://access.redhat.com/security/cve/CVE-2020-6446
https://access.redhat.com/security/cve/CVE-2020-6447
https://access.redhat.com/security/cve/CVE-2020-6448
https://access.redhat.com/security/cve/CVE-2020-6454
https://access.redhat.com/security/cve/CVE-2020-6455
https://access.redhat.com/security/cve/CVE-2020-6456
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBXpgcstzjgjWX9erEAQiIgQ/+LIAUFSELhcexhdHhkqIYSeh1M4d4503u
5mQBd6SPxN/84e0d5QqNs3SLgspMVCvrwhrXQo10GsNMaYrmdWepuo5aUga/9fMS
3VNvKY/R+SVKNIKXMhjcLvEQ1JPA66f02mK8P+D9bCmIIhW3i9Cklgg2NH3GpAvY
rDq184TfqwXHt3FDAXlwkiZVeTGoLMYvt6+0xn+Eiupp/82OSoOR2cOo+pI5bvM9
hvVaYs/kYReuqVivtkJnbMi+udX2lp8rhKYM6I4Nmn2qefYejsLzmY4Seevq8pnJ
V1LtX81RGxKkqXKy4BpW4FayQJXrqcAMjdmtS+5xTj/sSv/D4RRFX8JNBt7FBubj
7jHZoCq7r6HUwbAzaduirl0jV/AMY29y3i3dom+5Xo2guVCjANrQ8W/GXxDdQJXe
1EXyFzs4weZ6z0kLuoXF5geEKRpc/NeI7IJ5m3sqrUCCfY3hy7KPg7YvodIB16SG
wiAkJ1A5Su6RkUMtXmpA+vUp4y6b6MkWztryUJ62Ir4Vp0twa/aji2+15y4vCFnR
3vuxL4YhnP+DcoxhYzIxPwmfjWtc7hIO225DXg8rkF1t++rcwOcmJIgtlO4pXKQa
f5YJeOLUi9zKT2PJBd9ORN5X32qjKv1RAwZpgx10Z+a402NjHUPdUiATD59mXoZj
hvC9DK0QmY0=
=TEDJ
- -----END PGP SIGNATURE-----

- --
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXpkHXmaOgq3Tt24GAQhwHQ/+Ll68ot+PJnTnNURwxyP4U2jTjItPJtlQ
sK4/AJjAKU+jW241v+rr1UbkN322LWHhYhar7CmUQ4kioALyD9Hc7eyu0/wMRuMz
MyJTUNET11hfN/wuT1kN3kWTkHjAYn1uPthLbo8TKMeYzYv1ryKN+2+8CfI+Cg5P
zQ0ZudrZQqVL7CAO5e0maWSfel97Vey4nLpQBUhePH6vqF4E1rNJn+S1vzv+a1zL
vn880Ll+lsdSOG5uw9btBFN3GJuouyOFYkbuJs7F594NVNRS0u6nIhhhxeXwXKCN
u+ENPN6O2ttSvvN1m7dRY4JsLNsux/Hrfti6gqSIBwX0qS/mc6NaZojOfIK8FrAy
ZgF0NSY0lTsnqzQJPlSVsRdCnU8QJXybElU/lDqkNa4nZfjFg7ODBbF0NHqxrdCv
fmnWTsGrxuEhgYZrNYmC7/AOtHGoyaSBRwYWhnvvrqOc56gIvPXLGeWt7UCCCFlG
+3tGkLc3gDVQI0S+okbePstJJ1b7XuJxq/7UB5qlYkD9jj3kJSnHqhwxkoScde+5
VhUPNp7xmGE/hRzLgxhUwjAHq5bt2wjtUXku00KfdNKYIB2cjHGcl32zLLA5hGUG
CUdAp0ZG8Vv4DclY8XrbJbIY9JhkO9ynu7y1m6kXD6OOv5DfMlIfdyVvuEaz1PgS
sZjbGFhH5GA=
=PTHF
-----END PGP SIGNATURE-----