Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2023.2504
chromium security update
5 May 2023
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: chromium
Publisher: Debian
Operating System: Debian GNU/Linux
Resolution: Patch/Upgrade
CVE Names: CVE-2023-2468 CVE-2023-2467 CVE-2023-2466
CVE-2023-2465 CVE-2023-2464 CVE-2023-2463
CVE-2023-2462 CVE-2023-2461 CVE-2023-2460
CVE-2023-2459
Original Bulletin:
https://lists.debian.org/debian-security-announce/2023/msg00089.html
Comment: CVSS (Max): None available when published
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- - -------------------------------------------------------------------------
Debian Security Advisory DSA-5398-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
May 04, 2023 https://www.debian.org/security/faq
- - -------------------------------------------------------------------------
Package : chromium
CVE ID : CVE-2023-2459 CVE-2023-2460 CVE-2023-2461 CVE-2023-2462
CVE-2023-2463 CVE-2023-2464 CVE-2023-2465 CVE-2023-2466
CVE-2023-2467 CVE-2023-2468
Debian Bug : 992178 1031352
Multiple security issues were discovered in Chromium, which could result
in the execution of arbitrary code, denial of service or information
disclosure.
For the stable distribution (bullseye), these problems have been fixed in
version 113.0.5672.63-1~deb11u1.
We recommend that you upgrade your chromium packages.
For the detailed security status of chromium please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/chromium
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
- -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmRUCKIACgkQEMKTtsN8
TjbOCg/7BvJxNQVuHLPhC7gcECOh0c9kCZf8bXzsLubVAsoA5t7dj/v8s9KYvXbw
YzopwZcIshx5r4B0S59bfTGNEq60mjdaPDMc4seUh9Tb7ubE6CZxPCqNyuOKE72L
ZFpLxymyknSS/E6yxUh4CeM5jcf5F9fmtnrPXM+WiXRwMU2KiPVBuyleGEL1Om1b
3tD6u67fFBoffP+VdvLdxo42GOBSiaqAVenS00wygli1qisU6i7mifQX5uc1qnIm
DhQ1LLajrNCdvIL3ILYpuimYzfWTqWz+UIVvTotaCk8FuxP9/LjAS2Rdk40PL8rh
xS09eSpMb49WSi3rPzfGkkzwjPk/7rkCX/zB2n3gxn6m4fnOP9tjmQxSQmIot0xW
1HjLT+0GIg2lHNrsRemuArLfqqgw3b3Widv6k8nC+2JN05yFEgNDnhZes9YXESMm
6yGkbQXQZv6cCY6VKxPeQpXh2IWdK1K32R1I+faJmvL+mj1GAqCFzSGn0QH/vYin
Q5nmvK1oh7SZuHWw2uIyqBwHVIz+D7PNjjd73kxXew8nt5WmPvziD0hsFBxsv3q/
rn26QRSlcCqMkT6vdQAlI3vvYyd27njQqbkuKnIpiU1DqWkvqoaQ4dvqhf4QN1nt
eH75B6w+Mln1NDll/aCb4DvglNq1t7vwLrwF/1V7cvDmmTLd0zA=
=Mdwu
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBZFRLSMkNZI30y1K9AQh1WQ//fwufjWA/BGJaDOFi5ZpMXEj3FdYVNefy
9GMDMMa/7imKATtWcw0/Haiva6N0Aj4AFomiW/GVLJad61jurWwYge4Y1YPWXqXJ
R7ykaSpX6BCFxkrBXt/Flz+jp/xTKoRDLV3nX3euJgwJT+Seitj5uxEb4R53Sw8d
YUy7eTdgrryDR49EIp2Hl41cIBVWXJiYGrxOUZNlUjUYbyzMNp/1WSyl9sdZrW+B
FXJ3sW09RaVDruZCcP145T1QbEiDDKDW9m5VwM2BPOXa11fX8BENVMcHZ/74z9Lq
cxfmquDxHmhhCBnGey/VA+LA7+EmzP4y5koLumdiyQhOJxXpHajNx3LOl8NoER1G
si6Jo1F5QluwPT5I/uMR0J4/jbVEK16KbIeiXSj45Owv1Q3e/gWT/j153PJ3qSOP
Rpabs1AJPBcbR1jm8puMWw6SYJp6UxbfGb4kE7HNNuPHpeIyu5YKeLN1iCcz5TP9
tc049VBGDOxWPDKLYhruoT7FVQ65hNfoFUHadOA6txMLv3K38rnBWB9yzds1zcQV
4oLHvXvgFFXDe4bi2Lgf3tFlRxim0Q6BceynxTWfcVO5Rq3stxW1SabuckqW6CcN
cmkAgaDPIJnf7vENJYdcoeEJ2PITqxSp36Ev9watBYqr2CUvYoCwGbuff1q6zGL5
BCyHvQuv1nM=
=ukIi
-----END PGP SIGNATURE-----