Red Hat Product Errata RHSA-2018:0484 - Security Advisory

Issued:: 2018-03-12
Updated:: 2018-03-12

RHSA-2018:0484 - Security Advisory

Overview
Updated Packages

Synopsis

Important: chromium-browser security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Chromium is an open-source web browser, powered by WebKit (Blink).

This update upgrades Chromium to version 65.0.3325.146.

Security Fix(es):

chromium-browser: incorrect permissions on shared memory (CVE-2018-6057)
chromium-browser: use-after-free in blink (CVE-2018-6060)
chromium-browser: race condition in v8 (CVE-2018-6061)
chromium-browser: heap buffer overflow in skia (CVE-2018-6062)
chromium-browser: incorrect permissions on shared memory (CVE-2018-6063)
chromium-browser: type confusion in v8 (CVE-2018-6064)
chromium-browser: integer overflow in v8 (CVE-2018-6065)
chromium-browser: same origin bypass via canvas (CVE-2018-6066)
chromium-browser: buffer overflow in skia (CVE-2018-6067)
chromium-browser: stack buffer overflow in skia (CVE-2018-6069)
chromium-browser: csp bypass through extensions (CVE-2018-6070)
chromium-browser: heap bufffer overflow in skia (CVE-2018-6071)
chromium-browser: integer overflow in pdfium (CVE-2018-6072)
chromium-browser: heap bufffer overflow in webgl (CVE-2018-6073)
chromium-browser: mark-of-the-web bypass (CVE-2018-6074)
chromium-browser: overly permissive cross origin downloads (CVE-2018-6075)
chromium-browser: incorrect handling of url fragment identifiers in blink (CVE-2018-6076)
chromium-browser: timing attack using svg filters (CVE-2018-6077)
chromium-browser: url spoof in omnibox (CVE-2018-6078)
chromium-browser: information disclosure via texture data in webgl (CVE-2018-6079)
chromium-browser: information disclosure in ipc call (CVE-2018-6080)
chromium-browser: xss in interstitials (CVE-2018-6081)
chromium-browser: circumvention of port blocking (CVE-2018-6082)
chromium-browser: incorrect processing of appmanifests (CVE-2018-6083)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the update, Chromium must be restarted for the changes to take effect.

Affected Products

Red Hat Enterprise Linux Server 6 x86_64
Red Hat Enterprise Linux Server 6 i386
Red Hat Enterprise Linux Workstation 6 x86_64
Red Hat Enterprise Linux Workstation 6 i386
Red Hat Enterprise Linux Desktop 6 x86_64
Red Hat Enterprise Linux Desktop 6 i386

Fixes

BZ - 1552476 - CVE-2018-6060 chromium-browser: use-after-free in blink
BZ - 1552477 - CVE-2018-6061 chromium-browser: race condition in v8
BZ - 1552478 - CVE-2018-6062 chromium-browser: heap buffer overflow in skia
BZ - 1552479 - CVE-2018-6057 chromium-browser: incorrect permissions on shared memory
BZ - 1552480 - CVE-2018-6063 chromium-browser: incorrect permissions on shared memory
BZ - 1552481 - CVE-2018-6064 chromium-browser: type confusion in v8
BZ - 1552482 - CVE-2018-6065 chromium-browser: integer overflow in v8
BZ - 1552483 - CVE-2018-6066 chromium-browser: same origin bypass via canvas
BZ - 1552484 - CVE-2018-6067 chromium-browser: buffer overflow in skia
BZ - 1552486 - CVE-2018-6069 chromium-browser: stack buffer overflow in skia
BZ - 1552487 - CVE-2018-6070 chromium-browser: csp bypass through extensions
BZ - 1552488 - CVE-2018-6071 chromium-browser: heap bufffer overflow in skia
BZ - 1552489 - CVE-2018-6072 chromium-browser: integer overflow in pdfium
BZ - 1552490 - CVE-2018-6073 chromium-browser: heap bufffer overflow in webgl
BZ - 1552491 - CVE-2018-6074 chromium-browser: mark-of-the-web bypass
BZ - 1552492 - CVE-2018-6075 chromium-browser: overly permissive cross origin downloads
BZ - 1552493 - CVE-2018-6076 chromium-browser: incorrect handling of url fragment identifiers in blink
BZ - 1552494 - CVE-2018-6077 chromium-browser: timing attack using svg filters
BZ - 1552495 - CVE-2018-6078 chromium-browser: url spoof in omnibox
BZ - 1552496 - CVE-2018-6079 chromium-browser: information disclosure via texture data in webgl
BZ - 1552497 - CVE-2018-6080 chromium-browser: information disclosure in ipc call
BZ - 1552498 - CVE-2018-6081 chromium-browser: xss in interstitials
BZ - 1552499 - CVE-2018-6082 chromium-browser: circumvention of port blocking
BZ - 1552500 - CVE-2018-6083 chromium-browser: incorrect processing of appmanifests

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 6

SRPM
x86_64
chromium-browser-65.0.3325.146-2.el6_9.x86_64.rpm	SHA-256: bb84467a8535ce96780f9d5a122d6fce6357d2c92d3fd6588c1850aa455253b6
chromium-browser-debuginfo-65.0.3325.146-2.el6_9.x86_64.rpm	SHA-256: 5e0cede1f9afca80f387b95b249f6c6b1b8e8e3b78eab5e343cd4ff02869f09e
i386
chromium-browser-65.0.3325.146-2.el6_9.i686.rpm	SHA-256: f0322b4fbbbe91394325d8f85384089fa9e594ebe89eb1c17b0919d5238bb9f2
chromium-browser-debuginfo-65.0.3325.146-2.el6_9.i686.rpm	SHA-256: cce04e8fab7d7a0d2736b35d78d713eb7211f01eaa79ba0cef580fb3b4712a37

Red Hat Enterprise Linux Workstation 6

SRPM
x86_64
chromium-browser-65.0.3325.146-2.el6_9.x86_64.rpm	SHA-256: bb84467a8535ce96780f9d5a122d6fce6357d2c92d3fd6588c1850aa455253b6
chromium-browser-debuginfo-65.0.3325.146-2.el6_9.x86_64.rpm	SHA-256: 5e0cede1f9afca80f387b95b249f6c6b1b8e8e3b78eab5e343cd4ff02869f09e
i386
chromium-browser-65.0.3325.146-2.el6_9.i686.rpm	SHA-256: f0322b4fbbbe91394325d8f85384089fa9e594ebe89eb1c17b0919d5238bb9f2
chromium-browser-debuginfo-65.0.3325.146-2.el6_9.i686.rpm	SHA-256: cce04e8fab7d7a0d2736b35d78d713eb7211f01eaa79ba0cef580fb3b4712a37

Red Hat Enterprise Linux Desktop 6

SRPM
x86_64
chromium-browser-65.0.3325.146-2.el6_9.x86_64.rpm	SHA-256: bb84467a8535ce96780f9d5a122d6fce6357d2c92d3fd6588c1850aa455253b6
chromium-browser-debuginfo-65.0.3325.146-2.el6_9.x86_64.rpm	SHA-256: 5e0cede1f9afca80f387b95b249f6c6b1b8e8e3b78eab5e343cd4ff02869f09e
i386
chromium-browser-65.0.3325.146-2.el6_9.i686.rpm	SHA-256: f0322b4fbbbe91394325d8f85384089fa9e594ebe89eb1c17b0919d5238bb9f2
chromium-browser-debuginfo-65.0.3325.146-2.el6_9.i686.rpm	SHA-256: cce04e8fab7d7a0d2736b35d78d713eb7211f01eaa79ba0cef580fb3b4712a37

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation

Services

Tools

Red Hat Insights

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories