Debian Security Advisory
DSA-4654-1 chromium -- security update
- Date Reported:
- 07 Apr 2020
- Affected Packages:
- chromium
- Vulnerable:
- Yes
- Security database references:
- In Mitre's CVE dictionary: CVE-2020-6450, CVE-2020-6451, CVE-2020-6452.
- More information:
-
Several vulnerabilities have been discovered in the chromium web browser.
- CVE-2020-6450
Man Yue Mo discovered a use-after-free issue in the WebAudio implementation.
- CVE-2020-6451
Man Yue Mo discovered a use-after-free issue in the WebAudio implementation.
- CVE-2020-6452
asnine discovered a buffer overflow issue.
For the oldstable distribution (stretch), security support for chromium has been discontinued.
For the stable distribution (buster), these problems have been fixed in version 80.0.3987.162-1~deb10u1.
We recommend that you upgrade your chromium packages.
For the detailed security status of chromium please refer to its security tracker page at: https://security-tracker.debian.org/tracker/chromium
- CVE-2020-6450