Debian Security Advisory

  • Package : linux

    CVE ID : CVE-2019-13272


    Jann Horn discovered that the ptrace subsystem in the Linux kernel mishandles the management of the credentials of a process that wants to create a ptrace relationship, allowing a local user to obtain root privileges under certain scenarios.


    For the oldstable distribution (stretch), this problem has been fixed in version 4.9.168-1+deb9u4.


    For the stable distribution (buster), this problem has been fixed in version 4.19.37-5+deb10u1. This update includes as well a patch for a regression introduced by the original fix for CVE-2019-11478 (#930904).


    We recommend that you upgrade your linux packages.


    For the detailed security status of linux please refer to its security tracker page at:

    https://security-tracker.debian.org/tracker/linux


    Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

  • Package : openjdk-8

    CVE ID : CVE-2019-2745 CVE-2019-2762 CVE-2019-2769 CVE-2019-2786

    CVE-2019-2816 CVE-2019-2842


    Several vulnerabilities have been discovered in the OpenJDK Java runtime, resulting in information disclosure, denial of service or bypass of sandbox restrictions. In addition the implementation of elliptic curve cryptography was modernised.


    For the oldstable distribution (stretch), these problems have been fixed in version 8u222-b10-1~deb9u1.


    We recommend that you upgrade your openjdk-8 packages.


    For the detailed security status of openjdk-8 please refer to its security tracker page at:

    https://security-tracker.debian.org/tracker/openjdk-8


    Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

  • Package : openjdk-11

    CVE ID : CVE-2019-2745 CVE-2019-2762 CVE-2019-2769 CVE-2019-2786

    CVE-2019-2816 CVE-2019-2818 CVE-2019-2821


    Several vulnerabilities have been discovered in the OpenJDK Java runtime, resulting in information disclosure, denial of service or bypass of sandbox restrictions. In addition the implementation of elliptic curve cryptography was modernised.


    For the stable distribution (buster), these problems have been fixed in version 11.0.4+11-1~deb10u1.


    We recommend that you upgrade your openjdk-11 packages.


    For the detailed security status of openjdk-11 please refer to its security tracker page at:

    https://security-tracker.debian.org/tracker/openjdk-11


    Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

  • Package : neovim

    CVE ID : CVE-2019-12735


    User "Arminius" discovered a vulnerability in Vim, an enhanced version of the standard UNIX editor Vi (Vi IMproved), which also affected the Neovim fork, an extensible editor focused on modern code and features:


    Editors typically provide a way to embed editor configuration commands (aka

    modelines) which are executed once a file is opened, while harmful commands are filtered by a sandbox mechanism. It was discovered that the "source"

    command (used to include and execute another file) was not filtered, allowing shell command execution with a carefully crafted file opened in Neovim.


    For the oldstable distribution (stretch), this problem has been fixed in version 0.1.7-4+deb9u1.


    We recommend that you upgrade your neovim packages.


    For the detailed security status of neovim please refer to its security tracker page at:

    https://security-tracker.debian.org/tracker/neovim


    Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

  • Package : exim4

    CVE ID : CVE-2019-13917


    Jeremy Harris discovered that Exim, a mail transport agent, does not properly handle the ${sort } expansion. This flaw can be exploited by a remote attacker to execute programs with root privileges in non-default (and unusual) configurations where ${sort } expansion is used for items that can be controlled by an attacker.


    For the oldstable distribution (stretch), this problem has been fixed in version 4.89-2+deb9u5.


    For the stable distribution (buster), this problem has been fixed in version 4.92-8+deb10u1.


    We recommend that you upgrade your exim4 packages.


    For the detailed security status of exim4 please refer to its security tracker page at:

    https://security-tracker.debian.org/tracker/exim4


    Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

  • Package : patch

    CVE ID : CVE-2019-13636 CVE-2019-13638

    Debian Bug : 932401 933140


    Imre Rad discovered several vulnerabilities in GNU patch, leading to shell command injection or escape from the working directory and access and overwrite files, if specially crafted patch files are processed.


    This update includes a bugfix for a regression introduced by the patch to address CVE-2018-1000156 when applying an ed-style patch (#933140).


    For the oldstable distribution (stretch), these problems have been fixed in version 2.7.5-1+deb9u2.


    For the stable distribution (buster), these problems have been fixed in version 2.7.6-3+deb10u1.


    We recommend that you upgrade your patch packages.


    For the detailed security status of patch please refer to its security tracker page at:

    https://security-tracker.debian.org/tracker/patch


    Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

  • Package : subversion

    CVE ID : CVE-2018-11782 CVE-2019-0203


    Several vulnerabilities were discovered in Subversion, a version control system. The Common Vulnerabilities and Exposures project identifies the following problems:


    CVE-2018-11782


    Ace Olszowka reported that the Subversion's svnserve server process

    may exit when a well-formed read-only request produces a particular

    answer, leading to a denial of service.


    CVE-2019-0203


    Tomas Bortoli reported that the Subversion's svnserve server process

    may exit when a client sends certain sequences of protocol commands.

    If the server is configured with anonymous access enabled this could

    lead to a remote unauthenticated denial of service.


    For the oldstable distribution (stretch), these problems have been fixed in version 1.9.5-1+deb9u4.


    For the stable distribution (buster), these problems have been fixed in version 1.10.4-1+deb10u1.


    We recommend that you upgrade your subversion packages.


    For the detailed security status of subversion please refer to its security tracker page at:

    https://security-tracker.debian.org/tracker/subversion


    Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

  • Package : proftpd-dfsg

    CVE ID : CVE-2019-12815

    Debian Bug : 932453


    Tobias Maedel discovered that the mod_copy module of ProFTPD, a FTP/SFTP/FTPS server, performed incomplete permission validation for the CPFR/CPTO commands.


    For the oldstable distribution (stretch), this problem has been fixed in version 1.3.5b-4+deb9u1.


    For the stable distribution (buster), this problem has been fixed in version 1.3.6-4+deb10u1.


    We recommend that you upgrade your proftpd-dfsg packages.


    For the detailed security status of proftpd-dfsg please refer to its security tracker page at:

    https://security-tracker.debian.org/tracker/proftpd-dfsg


    Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

  • Package : postgresql-9.6

    CVE ID : CVE-2019-10208


    A issue has been discovered in the PostgreSQL database system, which could result in privilege escalation.


    For additional information please refer to the upstream announcement at https://www.postgresql.org/about/news/1960/


    For the oldstable distribution (stretch), these problems have been fixed in version 9.6.15-0+deb9u1.


    We recommend that you upgrade your postgresql-9.6 packages.


    For the detailed security status of postgresql-9.6 please refer to its security tracker page at:

    https://security-tracker.debian.org/tracker/postgresql-9.6


    Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

  • Package : postgresql-11

    CVE ID : CVE-2019-10208 CVE-2019-10209


    Two security issues have been discovered in the PostgreSQL database system, which could result in privilege escalation, denial of service or memory disclosure.


    For additional information please refer to the upstream announcement at https://www.postgresql.org/about/news/1960/


    For the stable distribution (buster), these problems have been fixed in version 11.5-1+deb10u1.


    We recommend that you upgrade your postgresql-11 packages.


    For the detailed security status of postgresql-11 please refer to its security tracker page at:

    https://security-tracker.debian.org/tracker/postgresql-11


    Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

  • Package : kconfig

    CVE ID : CVE-2019-14744


    Dominik Penner discovered that KConfig, the KDE configuration settings framework, supported a feature to define shell command execution in .desktop files. If a user is provided with a malformed .desktop file (e.g. if it's embedded into a downloaded archive and it gets opened in a file browser) arbitrary commands could get executed. This update removes this feature.


    For the oldstable distribution (stretch), this problem has been fixed in version 5.28.0-2+deb9u1.


    For the stable distribution (buster), this problem has been fixed in version 5.54.0-1+deb10u1.


    We recommend that you upgrade your kconfig packages.


    For the detailed security status of kconfig please refer to its security tracker page at:

    https://security-tracker.debian.org/tracker/kconfig


    Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

  • Package : linux

    CVE ID : CVE-2018-20836 CVE-2019-1125 CVE-2019-1999 CVE-2019-10207

    CVE-2019-10638 CVE-2019-12817 CVE-2019-12984 CVE-2019-13233

    CVE-2019-13631 CVE-2019-13648 CVE-2019-14283 CVE-2019-14284


    Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.


    CVE-2018-20836


    chenxiang reported a race condition in libsas, the kernel

    subsystem supporting Serial Attached SCSI (SAS) devices, which

    could lead to a use-after-free. It is not clear how this might be

    exploited.


    CVE-2019-1125


    It was discovered that most x86 processors could speculatively

    skip a conditional SWAPGS instruction used when entering the

    kernel from user mode, and/or could speculatively execute it when

    it should be skipped. This is a subtype of Spectre variant 1,

    which could allow local users to obtain sensitive information from

    the kernel or other processes. It has been mitigated by using

    memory barriers to limit speculative execution. Systems using an

    i386 kernel are not affected as the kernel does not use SWAPGS.


    CVE-2019-1999


    A race condition was discovered in the Android binder driver,

    which could lead to a use-after-free. If this driver is loaded, a

    local user might be able to use this for denial-of-service

    (memory corruption) or for privilege escalation.


    CVE-2019-10207


    The syzkaller tool found a potential null dereference in various

    drivers for UART-attached Bluetooth adapters. A local user with

    access to a pty device or other suitable tty device could use this

    for denial-of-service (BUG/oops).


    CVE-2019-10638


    Amit Klein and Benny Pinkas discovered that the generation of IP

    packet IDs used a weak hash function, "jhash". This could enable

    tracking individual computers as they communicate with different

    remote servers and from different networks. The "siphash"

    function is now used instead.


    CVE-2019-12817


    It was discovered that on the PowerPC (ppc64el) architecture, the

    hash page table (HPT) code did not correctly handle fork() in a

    process with memory mapped at addresses above 512 TiB. This could

    lead to a use-after-free in the kernel, or unintended sharing of

    memory between user processes. A local user could use this for

    privilege escalation. Systems using the radix MMU, or a custom

    kernel with a 4 KiB page size, are not affected.


    CVE-2019-12984


    It was discovered that the NFC protocol implementation did not

    properly validate a netlink control message, potentially leading

    to a null pointer dereference. A local user on a system with an

    NFC interface could use this for denial-of-service (BUG/oops).


    CVE-2019-13233


    Jann Horn discovered a race condition on the x86 architecture,

    in use of the LDT. This could lead to a use-after-free. A

    local user could possibly use this for denial-of-service.


    CVE-2019-13631


    It was discovered that the gtco driver for USB input tablets could

    overrun a stack buffer with constant data while parsing the device's

    descriptor. A physically present user with a specially

    constructed USB device could use this to cause a denial-of-service

    (BUG/oops), or possibly for privilege escalation.


    CVE-2019-13648


    Praveen Pandey reported that on PowerPC (ppc64el) systems without

    Transactional Memory (TM), the kernel would still attempt to

    restore TM state passed to the sigreturn() system call. A local

    user could use this for denial-of-service (oops).


    CVE-2019-14283


    The syzkaller tool found a missing bounds check in the floppy disk

    driver. A local user with access to a floppy disk device, with a

    disk present, could use this to read kernel memory beyond the

    I/O buffer, possibly obtaining sensitive information.


    CVE-2019-14284


    The syzkaller tool found a potential division-by-zero in the

    floppy disk driver. A local user with access to a floppy disk

    device could use this for denial-of-service (oops).


    For the stable distribution (buster), these problems have been fixed in version 4.19.37-5+deb10u2.


    For the oldstable distribution (stretch), these problems will be fixed soon.


    We recommend that you upgrade your linux packages.


    For the detailed security status of linux please refer to its security tracker page at:

    https://security-tracker.debian.org/tracker/linux


    Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

  • Package : python-django

    CVE ID : CVE-2019-14232 CVE-2019-14233 CVE-2019-14234 CVE-2019-14235

    Debian Bug : 934026


    Several vulnerabilities were discovered in python-django, a web development framework. They could lead to remote denial-of-service or SQL injection,


    For the oldstable distribution (stretch), these problems have been fixed in version 1:1.10.7-2+deb9u6.


    For the stable distribution (buster), these problems have been fixed in version 1.11.23-1~deb10u1.


    We recommend that you upgrade your python-django packages.


    For the detailed security status of python-django please refer to its security tracker page at:

    https://security-tracker.debian.org/tracker/python-django


    Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

  • Package : pango1.0

    CVE ID : CVE-2019-1010238

    Debian Bug : 933860


    Benno Fuenfstueck discovered that Pango, a library for layout and rendering of text with an emphasis on internationalization, is prone to a heap-based buffer overflow flaw in the pango_log2vis_get_embedding_levels

    function. An attacker can take advantage of this flaw for denial of service or potentially the execution of arbitrary code.


    For the stable distribution (buster), this problem has been fixed in version 1.42.4-7~deb10u1.


    We recommend that you upgrade your pango1.0 packages.


    For the detailed security status of pango1.0 please refer to its security tracker page at:

    https://security-tracker.debian.org/tracker/pango1.0


    Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

  • Package : linux

    CVE ID : CVE-2015-8553 CVE-2018-5995 CVE-2018-20836 CVE-2018-20856

    CVE-2019-1125 CVE-2019-3882 CVE-2019-3900 CVE-2019-10207

    CVE-2019-10638 CVE-2019-10639 CVE-2019-13631 CVE-2019-13648

    CVE-2019-14283 CVE-2019-14284


    Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.


    CVE-2015-8553


    Jan Beulich discovered that CVE-2015-2150 was not completely

    addressed. If a PCI physical function is passed through to a

    Xen guest, the guest is able to access its memory and I/O

    regions before enabling decoding of those regions. This could

    result in a denial-of-service (unexpected NMI) on the host.


    The fix for this is incompatible with qemu versions before 2.5.


    (CVE ID not yet assigned)


    Denis Andzakovic reported a missing type check in the IPv4 multicast

    routing implementation. A user with the CAP_NET_ADMIN capability (in

    any user namespace) could use this for denial-of-service (memory

    corruption or crash) or possibly for privilege escalation.


    CVE-2018-5995


    ADLab of VenusTech discovered that the kernel logged the virtual

    addresses assigned to per-CPU data, which could make it easier to

    exploit other vulnerabilities.


    CVE-2018-20836


    chenxiang reported a race condition in libsas, the kernel

    subsystem supporting Serial Attached SCSI (SAS) devices, which

    could lead to a use-after-free. It is not clear how this might be

    exploited.


    CVE-2018-20856


    Xiao Jin reported a potential double-free in the block subsystem,

    in case an error occurs while initialising the I/O scheduler for a

    block device. It is not clear how this might be exploited.


    CVE-2019-1125


    It was discovered that most x86 processors could speculatively

    skip a conditional SWAPGS instruction used when entering the

    kernel from user mode, and/or could speculatively execute it when

    it should be skipped. This is a subtype of Spectre variant 1,

    which could allow local users to obtain sensitive information from

    the kernel or other processes. It has been mitigated by using

    memory barriers to limit speculative execution. Systems using an

    i386 kernel are not affected as the kernel does not use SWAPGS.


    CVE-2019-3882


    It was found that the vfio implementation did not limit the number

    of DMA mappings to device memory. A local user granted ownership

    of a vfio device could use this to cause a denial of service

    (out-of-memory condition).


    CVE-2019-3900


    It was discovered that vhost drivers did not properly control the

    amount of work done to service requests from guest VMs. A

    malicious guest could use this to cause a denial-of-service

    (unbounded CPU usage) on the host.


    CVE-2019-10207


    The syzkaller tool found a potential null dereference in various

    drivers for UART-attached Bluetooth adapters. A local user with

    access to a pty device or other suitable tty device could use this

    for denial-of-service (BUG/oops).


    CVE-2019-10638


    Amit Klein and Benny Pinkas discovered that the generation of IP

    packet IDs used a weak hash function, "jhash". This could enable

    tracking individual computers as they communicate with different

    remote servers and from different networks. The "siphash"

    function is now used instead.


    CVE-2019-10639


    Amit Klein and Benny Pinkas discovered that the generation of IP

    packet IDs used a weak hash function that incorporated a kernel

    virtual address. This hash function is no longer used for IP IDs,

    although it is still used for other purposes in the network stack.


    CVE-2019-13631


    It was discovered that the gtco driver for USB input tablets could

    overrun a stack buffer with constant data while parsing the device's

    descriptor. A physically present user with a specially

    constructed USB device could use this to cause a denial-of-service

    (BUG/oops), or possibly for privilege escalation.


    CVE-2019-13648


    Praveen Pandey reported that on PowerPC (ppc64el) systems without

    Transactional Memory (TM), the kernel would still attempt to

    restore TM state passed to the sigreturn() system call. A local

    user could use this for denial-of-service (oops).


    CVE-2019-14283


    The syzkaller tool found a missing bounds check in the floppy disk

    driver. A local user with access to a floppy disk device, with a

    disk present, could use this to read kernel memory beyond the

    I/O buffer, possibly obtaining sensitive information.


    CVE-2019-14284


    The syzkaller tool found a potential division-by-zero in the

    floppy disk driver. A local user with access to a floppy disk

    device could use this for denial-of-service (oops).


    (CVE ID not yet assigned)


    Denis Andzakovic reported a possible use-after-free in the

    TCP sockets implementation. A local user could use this for

    denial-of-service (memory corruption or crash) or possibly

    for privilege escalation.


    (CVE ID not yet assigned)


    The netfilter conntrack subsystem used kernel addresses as

    user-visible IDs, which could make it easier to exploit other

    security vulnerabilities.


    XSA-300


    Julien Grall reported that Linux does not limit the amount of memory

    which a domain will attempt to baloon out, nor limits the amount of

    "foreign / grant map" memory which any individual guest can consume,

    leading to denial of service conditions (for host or guests).


    For the oldstable distribution (stretch), these problems have been fixed in version 4.9.168-1+deb9u5.


    For the stable distribution (buster), these problems were mostly fixed in version 4.19.37-5+deb10u2 or earlier.


    We recommend that you upgrade your linux packages.


    For the detailed security status of linux please refer to its security tracker page at:

    https://security-tracker.debian.org/tracker/linux


    Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

  • Package : ghostscript

    CVE ID : CVE-2019-10216

    Debian Bug : 934638


    Netanel reported that the .buildfont1 procedure in Ghostscript, the GPL PostScript/PDF interpreter, does not properly restrict privileged calls, which could result in bypass of file system restrictions of the dSAFER sandbox.


    For the oldstable distribution (stretch), this problem has been fixed in version 9.26a~dfsg-0+deb9u4.


    For the stable distribution (buster), this problem has been fixed in version 9.27~dfsg-2+deb10u1.


    We recommend that you upgrade your ghostscript packages.


    For the detailed security status of ghostscript please refer to its security tracker page at:

    https://security-tracker.debian.org/tracker/ghostscript


    Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

  • Package : chromium

    CVE ID : CVE-2019-5805 CVE-2019-5806 CVE-2019-5807 CVE-2019-5808

    CVE-2019-5809 CVE-2019-5810 CVE-2019-5811 CVE-2019-5813

    CVE-2019-5814 CVE-2019-5815 CVE-2019-5818 CVE-2019-5819

    CVE-2019-5820 CVE-2019-5821 CVE-2019-5822 CVE-2019-5823

    CVE-2019-5824 CVE-2019-5825 CVE-2019-5826 CVE-2019-5827

    CVE-2019-5828 CVE-2019-5829 CVE-2019-5830 CVE-2019-5831

    CVE-2019-5832 CVE-2019-5833 CVE-2019-5834 CVE-2019-5836

    CVE-2019-5837 CVE-2019-5838 CVE-2019-5839 CVE-2019-5840

    CVE-2019-5842 CVE-2019-5847 CVE-2019-5848 CVE-2019-5849

    CVE-2019-5850 CVE-2019-5851 CVE-2019-5852 CVE-2019-5853

    CVE-2019-5854 CVE-2019-5855 CVE-2019-5856 CVE-2019-5857

    CVE-2019-5858 CVE-2019-5859 CVE-2019-5860 CVE-2019-5861

    CVE-2019-5862 CVE-2019-5864 CVE-2019-5865 CVE-2019-5867

    CVE-2019-5868


    Several vulnerabilities have been discovered in the chromium web browser.


    CVE-2019-5805


    A use-after-free issue was discovered in the pdfium library.


    CVE-2019-5806


    Wen Xu discovered an integer overflow issue in the Angle library.


    CVE-2019-5807


    TimGMichaud discovered a memory corruption issue in the v8 javascript

    library.


    CVE-2019-5808


    cloudfuzzer discovered a use-after-free issue in Blink/Webkit.


    CVE-2019-5809


    Mark Brand discovered a use-after-free issue in Blink/Webkit.


    CVE-2019-5810


    Mark Amery discovered an information disclosure issue.


    CVE-2019-5811


    Jun Kokatsu discovered a way to bypass the Cross-Origin Resource Sharing

    feature.


    CVE-2019-5813


    Aleksandar Nikolic discovered an out-of-bounds read issue in the v8

    javascript library.


    CVE-2019-5814


    @AaylaSecura1138 discovered a way to bypass the Cross-Origin Resource

    Sharing feature.


    CVE-2019-5815


    Nicolas Grégoire discovered a buffer overflow issue in Blink/Webkit.


    CVE-2019-5818


    Adrian Tolbaru discovered an uninitialized value issue.


    CVE-2019-5819


    Svyat Mitin discovered an error in the developer tools.


    CVE-2019-5820


    pdknsk discovered an integer overflow issue in the pdfium library.


    CVE-2019-5821


    pdknsk discovered another integer overflow issue in the pdfium library.


    CVE-2019-5822


    Jun Kokatsu discovered a way to bypass the Cross-Origin Resource Sharing

    feature.


    CVE-2019-5823


    David Erceg discovered a navigation error.


    CVE-2019-5824


    leecraso and Guang Gong discovered an error in the media player.


    CVE-2019-5825


    Genming Liu, Jianyu Chen, Zhen Feng, and Jessica Liu discovered an

    out-of-bounds write issue in the v8 javascript library.


    CVE-2019-5826


    Genming Liu, Jianyu Chen, Zhen Feng, and Jessica Liu discovered a

    use-after-free issue.


    CVE-2019-5827


    mlfbrown discovered an out-of-bounds read issue in the sqlite library.


    CVE-2019-5828


    leecraso and Guang Gong discovered a use-after-free issue.


    CVE-2019-5829


    Lucas Pinheiro discovered a use-after-free issue.


    CVE-2019-5830


    Andrew Krashichkov discovered a credential error in the Cross-Origin

    Resource Sharing feature.


    CVE-2019-5831


    yngwei discovered a map error in the v8 javascript library.


    CVE-2019-5832


    Sergey Shekyan discovered an error in the Cross-Origin Resource Sharing

    feature.


    CVE-2019-5833


    Khalil Zhani discovered a user interface error.


    CVE-2019-5834


    Khalil Zhani discovered a URL spoofing issue.


    CVE-2019-5836


    Omair discovered a buffer overflow issue in the Angle library.


    CVE-2019-5837


    Adam Iawniuk discovered an information disclosure issue.


    CVE-2019-5838


    David Erceg discovered an error in extension permissions.


    CVE-2019-5839


    Masato Kinugawa discovered implementation errors in Blink/Webkit.


    CVE-2019-5840


    Eliya Stein and Jerome Dangu discovered a way to bypass the popup blocker.


    CVE-2019-5842


    BUGFENSE discovered a use-after-free issue in Blink/Webkit.


    CVE-2019-5847


    m3plex discovered an error in the v8 javascript library.


    CVE-2019-5848


    Mark Amery discovered an information disclosure issue.


    CVE-2019-5849


    Zhen Zhou discovered an out-of-bounds read in the Skia library.


    CVE-2019-5850


    Brendon Tiszka discovered a use-after-free issue in the offline page

    fetcher.


    CVE-2019-5851


    Zhe Jin discovered a use-after-poison issue.


    CVE-2019-5852


    David Erceg discovered an information disclosure issue.


    CVE-2019-5853


    Yngwei and sakura discovered a memory corruption issue.


    CVE-2019-5854


    Zhen Zhou discovered an integer overflow issue in the pdfium library.


    CVE-2019-5855


    Zhen Zhou discovered an integer overflow issue in the pdfium library.


    CVE-2019-5856


    Yongke Wang discovered an error related to file system URL permissions.


    CVE-2019-5857


    cloudfuzzer discovered a way to crash chromium.


    CVE-2019-5858


    evil1m0 discovered an information disclosure issue.


    CVE-2019-5859


    James Lee discovered a way to launch alternative browsers.


    CVE-2019-5860


    A use-after-free issue was discovered in the v8 javascript library.


    CVE-2019-5861


    Robin Linus discovered an error determining click location.


    CVE-2019-5862


    Jun Kokatsu discovered an error in the AppCache implementation.


    CVE-2019-5864


    Devin Grindle discovered an error in the Cross-Origin Resourse Sharing

    feature for extensions.


    CVE-2019-5865


    Ivan Fratric discovered a way to bypass the site isolation feature.


    CVE-2019-5867


    Lucas Pinheiro discovered an out-of-bounds read issue in the v8 javascript

    library.


    CVE-2019-5868


    banananapenguin discovered a use-after-free issue in the v8 javascript

    library.


    For the stable distribution (buster), these problems have been fixed in version 76.0.3809.100-1~deb10u1.


    We recommend that you upgrade your chromium packages.


    For the detailed security status of chromium please refer to its security tracker page at:

    https://security-tracker.debian.org/tracker/chromium


    Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

  • Package : libreoffice

    CVE ID : CVE-2019-9850 CVE-2019-9851 CVE-2019-9852


    It was discovered that the code fixes to address CVE-2018-16858 and

    CVE-2019-9848 were not complete.


    For the oldstable distribution (stretch), these problems have been fixed in version 1:5.2.7-1+deb9u10.


    For the stable distribution (buster), these problems have been fixed in version 1:6.1.5-3+deb10u3.


    We recommend that you upgrade your libreoffice packages.


    For the detailed security status of libreoffice please refer to its security tracker page at:

    https://security-tracker.debian.org/tracker/libreoffice


    Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

  • Package : ffmpeg

    CVE ID : CVE-2019-12730


    Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed.


    For the stable distribution (buster), this problem has been fixed in version 7:4.1.4-1~deb10u1.


    We recommend that you upgrade your ffmpeg packages.


    For the detailed security status of ffmpeg please refer to its security tracker page at:

    https://security-tracker.debian.org/tracker/ffmpeg


    Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/