File _patchinfo of Package patchinfo.7718

<patchinfo incident="7718">
  <issue id="1077571" tracker="bnc">VUL-0: chromium: stable channel update to  64.0.3282.119</issue>
  <issue id="1077722" tracker="bnc" />
  <issue id="2018-6034" tracker="cve" />
  <issue id="2018-6035" tracker="cve" />
  <issue id="2018-6036" tracker="cve" />
  <issue id="2018-6037" tracker="cve" />
  <issue id="2018-6031" tracker="cve" />
  <issue id="2018-6032" tracker="cve" />
  <issue id="2018-6033" tracker="cve" />
  <issue id="2018-6038" tracker="cve" />
  <issue id="2018-6039" tracker="cve" />
  <issue id="2018-6052" tracker="cve" />
  <issue id="2018-6053" tracker="cve" />
  <issue id="2018-6050" tracker="cve" />
  <issue id="2018-6051" tracker="cve" />
  <issue id="2018-6054" tracker="cve" />
  <issue id="2018-6041" tracker="cve" />
  <issue id="2018-6040" tracker="cve" />
  <issue id="2018-6043" tracker="cve" />
  <issue id="2018-6042" tracker="cve" />
  <issue id="2018-6045" tracker="cve" />
  <issue id="2018-6047" tracker="cve" />
  <issue id="2018-6046" tracker="cve" />
  <issue id="2018-6049" tracker="cve" />
  <issue id="2018-6048" tracker="cve" />
  <issue id="2017-15420" tracker="cve" />
  <issue tracker="bnc" id="1073323" />
  <category>security</category>
  <rating>important</rating>
  <packager>scarabeus_iv</packager>
  <description>This update for chromium to 64.0.3282.119 fixes several issues.

These security issues were fixed:

- CVE-2018-6031: Use after free in PDFium (boo#1077571)
- CVE-2018-6032: Same origin bypass in Shared Worker (boo#1077571)
- CVE-2018-6033: Race when opening downloaded files (boo#1077571)
- CVE-2018-6034: Integer overflow in Blink (boo#1077571)
- CVE-2018-6035: Insufficient isolation of devtools from extensions (boo#1077571)
- CVE-2018-6036: Integer underflow in WebAssembly (boo#1077571)
- CVE-2018-6037: Insufficient user gesture requirements in autofill (boo#1077571)
- CVE-2018-6038: Heap buffer overflow in WebGL (boo#1077571)
- CVE-2018-6039: XSS in DevTools (boo#1077571)
- CVE-2018-6040: Content security policy bypass (boo#1077571)
- CVE-2018-6041: URL spoof in Navigation (boo#1077571)
- CVE-2018-6042: URL spoof in OmniBox (boo#1077571)
- CVE-2018-6043: Insufficient escaping with external URL handlers (boo#1077571)
- CVE-2018-6045: Insufficient isolation of devtools from extensions (boo#1077571)
- CVE-2018-6046: Insufficient isolation of devtools from extensions (boo#1077571)
- CVE-2018-6047: Cross origin URL leak in WebGL (boo#1077571)
- CVE-2018-6048: Referrer policy bypass in Blink (boo#1077571)
- CVE-2017-15420: URL spoofing in Omnibox (boo#1077571)
- CVE-2018-6049: UI spoof in Permissions (boo#1077571)
- CVE-2018-6050: URL spoof in OmniBox (boo#1077571)
- CVE-2018-6051: Referrer leak in XSS Auditor (boo#1077571)
- CVE-2018-6052: Incomplete no-referrer policy implementation (boo#1077571)
- CVE-2018-6053: Leak of page thumbnails in New Tab Page (boo#1077571)
- CVE-2018-6054: Use after free in WebUI (boo#1077571)

Re was updated to version 2018-01-01 (boo#1073323)    
</description>
  <summary>Security update for chromium</summary>
</patchinfo>
Places

File _patchinfo of Package patchinfo.7718

Places
