ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2020.0123
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2020-0123)
Resumen:	The remote host is missing an update for the 'chromium-browser-stable, icu' package(s) announced via the MGASA-2020-0123 advisory.
Descripción:	Summary: The remote host is missing an update for the 'chromium-browser-stable, icu' package(s) announced via the MGASA-2020-0123 advisory. Vulnerability Insight: Chromium-browser 80.0.3987.122 fixes security issues: Multiple flaws were found in the way Chromium 79.0.3945.130 processes various types of web content, where loading a web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information. (CVE-2020-6381, CVE-2020-6382, CVE-2020-6383, CVE-2020-6384, CVE-2020-6385, CVE-2020-6386, CVE-2020-6387, CVE-2020-6388, CVE-2020-6389, CVE-2020-6390, CVE-2020-6391, CVE-2020-6392, CVE-2020-6393, CVE-2020-6394, CVE-2020-6395, CVE-2020-6396, CVE-2020-6397, CVE-2020-6398, CVE-2020-6399, CVE-2020-6400, CVE-2020-6401, CVE-2020-6402, CVE-2020-6403, CVE-2020-6404, CVE-2020-6405, CVE-2020-6406, CVE-2020-6407, CVE-2020-6408, CVE-2020-6409, CVE-2020-6410, CVE-2020-6411, CVE-2020-6412, CVE-2020-6413, CVE-2020-6414, CVE-2020-6415, CVE-2020-6416, CVE-2020-6418, CVE-2019-18197, CVE-2019-19923, CVE-2019-19925, CVE-2019-19926) Upstream chromium 80.0.3987.122 also includes a fix for an integer overflow issue in ICU. Since the chromium-browser-stable package is linked against the icu packages instead of using the ICU source code bundled with chromium upstream, this issue is fixed in the icu package. Affected Software/OS: 'chromium-browser-stable, icu' package(s) on Mageia 7. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2019-1819 BugTraq ID: 108351 http://www.securityfocus.com/bid/108351 Cisco Security Advisory: 20190515 Cisco Prime Infrastructure and Evolved Programmable Network Manager Path Traversal Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-pi-pathtrav-1819 Common Vulnerability Exposure (CVE) ID: CVE-2019-19923 Debian Security Information: DSA-4638 (Google Search) https://www.debian.org/security/2020/dsa-4638 https://github.com/sqlite/sqlite/commit/396afe6f6aa90a31303c183e11b2b2d4b7956b35 https://www.oracle.com/security-alerts/cpuapr2020.html RedHat Security Advisories: RHSA-2020:0514 https://access.redhat.com/errata/RHSA-2020:0514 SuSE Security Announcement: openSUSE-SU-2020:0189 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00010.html SuSE Security Announcement: openSUSE-SU-2020:0210 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00015.html SuSE Security Announcement: openSUSE-SU-2020:0233 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00025.html https://usn.ubuntu.com/4298-1/ Common Vulnerability Exposure (CVE) ID: CVE-2019-19925 https://github.com/sqlite/sqlite/commit/54d501092d88c0cf89bec4279951f548fb0b8618 Common Vulnerability Exposure (CVE) ID: CVE-2019-19926 https://github.com/sqlite/sqlite/commit/8428b3b437569338a9d1e10c4cd8154acbe33089 https://usn.ubuntu.com/4298-2/ Common Vulnerability Exposure (CVE) ID: CVE-2020-6381 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6IOHSO6BUKC6I66J5PZOMAGFVJ66ZS57/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X3B5RWJQD5LA45MYLLR55KZJOJ5NVZGP/ https://security.gentoo.org/glsa/202003-08 https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop.html https://crbug.com/1034394 Common Vulnerability Exposure (CVE) ID: CVE-2020-6382 https://crbug.com/1031909 Common Vulnerability Exposure (CVE) ID: CVE-2020-6383 https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop_18.html https://crbug.com/1051017 RedHat Security Advisories: RHSA-2020:0738 https://access.redhat.com/errata/RHSA-2020:0738 Common Vulnerability Exposure (CVE) ID: CVE-2020-6384 https://crbug.com/1048473 Common Vulnerability Exposure (CVE) ID: CVE-2020-6385 https://crbug.com/1035399 Common Vulnerability Exposure (CVE) ID: CVE-2020-6386 https://crbug.com/1043603 Common Vulnerability Exposure (CVE) ID: CVE-2020-6387 https://crbug.com/1042535 Common Vulnerability Exposure (CVE) ID: CVE-2020-6388 http://packetstormsecurity.com/files/157376/Chrome-AudioArray-Allocate-Data-Race-Out-Of-Bounds-Access.html https://crbug.com/1042879 Common Vulnerability Exposure (CVE) ID: CVE-2020-6389 https://crbug.com/1042933 Common Vulnerability Exposure (CVE) ID: CVE-2020-6390 http://packetstormsecurity.com/files/157419/Chrome-ReadableStream-Close-Out-Of-Bounds-Access.html https://crbug.com/1045874 Common Vulnerability Exposure (CVE) ID: CVE-2020-6391 https://crbug.com/1017871 Common Vulnerability Exposure (CVE) ID: CVE-2020-6392 https://crbug.com/1030411 Common Vulnerability Exposure (CVE) ID: CVE-2020-6393 https://crbug.com/1035058 Common Vulnerability Exposure (CVE) ID: CVE-2020-6394 https://crbug.com/1014371 Common Vulnerability Exposure (CVE) ID: CVE-2020-6395 https://crbug.com/1022855 Common Vulnerability Exposure (CVE) ID: CVE-2020-6396 https://crbug.com/1035271 Common Vulnerability Exposure (CVE) ID: CVE-2020-6397 https://crbug.com/1027408 Common Vulnerability Exposure (CVE) ID: CVE-2020-6398 https://crbug.com/1032090 Common Vulnerability Exposure (CVE) ID: CVE-2020-6399 https://crbug.com/1039869 Common Vulnerability Exposure (CVE) ID: CVE-2020-6400 https://crbug.com/1038036 Common Vulnerability Exposure (CVE) ID: CVE-2020-6401 https://crbug.com/1017707 Common Vulnerability Exposure (CVE) ID: CVE-2020-6402 https://crbug.com/1029375 Common Vulnerability Exposure (CVE) ID: CVE-2020-6403 https://crbug.com/1006012 Common Vulnerability Exposure (CVE) ID: CVE-2020-6404 https://crbug.com/1024256 Common Vulnerability Exposure (CVE) ID: CVE-2020-6405 https://crbug.com/1042145 Common Vulnerability Exposure (CVE) ID: CVE-2020-6406 https://crbug.com/1042254 Common Vulnerability Exposure (CVE) ID: CVE-2020-6407 https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop_24.html https://crbug.com/1045931 Common Vulnerability Exposure (CVE) ID: CVE-2020-6408 https://crbug.com/1026546 Common Vulnerability Exposure (CVE) ID: CVE-2020-6409 https://crbug.com/1037889 Common Vulnerability Exposure (CVE) ID: CVE-2020-6410 https://crbug.com/881675 Common Vulnerability Exposure (CVE) ID: CVE-2020-6411 https://crbug.com/929711 Common Vulnerability Exposure (CVE) ID: CVE-2020-6412 https://crbug.com/968505 Common Vulnerability Exposure (CVE) ID: CVE-2020-6413 https://crbug.com/1005713 Common Vulnerability Exposure (CVE) ID: CVE-2020-6414 https://crbug.com/1021855 Common Vulnerability Exposure (CVE) ID: CVE-2020-6415 https://crbug.com/1029576 Common Vulnerability Exposure (CVE) ID: CVE-2020-6416 https://crbug.com/1031895 Common Vulnerability Exposure (CVE) ID: CVE-2020-6418 http://packetstormsecurity.com/files/156632/Google-Chrome-80-JSCreate-Side-Effect-Type-Confusion.html https://crbug.com/1053604
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.