Chromium is an open-source web browser, powered by WebKit (Blink).
This update upgrades Chromium to version 66.0.3359.117.
Security Fix(es):
chromium-browser: Use after free in Disk Cache (CVE-2018-6085)
chromium-browser: Use after free in Disk Cache (CVE-2018-6086)
chromium-browser: Use after free in WebAssembly (CVE-2018-6087)
chromium-browser: Use after free in PDFium (CVE-2018-6088)
chromium-browser: Same origin policy bypass in Service Worker (CVE-2018-6089)
chromium-browser: Heap buffer overflow in Skia (CVE-2018-6090)
chromium-browser: Incorrect handling of plug-ins by Service Worker (CVE-2018-6091)
chromium-browser: Integer overflow in WebAssembly (CVE-2018-6092)
chromium-browser: Same origin bypass in Service Worker (CVE-2018-6093)
chromium-browser: Exploit hardening regression in Oilpan (CVE-2018-6094)
chromium-browser: Lack of meaningful user interaction requirement before file upload (CVE-2018-6095)
chromium-browser: Fullscreen UI spoof (CVE-2018-6096)
chromium-browser: Fullscreen UI spoof (CVE-2018-6097)
chromium-browser: URL spoof in Omnibox (CVE-2018-6098)
chromium-browser: CORS bypass in ServiceWorker (CVE-2018-6099)
chromium-browser: URL spoof in Omnibox (CVE-2018-6100)
chromium-browser: Insufficient protection of remote debugging prototol in DevTools (CVE-2018-6101)
chromium-browser: URL spoof in Omnibox (CVE-2018-6102)
chromium-browser: UI spoof in Permissions (CVE-2018-6103)
chromium-browser: URL spoof in Omnibox (CVE-2018-6104)
chromium-browser: URL spoof in Omnibox (CVE-2018-6105)
chromium-browser: Incorrect handling of promises in V8 (CVE-2018-6106)
chromium-browser: URL spoof in Omnibox (CVE-2018-6107)
chromium-browser: URL spoof in Omnibox (CVE-2018-6108)
chromium-browser: Incorrect handling of files by FileAPI (CVE-2018-6109)
chromium-browser: Incorrect handling of plaintext files via file:// (CVE-2018-6110)
chromium-browser: Heap-use-after-free in DevTools (CVE-2018-6111)
chromium-browser: Incorrect URL handling in DevTools (CVE-2018-6112)
chromium-browser: URL spoof in Navigation (CVE-2018-6113)
chromium-browser: CSP bypass (CVE-2018-6114)
chromium-browser: Incorrect low memory handling in WebAssembly (CVE-2018-6116)
chromium-browser: Confusing autofill settings (CVE-2018-6117)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 6 | x86_64 | chromium-browser | < 66.0.3359.117-1.el6_9 | chromium-browser-66.0.3359.117-1.el6_9.x86_64.rpm |
RedHat | 6 | i686 | chromium-browser | < 66.0.3359.117-1.el6_9 | chromium-browser-66.0.3359.117-1.el6_9.i686.rpm |
RedHat | 6 | i686 | chromium-browser-debuginfo | < 66.0.3359.117-1.el6_9 | chromium-browser-debuginfo-66.0.3359.117-1.el6_9.i686.rpm |
RedHat | 6 | x86_64 | chromium-browser-debuginfo | < 66.0.3359.117-1.el6_9 | chromium-browser-debuginfo-66.0.3359.117-1.el6_9.x86_64.rpm |