Information on source package chromium

Available versions

ReleaseVersion
stretch (security)73.0.3683.75-1~deb9u1
buster73.0.3683.75-1
sid74.0.3729.108-1

Open issues

BugstretchbustersidDescription
CVE-2019-5827vulnerablevulnerablevulnerable
CVE-2019-5826vulnerablevulnerablevulnerable
CVE-2019-5825vulnerablevulnerablevulnerable
CVE-2019-5824vulnerablevulnerablevulnerable
CVE-2019-5823vulnerablevulnerablefixed
CVE-2019-5822vulnerablevulnerablefixed
CVE-2019-5821vulnerablevulnerablefixed
CVE-2019-5820vulnerablevulnerablefixed
CVE-2019-5819vulnerablevulnerablefixed
CVE-2019-5818vulnerablevulnerablefixed
CVE-2019-5815vulnerablevulnerablefixed
CVE-2019-5814vulnerablevulnerablefixed
CVE-2019-5813vulnerablevulnerablefixed
CVE-2019-5811vulnerablevulnerablefixed
CVE-2019-5810vulnerablevulnerablefixed
CVE-2019-5809vulnerablevulnerablefixed
CVE-2019-5808vulnerablevulnerablefixed
CVE-2019-5807vulnerablevulnerablefixed
CVE-2019-5806vulnerablevulnerablefixed
CVE-2019-5805vulnerablevulnerablefixed
CVE-2018-20073vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerablechromium stores download meta data in extended attributes

Resolved issues

BugDescription
CVE-2019-5817
CVE-2019-5816
CVE-2019-5812
CVE-2019-5804
CVE-2019-5803
CVE-2019-5802
CVE-2019-5801
CVE-2019-5800
CVE-2019-5799
CVE-2019-5798
CVE-2019-5797
CVE-2019-5796
CVE-2019-5795
CVE-2019-5794
CVE-2019-5793
CVE-2019-5792
CVE-2019-5791
CVE-2019-5790
CVE-2019-5789
CVE-2019-5788
CVE-2019-5787
CVE-2019-5786
CVE-2019-5784
CVE-2019-5783Missing URI encoding of untrusted input in DevTools in Google Chrome p ...
CVE-2019-5782Incorrect optimization assumptions in V8 in Google Chrome prior to 72. ...
CVE-2019-5781Incorrect handling of a confusable character in Omnibox in Google Chro ...
CVE-2019-5780Insufficient restrictions on what can be done with Apple Events in Goo ...
CVE-2019-5779Insufficient policy validation in ServiceWorker in Google Chrome prior ...
CVE-2019-5778A missing case for handling special schemes in permission request chec ...
CVE-2019-5777Incorrect handling of a confusable character in Omnibox in Google Chro ...
CVE-2019-5776Incorrect handling of a confusable character in Omnibox in Google Chro ...
CVE-2019-5775Incorrect handling of a confusable character in Omnibox in Google Chro ...
CVE-2019-5774Omission of the .desktop filetype from the Safe Browsing checklist in ...
CVE-2019-5773Insufficient origin validation in IndexedDB in Google Chrome prior to ...
CVE-2019-5772Sharing of objects over calls into JavaScript runtime in PDFium in Goo ...
CVE-2019-5771An incorrect JIT of GLSL shaders in SwiftShader in Google Chrome prior ...
CVE-2019-5770Insufficient input validation in WebGL in Google Chrome prior to 72.0. ...
CVE-2019-5769Incorrect handling of invalid end character position when front render ...
CVE-2019-5768DevTools API not correctly gating on extension capability in DevTools ...
CVE-2019-5767Insufficient protection of permission UI in WebAPKs in Google Chrome o ...
CVE-2019-5766Incorrect handling of origin taint checking in Canvas in Google Chrome ...
CVE-2019-5765An exposed debugging endpoint in the browser in Google Chrome on Andro ...
CVE-2019-5764Incorrect pointer management in WebRTC in Google Chrome prior to 72.0. ...
CVE-2019-5763Failure to check error conditions in V8 in Google Chrome prior to 72.0 ...
CVE-2019-5762Inappropriate memory management when caching in PDFium in Google Chrom ...
CVE-2019-5761Incorrect object lifecycle management in SwiftShader in Google Chrome ...
CVE-2019-5760Insufficient checks of pointer validity in WebRTC in Google Chrome pri ...
CVE-2019-5759Incorrect lifetime handling in HTML select elements in Google Chrome o ...
CVE-2019-5758Incorrect object lifecycle management in Blink in Google Chrome prior ...
CVE-2019-5757An incorrect object type assumption in SVG in Google Chrome prior to 7 ...
CVE-2019-5756Inappropriate memory management when caching in PDFium in Google Chrom ...
CVE-2019-5755Incorrect handling of negative zero in V8 in Google Chrome prior to 72 ...
CVE-2019-5754Implementation error in QUIC Networking in Google Chrome prior to 72.0 ...
CVE-2018-20346SQLite before 3.25.3, when the FTS3 extension is enabled, encounters a ...
CVE-2018-20070Incorrect handling of confusable characters in URL Formatter in Google ...
CVE-2018-20069Failure to prevent navigation to top frame to data URLs in Navigation ...
CVE-2018-20068Incorrect handling of 304 status codes in Navigation in Google Chrome ...
CVE-2018-20067A renderer initiated back navigation was incorrectly allowed to cancel ...
CVE-2018-20066Incorrect object lifecycle in Extensions in Google Chrome prior to 71. ...
CVE-2018-20065Handling of URI action in PDFium in Google Chrome prior to 71.0.3578.8 ...
CVE-2018-18359Incorrect handling of Reflect.construct in V8 in Google Chrome prior t ...
CVE-2018-18358Lack of special casing of localhost in WPAD files in Google Chrome pri ...
CVE-2018-18357Incorrect handling of confusable characters in URL Formatter in Google ...
CVE-2018-18356An integer overflow in path handling lead to a use after free in Skia ...
CVE-2018-18355Incorrect handling of confusable characters in URL Formatter in Google ...
CVE-2018-18354Insufficient validate of external protocols in Shell Integration in Go ...
CVE-2018-18353Failure to dismiss http auth dialogs on navigation in Network Authenti ...
CVE-2018-18352Service works could inappropriately gain access to cross origin audio ...
CVE-2018-18351Lack of proper validation of ancestor frames site when sending lax coo ...
CVE-2018-18350Incorrect handling of CSP enforcement during navigations in Blink in G ...
CVE-2018-18349Remote frame navigations was incorrectly permitted to local resources ...
CVE-2018-18348Incorrect handling of bidirectional domain names with RTL characters i ...
CVE-2018-18347Incorrect handling of failed navigations with invalid URLs in Navigati ...
CVE-2018-18346Incorrect handling of alert box display in Blink in Google Chrome prio ...
CVE-2018-18345Incorrect handling of blob URLS in Site Isolation in Google Chrome pri ...
CVE-2018-18344Inappropriate allowance of the setDownloadBehavior devtools protocol f ...
CVE-2018-18343Incorrect handing of paths leading to a use after free in Skia in Goog ...
CVE-2018-18342Execution of user supplied Javascript during object deserialization ca ...
CVE-2018-18341An integer overflow leading to a heap buffer overflow in Blink in Goog ...
CVE-2018-18340Incorrect object lifecycle in MediaRecorder in Google Chrome prior to ...
CVE-2018-18339Incorrect object lifecycle in WebAudio in Google Chrome prior to 71.0. ...
CVE-2018-18338Incorrect, thread-unsafe use of SkImage in Canvas in Google Chrome pri ...
CVE-2018-18337Incorrect handling of stylesheets leading to a use after free in Blink ...
CVE-2018-18336Incorrect object lifecycle in PDFium in Google Chrome prior to 71.0.35 ...
CVE-2018-18335Heap buffer overflow in Skia in Google Chrome prior to 71.0.3578.80 al ...
CVE-2018-17481Incorrect object lifecycle handling in PDFium in Google Chrome prior t ...
CVE-2018-17480Execution of user supplied Javascript during array deserialization lea ...

Security announcements

DSA / DLADescription
DSA-4421-1chromium - security update
DSA-4404-1chromium - security update
DSA-4395-2chromium - regression update
DSA-4395-1chromium - security update

Search for package or bug name: Reporting problems