Debian: Security Advisory for chromium (DSA-4917-1)

The remote host is missing an update for the 'chromium' package(s) announced via the DSA-4917-1 advisory.

Several vulnerabilities have been discovered in the chromium web browser. CVE-2021-30506 @retsew0x01 discovered an error in the Web App installation interface. CVE-2021-30507 Alison Huffman discovered an error in the Offline mode. CVE-2021-30508 Leecraso and Guang Gong discovered a buffer overflow issue in the Media Feeds implementation. CVE-2021-30509 David Erceg discovered an out-of-bounds write issue in the Tab Strip implementation. CVE-2021-30510 Weipeng Jiang discovered a race condition in the aura window manager. CVE-2021-30511 David Erceg discovered an out-of-bounds read issue in the Tab Strip implementation. CVE-2021-30512 ZhanJia Song discovered a use-after-free issue in the notifications implementation. CVE-2021-30513 Man Yue Mo discovered an incorrect type in the v8 javascript library. CVE-2021-30514 koocola and Wang discovered a use-after-free issue in the Autofill feature. CVE-2021-30515 Rong Jian and Guang Gong discovered a use-after-free issue in the file system access API. CVE-2021-30516 ZhanJia Song discovered a buffer overflow issue in the browsing history. CVE-2021-30517 Jun Kokatsu discovered a buffer overflow issue in the reader mode. CVE-2021-30518 laural discovered use of an incorrect type in the v8 javascript library. CVE-2021-30519 asnine discovered a use-after-free issue in the Payments feature. CVE-2021-30520 Khalil Zhani discovered a use-after-free issue in the Tab Strip implementation.

'chromium' package(s) on Debian Linux.

Checks if a vulnerable package version is present on the target host.

For the stable distribution (buster), these problems have been fixed in version 90.0.4430.212-1~deb10u1. We recommend that you upgrade your chromium packages.