You are here
Home > Preporuke > Sigurnosni nedostaci programskih paketa Chromium i Google Chrome

Sigurnosni nedostaci programskih paketa Chromium i Google Chrome

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LGE

– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
Gentoo Linux Security Advisory GLSA 201801-03
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
https://security.gentoo.org/
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –

Severity: Normal
Title: Chromium, Google Chrome: Multiple vulnerabilities
Date: January 07, 2018
Bugs: #640334, #641376
ID: 201801-03

– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –

Synopsis
========

Multiple vulnerabilities have been found in Chromium and Google Chrome,
the worst of which could result in the execution of arbitrary code.

Background
==========

Chromium is an open-source browser project that aims to build a safer,
faster, and more stable way for all users to experience the web.

Google Chrome is one fast, simple, and secure browser for all your
devices

Affected packages
=================

——————————————————————-
Package / Vulnerable / Unaffected
——————————————————————-
1 www-client/chromium < 63.0.3239.108 >= 63.0.3239.108
2 www-client/google-chrome
< 63.0.3239.108 >= 63.0.3239.108
——————————————————————-
2 affected packages

Description
===========

Multiple vulnerabilities have been discovered in Chromium and Google
Chrome. Please review the CVE identifiers referenced below for details.

Impact
======

A remote attacker could possibly execute arbitrary code with the
privileges of the process, cause a Denial of Service condition, bypass
content security controls, or conduct URL spoofing.

Workaround
==========

There are no known workarounds at this time.

Resolution
==========

All Chromium users should upgrade to the latest version:

# emerge –sync
# emerge –ask –oneshot -v “>=www-client/chromium-63.0.3239.108”

All Google Chrome users should upgrade to the latest version:

# emerge –sync
# emerge -a –oneshot -v “>=www-client/google-chrome-63.0.3239.108”

References
==========

[ 1 ] CVE-2017-15407
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15407
[ 2 ] CVE-2017-15408
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15408
[ 3 ] CVE-2017-15409
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15409
[ 4 ] CVE-2017-15410
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15410
[ 5 ] CVE-2017-15411<!DOCTYPE HTML PUBLIC “-//W3C//DTD HTML 4.0//EN” “http://www.w3.org/TR/REC-html40/strict.dtd”>
<html><head><meta name=”qrichtext” content=”1″ /><style type=”text/css”>
p, li { white-space: pre-wrap; }
</style></head><body style=” font-family:’Noto Sans’; font-size:10pt; font-weight:400; font-style:normal;”>
<p style=” margin-top:12px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>- – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – -</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>Gentoo Linux Security Advisory GLSA 201801-03</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>- – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – -</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://security.gentoo.org/</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>- – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – -</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> Severity: Normal</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> Title: Chromium, Google Chrome: Multiple vulnerabilities</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> Date: January 07, 2018</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> Bugs: #640334, #641376</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> ID: 201801-03</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>- – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – -</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>Synopsis</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>========</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>Multiple vulnerabilities have been found in Chromium and Google Chrome,</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>the worst of which could result in the execution of arbitrary code.</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>Background</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>==========</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>Chromium is an open-source browser project that aims to build a safer,</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>faster, and more stable way for all users to experience the web.</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>Google Chrome is one fast, simple, and secure browser for all your</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>devices</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>Affected packages</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>=================</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> ——————————————————————-</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> Package / Vulnerable / Unaffected</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> ——————————————————————-</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> 1 www-client/chromium < 63.0.3239.108 >= 63.0.3239.108 </span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> 2 www-client/google-chrome</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> < 63.0.3239.108 >= 63.0.3239.108 </span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> ——————————————————————-</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> 2 affected packages</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>Description</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>===========</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>Multiple vulnerabilities have been discovered in Chromium and Google</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>Chrome. Please review the CVE identifiers referenced below for details.</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>Impact</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>======</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>A remote attacker could possibly execute arbitrary code with the</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>privileges of the process, cause a Denial of Service condition, bypass</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>content security controls, or conduct URL spoofing.</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>Workaround</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>==========</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>There are no known workarounds at this time.</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>Resolution</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>==========</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>All Chromium users should upgrade to the latest version:</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> # emerge –sync</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> # emerge –ask –oneshot -v ">=www-client/chromium-63.0.3239.108"</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>All Google Chrome users should upgrade to the latest version:</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> # emerge –sync</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> # emerge -a –oneshot -v ">=www-client/google-chrome-63.0.3239.108"</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>References</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>==========</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 1 ] CVE-2017-15407</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15407</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 2 ] CVE-2017-15408</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15408</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 3 ] CVE-2017-15409</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15409</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 4 ] CVE-2017-15410</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15410</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 5 ] CVE-2017-15411</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15411</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 6 ] CVE-2017-15412</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15412</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 7 ] CVE-2017-15413</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15413</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 8 ] CVE-2017-15415</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15415</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 9 ] CVE-2017-15416</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15416</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 10 ] CVE-2017-15417</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15417</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 11 ] CVE-2017-15418</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15418</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 12 ] CVE-2017-15419</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15419</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 13 ] CVE-2017-15420</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15420</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 14 ] CVE-2017-15422</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15422</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 15 ] CVE-2017-15423</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15423</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 16 ] CVE-2017-15424</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15424</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 17 ] CVE-2017-15425</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15425</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 18 ] CVE-2017-15426</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15426</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 19 ] CVE-2017-15427</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15427</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 20 ] CVE-2017-15429</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15429</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 21 ] Google Chrome Release 20171206</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>[ 22 ] Google Chrome Release 20171214</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop_14.html</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>Availability</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>============</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>This GLSA and any updates to it are available for viewing at</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>the Gentoo Security Website:</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”> https://security.gentoo.org/glsa/201801-03</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>Concerns?</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>=========</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>Security is a primary focus of Gentoo Linux and ensuring the</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>confidentiality and security of our users’ machines is of utmost</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>importance to us. Any security concerns should be addressed to</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>security@gentoo.org or alternatively, you may file a bug at</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>https://bugs.gentoo.org.</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>License</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>=======</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>Copyright 2018 Gentoo Foundation, Inc; referenced text</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>belongs to its owner(s).</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>The contents of this document are licensed under the</span></p>
<p style=” margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>Creative Commons – Attribution / Share Alike license.</span></p>
<p style=”-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; “> </p>
<p style=” margin-top:0px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;”><span style=” font-family:’Hack’; color:#000000;”>http://creativecommons.org/licenses/by-sa/2.5</span></p></body></html>—–BEGIN PGP SIGNATURE—–

iQEzBAABCAAdFiEEiDRK3jyVBE/RkymqpRQw84X1dt0FAlpSq8YACgkQpRQw84X1
dt1aZQf9GE+iFUGbwa+W6Hsqc4JQXd4013TPTthelOnLzlRe7U12GTisplnnN/vR
oIg2jSWBiZsmpl/2EvnYDXqLSGw+j2QfgDg13ppS6NERP203B0sZW+40g+dXapgI
Ux2tn1WG5xLo849Z6BocrBESglRFhsvv/LI0TbqL3eXsVTLFt0yMrbtWuDN7Z13H
I2VTl92aTFhjzEZoR6ipkLuTRy0bpJqz9rAG8oHK1PvkIl1NWRaR4yDF2iWaAT+n
lOl3BYww4jujVci1wXyWeEDqRlDplR41GPKlFK87xYKOEsiwcCz/6Lyazr0Vo3om
ZUauOFCuSg9X9YGS7lpnVeaEiNMicQ==
=kaSb
—–END PGP SIGNATURE—–

AutorVlatka Misic
Cert idNCERT-REF-2018-01-0005-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
Izvorhttp://www.adobe.com/
Top
More in Preporuke
Sigurnosni nedostaci programskog paketa OptiPNG

Otkriveni su sigurnosni nedostaci u programskom paketu OptiPNG za operacijski sustav Gentoo. Otkriveni nedostaci potencijalnim udaljenim napadačima omogućuju izvršavanje proizvoljnog...

Close