{"id":"MGASA-2020-0123","summary":"Updated chromium-browser-stable packages fix security vulnerabilities","details":"Chromium-browser 80.0.3987.122 fixes security issues:\n\nMultiple flaws were found in the way Chromium 79.0.3945.130 processes\nvarious types of web content, where loading a web page containing malicious\ncontent could cause Chromium to crash, execute arbitrary code, or disclose\nsensitive information. (CVE-2020-6381, CVE-2020-6382, CVE-2020-6383,\nCVE-2020-6384, CVE-2020-6385, CVE-2020-6386, CVE-2020-6387, CVE-2020-6388,\nCVE-2020-6389, CVE-2020-6390, CVE-2020-6391, CVE-2020-6392, CVE-2020-6393,\nCVE-2020-6394, CVE-2020-6395, CVE-2020-6396, CVE-2020-6397, CVE-2020-6398,\nCVE-2020-6399, CVE-2020-6400, CVE-2020-6401, CVE-2020-6402, CVE-2020-6403,\nCVE-2020-6404, CVE-2020-6405, CVE-2020-6406, CVE-2020-6407, CVE-2020-6408,\nCVE-2020-6409, CVE-2020-6410, CVE-2020-6411, CVE-2020-6412, CVE-2020-6413,\nCVE-2020-6414, CVE-2020-6415, CVE-2020-6416, CVE-2020-6418, CVE-2019-18197,\nCVE-2019-19923, CVE-2019-19925, CVE-2019-19926)\n\nUpstream chromium 80.0.3987.122 also includes a fix for an integer overflow\nissue in ICU. Since the chromium-browser-stable package is linked against\nthe icu packages instead of using the ICU source code bundled with chromium\nupstream, this issue is fixed in the icu package.\n","modified":"2026-02-04T02:26:53.380270Z","published":"2020-03-06T16:13:58Z","related":["CVE-2019-1819","CVE-2019-19923","CVE-2019-19925","CVE-2019-19926","CVE-2020-6381","CVE-2020-6382","CVE-2020-6383","CVE-2020-6384","CVE-2020-6385","CVE-2020-6386","CVE-2020-6387","CVE-2020-6388","CVE-2020-6389","CVE-2020-6390","CVE-2020-6391","CVE-2020-6392","CVE-2020-6393","CVE-2020-6394","CVE-2020-6395","CVE-2020-6396","CVE-2020-6397","CVE-2020-6398","CVE-2020-6399","CVE-2020-6400","CVE-2020-6401","CVE-2020-6402","CVE-2020-6403","CVE-2020-6404","CVE-2020-6405","CVE-2020-6406","CVE-2020-6407","CVE-2020-6408","CVE-2020-6409","CVE-2020-6410","CVE-2020-6411","CVE-2020-6412","CVE-2020-6413","CVE-2020-6414","CVE-2020-6415","CVE-2020-6416","CVE-2020-6418"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2020-0123.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=26269"},{"type":"REPORT","url":"https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop.html"},{"type":"REPORT","url":"https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop_11.html"},{"type":"REPORT","url":"https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop_13.html"},{"type":"REPORT","url":"https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop_18.html"},{"type":"REPORT","url":"https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop_24.html"},{"type":"REPORT","url":"https://unicode-org.atlassian.net/browse/ICU-20958"}],"affected":[{"package":{"name":"chromium-browser-stable","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/chromium-browser-stable?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"80.0.3987.122-1.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2020-0123.json"}},{"package":{"name":"icu","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/icu?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"63.1-1.2.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2020-0123.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}