Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2019-13752
Vulnerability from cvelistv5
Published
2019-12-10 21:01
Modified
2024-08-05 00:05
Severity ?
EPSS score ?
Summary
Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T00:05:43.747Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://crbug.com/1025470" }, { "name": "RHSA-2019:4238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:4238" }, { "name": "openSUSE-SU-2019:2692", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00032.html" }, { "name": "FEDORA-2019-1a10c04281", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2Z5M4FPUMDNX2LDPHJKN5ZV5GIS2AKNU/" }, { "name": "openSUSE-SU-2019:2694", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00036.html" }, { "name": "FEDORA-2020-4355ea258e", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N5CIQCVS6E3ULJCNU7YJXJPO2BLQZDTK/" }, { "name": "20200120 [SECURITY] [DSA 4606-1] chromium security update", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "https://seclists.org/bugtraq/2020/Jan/27" }, { "name": "DSA-4606", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2020/dsa-4606" }, { "name": "GLSA-202003-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202003-08" }, { "name": "USN-4298-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/4298-1/" }, { "name": "USN-4298-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/4298-2/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Chrome", "vendor": "Google", "versions": [ { "lessThan": "79.0.3945.79", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page." } ], "problemTypes": [ { "descriptions": [ { "description": "Out of bounds read", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2020-08-06T18:06:14", "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "shortName": "Chrome" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://crbug.com/1025470" }, { "name": "RHSA-2019:4238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:4238" }, { "name": "openSUSE-SU-2019:2692", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00032.html" }, { "name": "FEDORA-2019-1a10c04281", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2Z5M4FPUMDNX2LDPHJKN5ZV5GIS2AKNU/" }, { "name": "openSUSE-SU-2019:2694", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00036.html" }, { "name": "FEDORA-2020-4355ea258e", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N5CIQCVS6E3ULJCNU7YJXJPO2BLQZDTK/" }, { "name": "20200120 [SECURITY] [DSA 4606-1] chromium security update", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "https://seclists.org/bugtraq/2020/Jan/27" }, { "name": "DSA-4606", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2020/dsa-4606" }, { "name": "GLSA-202003-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202003-08" }, { "name": "USN-4298-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/4298-1/" }, { "name": "USN-4298-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/4298-2/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "chrome-cve-admin@google.com", "ID": "CVE-2019-13752", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Chrome", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "79.0.3945.79" } ] } } ] }, "vendor_name": "Google" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Out of bounds read" } ] } ] }, "references": { "reference_data": [ { "name": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "refsource": "MISC", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" }, { "name": "https://crbug.com/1025470", "refsource": "MISC", "url": "https://crbug.com/1025470" }, { "name": "RHSA-2019:4238", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:4238" }, { "name": "openSUSE-SU-2019:2692", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00032.html" }, { "name": "FEDORA-2019-1a10c04281", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2Z5M4FPUMDNX2LDPHJKN5ZV5GIS2AKNU/" }, { "name": "openSUSE-SU-2019:2694", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00036.html" }, { "name": "FEDORA-2020-4355ea258e", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N5CIQCVS6E3ULJCNU7YJXJPO2BLQZDTK/" }, { "name": "20200120 [SECURITY] [DSA 4606-1] chromium security update", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2020/Jan/27" }, { "name": "DSA-4606", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2020/dsa-4606" }, { "name": "GLSA-202003-08", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202003-08" }, { "name": "USN-4298-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4298-1/" }, { "name": "USN-4298-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4298-2/" } ] } } } }, "cveMetadata": { "assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "assignerShortName": "Chrome", "cveId": "CVE-2019-13752", "datePublished": "2019-12-10T21:01:52", "dateReserved": "2019-07-18T00:00:00", "dateUpdated": "2024-08-05T00:05:43.747Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "vulnerability-lookup:meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2019-13752\",\"sourceIdentifier\":\"chrome-cve-admin@google.com\",\"published\":\"2019-12-10T22:15:14.980\",\"lastModified\":\"2024-11-21T04:25:39.087\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.\"},{\"lang\":\"es\",\"value\":\"Una lectura fuera de l\u00edmites en SQLite en Google Chrome versiones anteriores a la versi\u00f3n 79.0.3945.79, permiti\u00f3 a un atacante remoto conseguir informaci\u00f3n potencialmente confidencial desde la memoria del proceso por medio de una p\u00e1gina HTML especialmente dise\u00f1ada.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:N/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"79.0.3945.79\",\"matchCriteriaId\":\"D3900404-81EC-4968-BD74-1630F385643D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97A4B8DF-58DA-4AB6-A1F9-331B36409BA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80F0FA5D-8D3B-4C0E-81E2-87998286AF33\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:x64:*\",\"matchCriteriaId\":\"EB779E2B-B0A9-41F4-9000-4BAB848E7677\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:x86:*\",\"matchCriteriaId\":\"142A2E7B-9B0D-4335-8C92-FC9A6381DC8C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:x64:*\",\"matchCriteriaId\":\"6194D474-EEEA-41FD-8FE8-090A9C10BDBF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:x86:*\",\"matchCriteriaId\":\"1C493BF1-8890-4A3A-A207-FA5273259F61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:x64:*\",\"matchCriteriaId\":\"F4C70C61-4DE2-49BE-81EA-9BCAC6F31C15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:x86:*\",\"matchCriteriaId\":\"61F3999C-19F8-4723-8AC9-687FEFF27BD7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:x64:*\",\"matchCriteriaId\":\"5F492BA1-72AD-4302-985E-EB2E465FC22B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:x86:*\",\"matchCriteriaId\":\"BD58D619-D524-4690-85E4-ECE3B984D4B1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"815D70A8-47D3-459C-A32C-9FEACA0659D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A31C8344-3E02-4EB8-8BD8-4C84B7959624\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00032.html\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00036.html\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:4238\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://crbug.com/1025470\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Permissions Required\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2Z5M4FPUMDNX2LDPHJKN5ZV5GIS2AKNU/\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N5CIQCVS6E3ULJCNU7YJXJPO2BLQZDTK/\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"https://seclists.org/bugtraq/2020/Jan/27\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202003-08\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4298-1/\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4298-2/\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2020/dsa-4606\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00032.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00036.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:4238\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://crbug.com/1025470\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2Z5M4FPUMDNX2LDPHJKN5ZV5GIS2AKNU/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N5CIQCVS6E3ULJCNU7YJXJPO2BLQZDTK/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://seclists.org/bugtraq/2020/Jan/27\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202003-08\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4298-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4298-2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2020/dsa-4606\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}" } }
rhsa-2020_1810
Vulnerability from csaf_redhat
Published
2020-04-28 15:49
Modified
2024-11-22 14:07
Summary
Red Hat Security Advisory: sqlite security and bug fix update
Notes
Topic
An update for sqlite is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server.
Security Fix(es):
* sqlite: heap out-of-bound read in function rtreenode() (CVE-2019-8457)
* sqlite: fts3: improve shadow table corruption detection (CVE-2019-13752)
* sqlite: fts3: incorrectly removed corruption check (CVE-2019-13753)
* sqlite: mishandling of certain uses of SELECT DISTINCT involving a LEFT JOIN in flattenSubquery in select.c leads to a NULL pointer dereference (CVE-2019-19923)
* sqlite: incorrect sqlite3WindowRewrite() error handling leads to mishandling certain parser-tree rewriting (CVE-2019-19924)
* sqlite: zipfileUpdate in ext/misc/zipfile.c mishandles a NULL pathname during an update of a ZIP archive (CVE-2019-19925)
* sqlite: mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames (CVE-2019-19959)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for sqlite is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server.\n\nSecurity Fix(es):\n\n* sqlite: heap out-of-bound read in function rtreenode() (CVE-2019-8457)\n\n* sqlite: fts3: improve shadow table corruption detection (CVE-2019-13752)\n\n* sqlite: fts3: incorrectly removed corruption check (CVE-2019-13753)\n\n* sqlite: mishandling of certain uses of SELECT DISTINCT involving a LEFT JOIN in flattenSubquery in select.c leads to a NULL pointer dereference (CVE-2019-19923)\n\n* sqlite: incorrect sqlite3WindowRewrite() error handling leads to mishandling certain parser-tree rewriting (CVE-2019-19924)\n\n* sqlite: zipfileUpdate in ext/misc/zipfile.c mishandles a NULL pathname during an update of a ZIP archive (CVE-2019-19925)\n\n* sqlite: mishandles certain uses of INSERT INTO in situations involving embedded \u0027\\0\u0027 characters in filenames (CVE-2019-19959)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:1810", "url": "https://access.redhat.com/errata/RHSA-2020:1810" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.2_release_notes/index", "url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.2_release_notes/index" }, { "category": "external", "summary": "1716881", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1716881" }, { "category": "external", "summary": "1781999", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781999" }, { "category": "external", "summary": "1782000", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782000" }, { "category": "external", "summary": "1788842", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788842" }, { "category": "external", "summary": "1788846", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788846" }, { "category": "external", "summary": "1788866", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788866" }, { "category": "external", "summary": "1789595", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1789595" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_1810.json" } ], "title": "Red Hat Security Advisory: sqlite security and bug fix update", "tracking": { "current_release_date": "2024-11-22T14:07:49+00:00", "generator": { "date": "2024-11-22T14:07:49+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2020:1810", "initial_release_date": "2020-04-28T15:49:32+00:00", "revision_history": [ { "date": "2020-04-28T15:49:32+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-04-28T15:49:32+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T14:07:49+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream (v. 8)", "product": { "name": "Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:8::appstream" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux BaseOS (v. 8)", "product": { "name": "Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:8::baseos" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "lemon-0:3.26.0-6.el8.ppc64le", "product": { "name": "lemon-0:3.26.0-6.el8.ppc64le", "product_id": "lemon-0:3.26.0-6.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/lemon@3.26.0-6.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "product": { "name": "sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "product_id": "sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-debugsource@3.26.0-6.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "product": { "name": "lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "product_id": "lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/lemon-debuginfo@3.26.0-6.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "product": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "product_id": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-analyzer-debuginfo@3.26.0-6.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "product": { "name": "sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "product_id": "sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-debuginfo@3.26.0-6.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "product": { "name": "sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "product_id": "sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-libs-debuginfo@3.26.0-6.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "product": { "name": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "product_id": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-tcl-debuginfo@3.26.0-6.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "sqlite-0:3.26.0-6.el8.ppc64le", "product": { "name": "sqlite-0:3.26.0-6.el8.ppc64le", "product_id": "sqlite-0:3.26.0-6.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite@3.26.0-6.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "sqlite-devel-0:3.26.0-6.el8.ppc64le", "product": { "name": "sqlite-devel-0:3.26.0-6.el8.ppc64le", "product_id": "sqlite-devel-0:3.26.0-6.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-devel@3.26.0-6.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "sqlite-libs-0:3.26.0-6.el8.ppc64le", "product": { "name": "sqlite-libs-0:3.26.0-6.el8.ppc64le", "product_id": "sqlite-libs-0:3.26.0-6.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-libs@3.26.0-6.el8?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "lemon-0:3.26.0-6.el8.s390x", "product": { "name": "lemon-0:3.26.0-6.el8.s390x", "product_id": "lemon-0:3.26.0-6.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/lemon@3.26.0-6.el8?arch=s390x" } } }, { "category": "product_version", "name": "sqlite-debugsource-0:3.26.0-6.el8.s390x", "product": { "name": "sqlite-debugsource-0:3.26.0-6.el8.s390x", "product_id": "sqlite-debugsource-0:3.26.0-6.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-debugsource@3.26.0-6.el8?arch=s390x" } } }, { "category": "product_version", "name": "lemon-debuginfo-0:3.26.0-6.el8.s390x", "product": { "name": "lemon-debuginfo-0:3.26.0-6.el8.s390x", "product_id": "lemon-debuginfo-0:3.26.0-6.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/lemon-debuginfo@3.26.0-6.el8?arch=s390x" } } }, { "category": "product_version", "name": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "product": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "product_id": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-analyzer-debuginfo@3.26.0-6.el8?arch=s390x" } } }, { "category": "product_version", "name": "sqlite-debuginfo-0:3.26.0-6.el8.s390x", "product": { "name": "sqlite-debuginfo-0:3.26.0-6.el8.s390x", "product_id": "sqlite-debuginfo-0:3.26.0-6.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-debuginfo@3.26.0-6.el8?arch=s390x" } } }, { "category": "product_version", "name": "sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "product": { "name": "sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "product_id": "sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-libs-debuginfo@3.26.0-6.el8?arch=s390x" } } }, { "category": "product_version", "name": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "product": { "name": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "product_id": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-tcl-debuginfo@3.26.0-6.el8?arch=s390x" } } }, { "category": "product_version", "name": "sqlite-0:3.26.0-6.el8.s390x", "product": { "name": "sqlite-0:3.26.0-6.el8.s390x", "product_id": "sqlite-0:3.26.0-6.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite@3.26.0-6.el8?arch=s390x" } } }, { "category": "product_version", "name": "sqlite-devel-0:3.26.0-6.el8.s390x", "product": { "name": "sqlite-devel-0:3.26.0-6.el8.s390x", "product_id": "sqlite-devel-0:3.26.0-6.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-devel@3.26.0-6.el8?arch=s390x" } } }, { "category": "product_version", "name": "sqlite-libs-0:3.26.0-6.el8.s390x", "product": { "name": "sqlite-libs-0:3.26.0-6.el8.s390x", "product_id": "sqlite-libs-0:3.26.0-6.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-libs@3.26.0-6.el8?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "lemon-0:3.26.0-6.el8.x86_64", "product": { "name": "lemon-0:3.26.0-6.el8.x86_64", "product_id": "lemon-0:3.26.0-6.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/lemon@3.26.0-6.el8?arch=x86_64" } } }, { "category": "product_version", "name": "sqlite-debugsource-0:3.26.0-6.el8.x86_64", "product": { "name": "sqlite-debugsource-0:3.26.0-6.el8.x86_64", "product_id": "sqlite-debugsource-0:3.26.0-6.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-debugsource@3.26.0-6.el8?arch=x86_64" } } }, { "category": "product_version", "name": "lemon-debuginfo-0:3.26.0-6.el8.x86_64", "product": { "name": "lemon-debuginfo-0:3.26.0-6.el8.x86_64", "product_id": "lemon-debuginfo-0:3.26.0-6.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/lemon-debuginfo@3.26.0-6.el8?arch=x86_64" } } }, { "category": "product_version", "name": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "product": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "product_id": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-analyzer-debuginfo@3.26.0-6.el8?arch=x86_64" } } }, { "category": "product_version", "name": "sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "product": { "name": "sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "product_id": "sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-debuginfo@3.26.0-6.el8?arch=x86_64" } } }, { "category": "product_version", "name": "sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "product": { "name": "sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "product_id": "sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-libs-debuginfo@3.26.0-6.el8?arch=x86_64" } } }, { "category": "product_version", "name": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "product": { "name": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "product_id": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-tcl-debuginfo@3.26.0-6.el8?arch=x86_64" } } }, { "category": "product_version", "name": "sqlite-0:3.26.0-6.el8.x86_64", "product": { "name": "sqlite-0:3.26.0-6.el8.x86_64", "product_id": "sqlite-0:3.26.0-6.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite@3.26.0-6.el8?arch=x86_64" } } }, { "category": "product_version", "name": "sqlite-devel-0:3.26.0-6.el8.x86_64", "product": { "name": "sqlite-devel-0:3.26.0-6.el8.x86_64", "product_id": "sqlite-devel-0:3.26.0-6.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-devel@3.26.0-6.el8?arch=x86_64" } } }, { "category": "product_version", "name": "sqlite-libs-0:3.26.0-6.el8.x86_64", "product": { "name": "sqlite-libs-0:3.26.0-6.el8.x86_64", "product_id": "sqlite-libs-0:3.26.0-6.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-libs@3.26.0-6.el8?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "lemon-0:3.26.0-6.el8.aarch64", "product": { "name": "lemon-0:3.26.0-6.el8.aarch64", "product_id": "lemon-0:3.26.0-6.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/lemon@3.26.0-6.el8?arch=aarch64" } } }, { "category": "product_version", "name": "sqlite-debugsource-0:3.26.0-6.el8.aarch64", "product": { "name": "sqlite-debugsource-0:3.26.0-6.el8.aarch64", "product_id": "sqlite-debugsource-0:3.26.0-6.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-debugsource@3.26.0-6.el8?arch=aarch64" } } }, { "category": "product_version", "name": "lemon-debuginfo-0:3.26.0-6.el8.aarch64", "product": { "name": "lemon-debuginfo-0:3.26.0-6.el8.aarch64", "product_id": "lemon-debuginfo-0:3.26.0-6.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/lemon-debuginfo@3.26.0-6.el8?arch=aarch64" } } }, { "category": "product_version", "name": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "product": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "product_id": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-analyzer-debuginfo@3.26.0-6.el8?arch=aarch64" } } }, { "category": "product_version", "name": "sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "product": { "name": "sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "product_id": "sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-debuginfo@3.26.0-6.el8?arch=aarch64" } } }, { "category": "product_version", "name": "sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "product": { "name": "sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "product_id": "sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-libs-debuginfo@3.26.0-6.el8?arch=aarch64" } } }, { "category": "product_version", "name": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "product": { "name": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "product_id": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-tcl-debuginfo@3.26.0-6.el8?arch=aarch64" } } }, { "category": "product_version", "name": "sqlite-0:3.26.0-6.el8.aarch64", "product": { "name": "sqlite-0:3.26.0-6.el8.aarch64", "product_id": "sqlite-0:3.26.0-6.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite@3.26.0-6.el8?arch=aarch64" } } }, { "category": "product_version", "name": "sqlite-devel-0:3.26.0-6.el8.aarch64", "product": { "name": "sqlite-devel-0:3.26.0-6.el8.aarch64", "product_id": "sqlite-devel-0:3.26.0-6.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-devel@3.26.0-6.el8?arch=aarch64" } } }, { "category": "product_version", "name": "sqlite-libs-0:3.26.0-6.el8.aarch64", "product": { "name": "sqlite-libs-0:3.26.0-6.el8.aarch64", "product_id": "sqlite-libs-0:3.26.0-6.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-libs@3.26.0-6.el8?arch=aarch64" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "sqlite-0:3.26.0-6.el8.i686", "product": { "name": "sqlite-0:3.26.0-6.el8.i686", "product_id": "sqlite-0:3.26.0-6.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite@3.26.0-6.el8?arch=i686" } } }, { "category": "product_version", "name": "sqlite-devel-0:3.26.0-6.el8.i686", "product": { "name": "sqlite-devel-0:3.26.0-6.el8.i686", "product_id": "sqlite-devel-0:3.26.0-6.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-devel@3.26.0-6.el8?arch=i686" } } }, { "category": "product_version", "name": "sqlite-libs-0:3.26.0-6.el8.i686", "product": { "name": "sqlite-libs-0:3.26.0-6.el8.i686", "product_id": "sqlite-libs-0:3.26.0-6.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-libs@3.26.0-6.el8?arch=i686" } } }, { "category": "product_version", "name": "sqlite-debugsource-0:3.26.0-6.el8.i686", "product": { "name": "sqlite-debugsource-0:3.26.0-6.el8.i686", "product_id": "sqlite-debugsource-0:3.26.0-6.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-debugsource@3.26.0-6.el8?arch=i686" } } }, { "category": "product_version", "name": "lemon-debuginfo-0:3.26.0-6.el8.i686", "product": { "name": "lemon-debuginfo-0:3.26.0-6.el8.i686", "product_id": "lemon-debuginfo-0:3.26.0-6.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/lemon-debuginfo@3.26.0-6.el8?arch=i686" } } }, { "category": "product_version", "name": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "product": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "product_id": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-analyzer-debuginfo@3.26.0-6.el8?arch=i686" } } }, { "category": "product_version", "name": "sqlite-debuginfo-0:3.26.0-6.el8.i686", "product": { "name": "sqlite-debuginfo-0:3.26.0-6.el8.i686", "product_id": "sqlite-debuginfo-0:3.26.0-6.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-debuginfo@3.26.0-6.el8?arch=i686" } } }, { "category": "product_version", "name": "sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "product": { "name": "sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "product_id": "sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-libs-debuginfo@3.26.0-6.el8?arch=i686" } } }, { "category": "product_version", "name": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "product": { "name": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "product_id": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-tcl-debuginfo@3.26.0-6.el8?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "sqlite-0:3.26.0-6.el8.src", "product": { "name": "sqlite-0:3.26.0-6.el8.src", "product_id": "sqlite-0:3.26.0-6.el8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite@3.26.0-6.el8?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "sqlite-doc-0:3.26.0-6.el8.noarch", "product": { "name": "sqlite-doc-0:3.26.0-6.el8.noarch", "product_id": "sqlite-doc-0:3.26.0-6.el8.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-doc@3.26.0-6.el8?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "lemon-0:3.26.0-6.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64" }, "product_reference": "lemon-0:3.26.0-6.el8.aarch64", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-0:3.26.0-6.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le" }, "product_reference": "lemon-0:3.26.0-6.el8.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-0:3.26.0-6.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x" }, "product_reference": "lemon-0:3.26.0-6.el8.s390x", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-0:3.26.0-6.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64" }, "product_reference": "lemon-0:3.26.0-6.el8.x86_64", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-debuginfo-0:3.26.0-6.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64" }, "product_reference": "lemon-debuginfo-0:3.26.0-6.el8.aarch64", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-debuginfo-0:3.26.0-6.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686" }, "product_reference": "lemon-debuginfo-0:3.26.0-6.el8.i686", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-debuginfo-0:3.26.0-6.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le" }, "product_reference": "lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-debuginfo-0:3.26.0-6.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x" }, "product_reference": "lemon-debuginfo-0:3.26.0-6.el8.s390x", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-debuginfo-0:3.26.0-6.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64" }, "product_reference": "lemon-debuginfo-0:3.26.0-6.el8.x86_64", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-0:3.26.0-6.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64" }, "product_reference": "sqlite-0:3.26.0-6.el8.aarch64", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-0:3.26.0-6.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686" }, "product_reference": "sqlite-0:3.26.0-6.el8.i686", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-0:3.26.0-6.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le" }, "product_reference": "sqlite-0:3.26.0-6.el8.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-0:3.26.0-6.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x" }, "product_reference": "sqlite-0:3.26.0-6.el8.s390x", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-0:3.26.0-6.el8.src as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src" }, "product_reference": "sqlite-0:3.26.0-6.el8.src", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-0:3.26.0-6.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64" }, "product_reference": "sqlite-0:3.26.0-6.el8.x86_64", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64" }, "product_reference": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686" }, "product_reference": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le" }, "product_reference": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x" }, "product_reference": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64" }, "product_reference": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debuginfo-0:3.26.0-6.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64" }, "product_reference": "sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debuginfo-0:3.26.0-6.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686" }, "product_reference": "sqlite-debuginfo-0:3.26.0-6.el8.i686", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debuginfo-0:3.26.0-6.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le" }, "product_reference": "sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debuginfo-0:3.26.0-6.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x" }, "product_reference": "sqlite-debuginfo-0:3.26.0-6.el8.s390x", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debuginfo-0:3.26.0-6.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64" }, "product_reference": "sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debugsource-0:3.26.0-6.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64" }, "product_reference": "sqlite-debugsource-0:3.26.0-6.el8.aarch64", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debugsource-0:3.26.0-6.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686" }, "product_reference": "sqlite-debugsource-0:3.26.0-6.el8.i686", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debugsource-0:3.26.0-6.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le" }, "product_reference": "sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debugsource-0:3.26.0-6.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x" }, "product_reference": "sqlite-debugsource-0:3.26.0-6.el8.s390x", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debugsource-0:3.26.0-6.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64" }, "product_reference": "sqlite-debugsource-0:3.26.0-6.el8.x86_64", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-devel-0:3.26.0-6.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64" }, "product_reference": "sqlite-devel-0:3.26.0-6.el8.aarch64", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-devel-0:3.26.0-6.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686" }, "product_reference": "sqlite-devel-0:3.26.0-6.el8.i686", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-devel-0:3.26.0-6.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le" }, "product_reference": "sqlite-devel-0:3.26.0-6.el8.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-devel-0:3.26.0-6.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x" }, "product_reference": "sqlite-devel-0:3.26.0-6.el8.s390x", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-devel-0:3.26.0-6.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64" }, "product_reference": "sqlite-devel-0:3.26.0-6.el8.x86_64", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-doc-0:3.26.0-6.el8.noarch as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch" }, "product_reference": "sqlite-doc-0:3.26.0-6.el8.noarch", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-0:3.26.0-6.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64" }, "product_reference": "sqlite-libs-0:3.26.0-6.el8.aarch64", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-0:3.26.0-6.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686" }, "product_reference": "sqlite-libs-0:3.26.0-6.el8.i686", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-0:3.26.0-6.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le" }, "product_reference": "sqlite-libs-0:3.26.0-6.el8.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-0:3.26.0-6.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x" }, "product_reference": "sqlite-libs-0:3.26.0-6.el8.s390x", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-0:3.26.0-6.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64" }, "product_reference": "sqlite-libs-0:3.26.0-6.el8.x86_64", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64" }, "product_reference": "sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-debuginfo-0:3.26.0-6.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686" }, "product_reference": "sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le" }, "product_reference": "sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x" }, "product_reference": "sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64" }, "product_reference": "sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64" }, "product_reference": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686" }, "product_reference": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le" }, "product_reference": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x" }, "product_reference": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" }, "product_reference": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-0:3.26.0-6.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64" }, "product_reference": "lemon-0:3.26.0-6.el8.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-0:3.26.0-6.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le" }, "product_reference": "lemon-0:3.26.0-6.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-0:3.26.0-6.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x" }, "product_reference": "lemon-0:3.26.0-6.el8.s390x", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-0:3.26.0-6.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64" }, "product_reference": "lemon-0:3.26.0-6.el8.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-debuginfo-0:3.26.0-6.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64" }, "product_reference": "lemon-debuginfo-0:3.26.0-6.el8.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-debuginfo-0:3.26.0-6.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686" }, "product_reference": "lemon-debuginfo-0:3.26.0-6.el8.i686", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-debuginfo-0:3.26.0-6.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le" }, "product_reference": "lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-debuginfo-0:3.26.0-6.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x" }, "product_reference": "lemon-debuginfo-0:3.26.0-6.el8.s390x", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-debuginfo-0:3.26.0-6.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64" }, "product_reference": "lemon-debuginfo-0:3.26.0-6.el8.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-0:3.26.0-6.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64" }, "product_reference": "sqlite-0:3.26.0-6.el8.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-0:3.26.0-6.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686" }, "product_reference": "sqlite-0:3.26.0-6.el8.i686", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-0:3.26.0-6.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le" }, "product_reference": "sqlite-0:3.26.0-6.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-0:3.26.0-6.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x" }, "product_reference": "sqlite-0:3.26.0-6.el8.s390x", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-0:3.26.0-6.el8.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src" }, "product_reference": "sqlite-0:3.26.0-6.el8.src", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-0:3.26.0-6.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64" }, "product_reference": "sqlite-0:3.26.0-6.el8.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64" }, "product_reference": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686" }, "product_reference": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le" }, "product_reference": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x" }, "product_reference": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64" }, "product_reference": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debuginfo-0:3.26.0-6.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64" }, "product_reference": "sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debuginfo-0:3.26.0-6.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686" }, "product_reference": "sqlite-debuginfo-0:3.26.0-6.el8.i686", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debuginfo-0:3.26.0-6.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le" }, "product_reference": "sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debuginfo-0:3.26.0-6.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x" }, "product_reference": "sqlite-debuginfo-0:3.26.0-6.el8.s390x", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debuginfo-0:3.26.0-6.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64" }, "product_reference": "sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debugsource-0:3.26.0-6.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64" }, "product_reference": "sqlite-debugsource-0:3.26.0-6.el8.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debugsource-0:3.26.0-6.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686" }, "product_reference": "sqlite-debugsource-0:3.26.0-6.el8.i686", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debugsource-0:3.26.0-6.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le" }, "product_reference": "sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debugsource-0:3.26.0-6.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x" }, "product_reference": "sqlite-debugsource-0:3.26.0-6.el8.s390x", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debugsource-0:3.26.0-6.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64" }, "product_reference": "sqlite-debugsource-0:3.26.0-6.el8.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-devel-0:3.26.0-6.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64" }, "product_reference": "sqlite-devel-0:3.26.0-6.el8.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-devel-0:3.26.0-6.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686" }, "product_reference": "sqlite-devel-0:3.26.0-6.el8.i686", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-devel-0:3.26.0-6.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le" }, "product_reference": "sqlite-devel-0:3.26.0-6.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-devel-0:3.26.0-6.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x" }, "product_reference": "sqlite-devel-0:3.26.0-6.el8.s390x", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-devel-0:3.26.0-6.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64" }, "product_reference": "sqlite-devel-0:3.26.0-6.el8.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-doc-0:3.26.0-6.el8.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch" }, "product_reference": "sqlite-doc-0:3.26.0-6.el8.noarch", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-0:3.26.0-6.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64" }, "product_reference": "sqlite-libs-0:3.26.0-6.el8.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-0:3.26.0-6.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686" }, "product_reference": "sqlite-libs-0:3.26.0-6.el8.i686", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-0:3.26.0-6.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le" }, "product_reference": "sqlite-libs-0:3.26.0-6.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-0:3.26.0-6.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x" }, "product_reference": "sqlite-libs-0:3.26.0-6.el8.s390x", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-0:3.26.0-6.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64" }, "product_reference": "sqlite-libs-0:3.26.0-6.el8.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64" }, "product_reference": "sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-debuginfo-0:3.26.0-6.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686" }, "product_reference": "sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le" }, "product_reference": "sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x" }, "product_reference": "sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64" }, "product_reference": "sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64" }, "product_reference": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686" }, "product_reference": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le" }, "product_reference": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x" }, "product_reference": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" }, "product_reference": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.GA" } ] }, "vulnerabilities": [ { "cve": "CVE-2019-8457", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2019-05-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1716881" } ], "notes": [ { "category": "description", "text": "SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.", "title": "Vulnerability description" }, { "category": "summary", "text": "sqlite: heap out-of-bound read in function rtreenode()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-8457" }, { "category": "external", "summary": "RHBZ#1716881", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1716881" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-8457", "url": "https://www.cve.org/CVERecord?id=CVE-2019-8457" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8457", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8457" } ], "release_date": "2019-03-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:49:32+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1810" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "sqlite: heap out-of-bound read in function rtreenode()" }, { "cve": "CVE-2019-13752", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781999" } ], "notes": [ { "category": "description", "text": "Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "sqlite: fts3: improve shadow table corruption detection", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13752" }, { "category": "external", "summary": "RHBZ#1781999", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781999" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13752", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13752" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13752", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13752" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:49:32+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1810" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "sqlite: fts3: improve shadow table corruption detection" }, { "cve": "CVE-2019-13753", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1782000" } ], "notes": [ { "category": "description", "text": "Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "sqlite: fts3: incorrectly removed corruption check", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13753" }, { "category": "external", "summary": "RHBZ#1782000", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782000" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13753", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13753" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13753", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13753" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:49:32+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1810" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "sqlite: fts3: incorrectly removed corruption check" }, { "cve": "CVE-2019-19923", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2020-01-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1788846" } ], "notes": [ { "category": "description", "text": "flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results).", "title": "Vulnerability description" }, { "category": "summary", "text": "sqlite: mishandling of certain uses of SELECT DISTINCT involving a LEFT JOIN in flattenSubquery in select.c leads to a NULL pointer dereference", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-19923" }, { "category": "external", "summary": "RHBZ#1788846", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788846" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-19923", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19923" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19923", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19923" } ], "release_date": "2020-01-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:49:32+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1810" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "sqlite: mishandling of certain uses of SELECT DISTINCT involving a LEFT JOIN in flattenSubquery in select.c leads to a NULL pointer dereference" }, { "cve": "CVE-2019-19924", "cwe": { "id": "CWE-391", "name": "Unchecked Error Condition" }, "discovery_date": "2020-01-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1788842" } ], "notes": [ { "category": "description", "text": "SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect sqlite3WindowRewrite() error handling.", "title": "Vulnerability description" }, { "category": "summary", "text": "sqlite: incorrect sqlite3WindowRewrite() error handling leads to mishandling certain parser-tree rewriting", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-19924" }, { "category": "external", "summary": "RHBZ#1788842", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788842" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-19924", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19924" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19924", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19924" } ], "release_date": "2020-01-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:49:32+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1810" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" }, "products": [ "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "sqlite: incorrect sqlite3WindowRewrite() error handling leads to mishandling certain parser-tree rewriting" }, { "cve": "CVE-2019-19925", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2020-01-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1788866" } ], "notes": [ { "category": "description", "text": "zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive.", "title": "Vulnerability description" }, { "category": "summary", "text": "sqlite: zipfileUpdate in ext/misc/zipfile.c mishandles a NULL pathname during an update of a ZIP archive", "title": "Vulnerability summary" }, { "category": "other", "text": "The zip extension was introduced in sqlite-3.22.0, therefore previous versions are not affected by this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-19925" }, { "category": "external", "summary": "RHBZ#1788866", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788866" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-19925", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19925" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19925", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19925" } ], "release_date": "2020-01-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:49:32+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1810" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "sqlite: zipfileUpdate in ext/misc/zipfile.c mishandles a NULL pathname during an update of a ZIP archive" }, { "cve": "CVE-2019-19959", "cwe": { "id": "CWE-626", "name": "Null Byte Interaction Error (Poison Null Byte)" }, "discovery_date": "2020-01-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1789595" } ], "notes": [ { "category": "description", "text": "ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded \u0027\\0\u0027 characters in filenames, leading to a memory-management error that can be detected by (for example) valgrind.", "title": "Vulnerability description" }, { "category": "summary", "text": "sqlite: mishandles certain uses of INSERT INTO in situations involving embedded \u0027\\0\u0027 characters in filenames", "title": "Vulnerability summary" }, { "category": "other", "text": "The zip extension was introduced in sqlite-3.22.0, therefore previous versions are not affected by this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-19959" }, { "category": "external", "summary": "RHBZ#1789595", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1789595" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-19959", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19959" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19959", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19959" } ], "release_date": "2019-12-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:49:32+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1810" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "sqlite: mishandles certain uses of INSERT INTO in situations involving embedded \u0027\\0\u0027 characters in filenames" } ] }
rhsa-2020:1810
Vulnerability from csaf_redhat
Published
2020-04-28 15:49
Modified
2024-11-22 14:07
Summary
Red Hat Security Advisory: sqlite security and bug fix update
Notes
Topic
An update for sqlite is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server.
Security Fix(es):
* sqlite: heap out-of-bound read in function rtreenode() (CVE-2019-8457)
* sqlite: fts3: improve shadow table corruption detection (CVE-2019-13752)
* sqlite: fts3: incorrectly removed corruption check (CVE-2019-13753)
* sqlite: mishandling of certain uses of SELECT DISTINCT involving a LEFT JOIN in flattenSubquery in select.c leads to a NULL pointer dereference (CVE-2019-19923)
* sqlite: incorrect sqlite3WindowRewrite() error handling leads to mishandling certain parser-tree rewriting (CVE-2019-19924)
* sqlite: zipfileUpdate in ext/misc/zipfile.c mishandles a NULL pathname during an update of a ZIP archive (CVE-2019-19925)
* sqlite: mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames (CVE-2019-19959)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for sqlite is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server.\n\nSecurity Fix(es):\n\n* sqlite: heap out-of-bound read in function rtreenode() (CVE-2019-8457)\n\n* sqlite: fts3: improve shadow table corruption detection (CVE-2019-13752)\n\n* sqlite: fts3: incorrectly removed corruption check (CVE-2019-13753)\n\n* sqlite: mishandling of certain uses of SELECT DISTINCT involving a LEFT JOIN in flattenSubquery in select.c leads to a NULL pointer dereference (CVE-2019-19923)\n\n* sqlite: incorrect sqlite3WindowRewrite() error handling leads to mishandling certain parser-tree rewriting (CVE-2019-19924)\n\n* sqlite: zipfileUpdate in ext/misc/zipfile.c mishandles a NULL pathname during an update of a ZIP archive (CVE-2019-19925)\n\n* sqlite: mishandles certain uses of INSERT INTO in situations involving embedded \u0027\\0\u0027 characters in filenames (CVE-2019-19959)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:1810", "url": "https://access.redhat.com/errata/RHSA-2020:1810" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.2_release_notes/index", "url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.2_release_notes/index" }, { "category": "external", "summary": "1716881", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1716881" }, { "category": "external", "summary": "1781999", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781999" }, { "category": "external", "summary": "1782000", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782000" }, { "category": "external", "summary": "1788842", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788842" }, { "category": "external", "summary": "1788846", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788846" }, { "category": "external", "summary": "1788866", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788866" }, { "category": "external", "summary": "1789595", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1789595" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_1810.json" } ], "title": "Red Hat Security Advisory: sqlite security and bug fix update", "tracking": { "current_release_date": "2024-11-22T14:07:49+00:00", "generator": { "date": "2024-11-22T14:07:49+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2020:1810", "initial_release_date": "2020-04-28T15:49:32+00:00", "revision_history": [ { "date": "2020-04-28T15:49:32+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-04-28T15:49:32+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T14:07:49+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream (v. 8)", "product": { "name": "Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:8::appstream" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux BaseOS (v. 8)", "product": { "name": "Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:8::baseos" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "lemon-0:3.26.0-6.el8.ppc64le", "product": { "name": "lemon-0:3.26.0-6.el8.ppc64le", "product_id": "lemon-0:3.26.0-6.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/lemon@3.26.0-6.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "product": { "name": "sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "product_id": "sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-debugsource@3.26.0-6.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "product": { "name": "lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "product_id": "lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/lemon-debuginfo@3.26.0-6.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "product": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "product_id": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-analyzer-debuginfo@3.26.0-6.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "product": { "name": "sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "product_id": "sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-debuginfo@3.26.0-6.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "product": { "name": "sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "product_id": "sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-libs-debuginfo@3.26.0-6.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "product": { "name": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "product_id": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-tcl-debuginfo@3.26.0-6.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "sqlite-0:3.26.0-6.el8.ppc64le", "product": { "name": "sqlite-0:3.26.0-6.el8.ppc64le", "product_id": "sqlite-0:3.26.0-6.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite@3.26.0-6.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "sqlite-devel-0:3.26.0-6.el8.ppc64le", "product": { "name": "sqlite-devel-0:3.26.0-6.el8.ppc64le", "product_id": "sqlite-devel-0:3.26.0-6.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-devel@3.26.0-6.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "sqlite-libs-0:3.26.0-6.el8.ppc64le", "product": { "name": "sqlite-libs-0:3.26.0-6.el8.ppc64le", "product_id": "sqlite-libs-0:3.26.0-6.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-libs@3.26.0-6.el8?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "lemon-0:3.26.0-6.el8.s390x", "product": { "name": "lemon-0:3.26.0-6.el8.s390x", "product_id": "lemon-0:3.26.0-6.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/lemon@3.26.0-6.el8?arch=s390x" } } }, { "category": "product_version", "name": "sqlite-debugsource-0:3.26.0-6.el8.s390x", "product": { "name": "sqlite-debugsource-0:3.26.0-6.el8.s390x", "product_id": "sqlite-debugsource-0:3.26.0-6.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-debugsource@3.26.0-6.el8?arch=s390x" } } }, { "category": "product_version", "name": "lemon-debuginfo-0:3.26.0-6.el8.s390x", "product": { "name": "lemon-debuginfo-0:3.26.0-6.el8.s390x", "product_id": "lemon-debuginfo-0:3.26.0-6.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/lemon-debuginfo@3.26.0-6.el8?arch=s390x" } } }, { "category": "product_version", "name": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "product": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "product_id": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-analyzer-debuginfo@3.26.0-6.el8?arch=s390x" } } }, { "category": "product_version", "name": "sqlite-debuginfo-0:3.26.0-6.el8.s390x", "product": { "name": "sqlite-debuginfo-0:3.26.0-6.el8.s390x", "product_id": "sqlite-debuginfo-0:3.26.0-6.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-debuginfo@3.26.0-6.el8?arch=s390x" } } }, { "category": "product_version", "name": "sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "product": { "name": "sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "product_id": "sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-libs-debuginfo@3.26.0-6.el8?arch=s390x" } } }, { "category": "product_version", "name": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "product": { "name": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "product_id": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-tcl-debuginfo@3.26.0-6.el8?arch=s390x" } } }, { "category": "product_version", "name": "sqlite-0:3.26.0-6.el8.s390x", "product": { "name": "sqlite-0:3.26.0-6.el8.s390x", "product_id": "sqlite-0:3.26.0-6.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite@3.26.0-6.el8?arch=s390x" } } }, { "category": "product_version", "name": "sqlite-devel-0:3.26.0-6.el8.s390x", "product": { "name": "sqlite-devel-0:3.26.0-6.el8.s390x", "product_id": "sqlite-devel-0:3.26.0-6.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-devel@3.26.0-6.el8?arch=s390x" } } }, { "category": "product_version", "name": "sqlite-libs-0:3.26.0-6.el8.s390x", "product": { "name": "sqlite-libs-0:3.26.0-6.el8.s390x", "product_id": "sqlite-libs-0:3.26.0-6.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-libs@3.26.0-6.el8?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "lemon-0:3.26.0-6.el8.x86_64", "product": { "name": "lemon-0:3.26.0-6.el8.x86_64", "product_id": "lemon-0:3.26.0-6.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/lemon@3.26.0-6.el8?arch=x86_64" } } }, { "category": "product_version", "name": "sqlite-debugsource-0:3.26.0-6.el8.x86_64", "product": { "name": "sqlite-debugsource-0:3.26.0-6.el8.x86_64", "product_id": "sqlite-debugsource-0:3.26.0-6.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-debugsource@3.26.0-6.el8?arch=x86_64" } } }, { "category": "product_version", "name": "lemon-debuginfo-0:3.26.0-6.el8.x86_64", "product": { "name": "lemon-debuginfo-0:3.26.0-6.el8.x86_64", "product_id": "lemon-debuginfo-0:3.26.0-6.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/lemon-debuginfo@3.26.0-6.el8?arch=x86_64" } } }, { "category": "product_version", "name": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "product": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "product_id": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-analyzer-debuginfo@3.26.0-6.el8?arch=x86_64" } } }, { "category": "product_version", "name": "sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "product": { "name": "sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "product_id": "sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-debuginfo@3.26.0-6.el8?arch=x86_64" } } }, { "category": "product_version", "name": "sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "product": { "name": "sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "product_id": "sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-libs-debuginfo@3.26.0-6.el8?arch=x86_64" } } }, { "category": "product_version", "name": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "product": { "name": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "product_id": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-tcl-debuginfo@3.26.0-6.el8?arch=x86_64" } } }, { "category": "product_version", "name": "sqlite-0:3.26.0-6.el8.x86_64", "product": { "name": "sqlite-0:3.26.0-6.el8.x86_64", "product_id": "sqlite-0:3.26.0-6.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite@3.26.0-6.el8?arch=x86_64" } } }, { "category": "product_version", "name": "sqlite-devel-0:3.26.0-6.el8.x86_64", "product": { "name": "sqlite-devel-0:3.26.0-6.el8.x86_64", "product_id": "sqlite-devel-0:3.26.0-6.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-devel@3.26.0-6.el8?arch=x86_64" } } }, { "category": "product_version", "name": "sqlite-libs-0:3.26.0-6.el8.x86_64", "product": { "name": "sqlite-libs-0:3.26.0-6.el8.x86_64", "product_id": "sqlite-libs-0:3.26.0-6.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-libs@3.26.0-6.el8?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "lemon-0:3.26.0-6.el8.aarch64", "product": { "name": "lemon-0:3.26.0-6.el8.aarch64", "product_id": "lemon-0:3.26.0-6.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/lemon@3.26.0-6.el8?arch=aarch64" } } }, { "category": "product_version", "name": "sqlite-debugsource-0:3.26.0-6.el8.aarch64", "product": { "name": "sqlite-debugsource-0:3.26.0-6.el8.aarch64", "product_id": "sqlite-debugsource-0:3.26.0-6.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-debugsource@3.26.0-6.el8?arch=aarch64" } } }, { "category": "product_version", "name": "lemon-debuginfo-0:3.26.0-6.el8.aarch64", "product": { "name": "lemon-debuginfo-0:3.26.0-6.el8.aarch64", "product_id": "lemon-debuginfo-0:3.26.0-6.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/lemon-debuginfo@3.26.0-6.el8?arch=aarch64" } } }, { "category": "product_version", "name": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "product": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "product_id": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-analyzer-debuginfo@3.26.0-6.el8?arch=aarch64" } } }, { "category": "product_version", "name": "sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "product": { "name": "sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "product_id": "sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-debuginfo@3.26.0-6.el8?arch=aarch64" } } }, { "category": "product_version", "name": "sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "product": { "name": "sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "product_id": "sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-libs-debuginfo@3.26.0-6.el8?arch=aarch64" } } }, { "category": "product_version", "name": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "product": { "name": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "product_id": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-tcl-debuginfo@3.26.0-6.el8?arch=aarch64" } } }, { "category": "product_version", "name": "sqlite-0:3.26.0-6.el8.aarch64", "product": { "name": "sqlite-0:3.26.0-6.el8.aarch64", "product_id": "sqlite-0:3.26.0-6.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite@3.26.0-6.el8?arch=aarch64" } } }, { "category": "product_version", "name": "sqlite-devel-0:3.26.0-6.el8.aarch64", "product": { "name": "sqlite-devel-0:3.26.0-6.el8.aarch64", "product_id": "sqlite-devel-0:3.26.0-6.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-devel@3.26.0-6.el8?arch=aarch64" } } }, { "category": "product_version", "name": "sqlite-libs-0:3.26.0-6.el8.aarch64", "product": { "name": "sqlite-libs-0:3.26.0-6.el8.aarch64", "product_id": "sqlite-libs-0:3.26.0-6.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-libs@3.26.0-6.el8?arch=aarch64" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "sqlite-0:3.26.0-6.el8.i686", "product": { "name": "sqlite-0:3.26.0-6.el8.i686", "product_id": "sqlite-0:3.26.0-6.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite@3.26.0-6.el8?arch=i686" } } }, { "category": "product_version", "name": "sqlite-devel-0:3.26.0-6.el8.i686", "product": { "name": "sqlite-devel-0:3.26.0-6.el8.i686", "product_id": "sqlite-devel-0:3.26.0-6.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-devel@3.26.0-6.el8?arch=i686" } } }, { "category": "product_version", "name": "sqlite-libs-0:3.26.0-6.el8.i686", "product": { "name": "sqlite-libs-0:3.26.0-6.el8.i686", "product_id": "sqlite-libs-0:3.26.0-6.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-libs@3.26.0-6.el8?arch=i686" } } }, { "category": "product_version", "name": "sqlite-debugsource-0:3.26.0-6.el8.i686", "product": { "name": "sqlite-debugsource-0:3.26.0-6.el8.i686", "product_id": "sqlite-debugsource-0:3.26.0-6.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-debugsource@3.26.0-6.el8?arch=i686" } } }, { "category": "product_version", "name": "lemon-debuginfo-0:3.26.0-6.el8.i686", "product": { "name": "lemon-debuginfo-0:3.26.0-6.el8.i686", "product_id": "lemon-debuginfo-0:3.26.0-6.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/lemon-debuginfo@3.26.0-6.el8?arch=i686" } } }, { "category": "product_version", "name": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "product": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "product_id": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-analyzer-debuginfo@3.26.0-6.el8?arch=i686" } } }, { "category": "product_version", "name": "sqlite-debuginfo-0:3.26.0-6.el8.i686", "product": { "name": "sqlite-debuginfo-0:3.26.0-6.el8.i686", "product_id": "sqlite-debuginfo-0:3.26.0-6.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-debuginfo@3.26.0-6.el8?arch=i686" } } }, { "category": "product_version", "name": "sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "product": { "name": "sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "product_id": "sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-libs-debuginfo@3.26.0-6.el8?arch=i686" } } }, { "category": "product_version", "name": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "product": { "name": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "product_id": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-tcl-debuginfo@3.26.0-6.el8?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "sqlite-0:3.26.0-6.el8.src", "product": { "name": "sqlite-0:3.26.0-6.el8.src", "product_id": "sqlite-0:3.26.0-6.el8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite@3.26.0-6.el8?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "sqlite-doc-0:3.26.0-6.el8.noarch", "product": { "name": "sqlite-doc-0:3.26.0-6.el8.noarch", "product_id": "sqlite-doc-0:3.26.0-6.el8.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/sqlite-doc@3.26.0-6.el8?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "lemon-0:3.26.0-6.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64" }, "product_reference": "lemon-0:3.26.0-6.el8.aarch64", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-0:3.26.0-6.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le" }, "product_reference": "lemon-0:3.26.0-6.el8.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-0:3.26.0-6.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x" }, "product_reference": "lemon-0:3.26.0-6.el8.s390x", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-0:3.26.0-6.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64" }, "product_reference": "lemon-0:3.26.0-6.el8.x86_64", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-debuginfo-0:3.26.0-6.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64" }, "product_reference": "lemon-debuginfo-0:3.26.0-6.el8.aarch64", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-debuginfo-0:3.26.0-6.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686" }, "product_reference": "lemon-debuginfo-0:3.26.0-6.el8.i686", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-debuginfo-0:3.26.0-6.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le" }, "product_reference": "lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-debuginfo-0:3.26.0-6.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x" }, "product_reference": "lemon-debuginfo-0:3.26.0-6.el8.s390x", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-debuginfo-0:3.26.0-6.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64" }, "product_reference": "lemon-debuginfo-0:3.26.0-6.el8.x86_64", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-0:3.26.0-6.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64" }, "product_reference": "sqlite-0:3.26.0-6.el8.aarch64", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-0:3.26.0-6.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686" }, "product_reference": "sqlite-0:3.26.0-6.el8.i686", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-0:3.26.0-6.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le" }, "product_reference": "sqlite-0:3.26.0-6.el8.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-0:3.26.0-6.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x" }, "product_reference": "sqlite-0:3.26.0-6.el8.s390x", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-0:3.26.0-6.el8.src as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src" }, "product_reference": "sqlite-0:3.26.0-6.el8.src", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-0:3.26.0-6.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64" }, "product_reference": "sqlite-0:3.26.0-6.el8.x86_64", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64" }, "product_reference": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686" }, "product_reference": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le" }, "product_reference": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x" }, "product_reference": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64" }, "product_reference": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debuginfo-0:3.26.0-6.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64" }, "product_reference": "sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debuginfo-0:3.26.0-6.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686" }, "product_reference": "sqlite-debuginfo-0:3.26.0-6.el8.i686", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debuginfo-0:3.26.0-6.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le" }, "product_reference": "sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debuginfo-0:3.26.0-6.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x" }, "product_reference": "sqlite-debuginfo-0:3.26.0-6.el8.s390x", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debuginfo-0:3.26.0-6.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64" }, "product_reference": "sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debugsource-0:3.26.0-6.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64" }, "product_reference": "sqlite-debugsource-0:3.26.0-6.el8.aarch64", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debugsource-0:3.26.0-6.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686" }, "product_reference": "sqlite-debugsource-0:3.26.0-6.el8.i686", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debugsource-0:3.26.0-6.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le" }, "product_reference": "sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debugsource-0:3.26.0-6.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x" }, "product_reference": "sqlite-debugsource-0:3.26.0-6.el8.s390x", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debugsource-0:3.26.0-6.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64" }, "product_reference": "sqlite-debugsource-0:3.26.0-6.el8.x86_64", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-devel-0:3.26.0-6.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64" }, "product_reference": "sqlite-devel-0:3.26.0-6.el8.aarch64", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-devel-0:3.26.0-6.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686" }, "product_reference": "sqlite-devel-0:3.26.0-6.el8.i686", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-devel-0:3.26.0-6.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le" }, "product_reference": "sqlite-devel-0:3.26.0-6.el8.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-devel-0:3.26.0-6.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x" }, "product_reference": "sqlite-devel-0:3.26.0-6.el8.s390x", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-devel-0:3.26.0-6.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64" }, "product_reference": "sqlite-devel-0:3.26.0-6.el8.x86_64", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-doc-0:3.26.0-6.el8.noarch as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch" }, "product_reference": "sqlite-doc-0:3.26.0-6.el8.noarch", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-0:3.26.0-6.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64" }, "product_reference": "sqlite-libs-0:3.26.0-6.el8.aarch64", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-0:3.26.0-6.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686" }, "product_reference": "sqlite-libs-0:3.26.0-6.el8.i686", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-0:3.26.0-6.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le" }, "product_reference": "sqlite-libs-0:3.26.0-6.el8.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-0:3.26.0-6.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x" }, "product_reference": "sqlite-libs-0:3.26.0-6.el8.s390x", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-0:3.26.0-6.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64" }, "product_reference": "sqlite-libs-0:3.26.0-6.el8.x86_64", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64" }, "product_reference": "sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-debuginfo-0:3.26.0-6.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686" }, "product_reference": "sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le" }, "product_reference": "sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x" }, "product_reference": "sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64" }, "product_reference": "sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64" }, "product_reference": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686" }, "product_reference": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le" }, "product_reference": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x" }, "product_reference": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" }, "product_reference": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "relates_to_product_reference": "AppStream-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-0:3.26.0-6.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64" }, "product_reference": "lemon-0:3.26.0-6.el8.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-0:3.26.0-6.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le" }, "product_reference": "lemon-0:3.26.0-6.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-0:3.26.0-6.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x" }, "product_reference": "lemon-0:3.26.0-6.el8.s390x", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-0:3.26.0-6.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64" }, "product_reference": "lemon-0:3.26.0-6.el8.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-debuginfo-0:3.26.0-6.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64" }, "product_reference": "lemon-debuginfo-0:3.26.0-6.el8.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-debuginfo-0:3.26.0-6.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686" }, "product_reference": "lemon-debuginfo-0:3.26.0-6.el8.i686", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-debuginfo-0:3.26.0-6.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le" }, "product_reference": "lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-debuginfo-0:3.26.0-6.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x" }, "product_reference": "lemon-debuginfo-0:3.26.0-6.el8.s390x", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "lemon-debuginfo-0:3.26.0-6.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64" }, "product_reference": "lemon-debuginfo-0:3.26.0-6.el8.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-0:3.26.0-6.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64" }, "product_reference": "sqlite-0:3.26.0-6.el8.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-0:3.26.0-6.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686" }, "product_reference": "sqlite-0:3.26.0-6.el8.i686", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-0:3.26.0-6.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le" }, "product_reference": "sqlite-0:3.26.0-6.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-0:3.26.0-6.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x" }, "product_reference": "sqlite-0:3.26.0-6.el8.s390x", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-0:3.26.0-6.el8.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src" }, "product_reference": "sqlite-0:3.26.0-6.el8.src", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-0:3.26.0-6.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64" }, "product_reference": "sqlite-0:3.26.0-6.el8.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64" }, "product_reference": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686" }, "product_reference": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le" }, "product_reference": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x" }, "product_reference": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64" }, "product_reference": "sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debuginfo-0:3.26.0-6.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64" }, "product_reference": "sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debuginfo-0:3.26.0-6.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686" }, "product_reference": "sqlite-debuginfo-0:3.26.0-6.el8.i686", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debuginfo-0:3.26.0-6.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le" }, "product_reference": "sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debuginfo-0:3.26.0-6.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x" }, "product_reference": "sqlite-debuginfo-0:3.26.0-6.el8.s390x", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debuginfo-0:3.26.0-6.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64" }, "product_reference": "sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debugsource-0:3.26.0-6.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64" }, "product_reference": "sqlite-debugsource-0:3.26.0-6.el8.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debugsource-0:3.26.0-6.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686" }, "product_reference": "sqlite-debugsource-0:3.26.0-6.el8.i686", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debugsource-0:3.26.0-6.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le" }, "product_reference": "sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debugsource-0:3.26.0-6.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x" }, "product_reference": "sqlite-debugsource-0:3.26.0-6.el8.s390x", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-debugsource-0:3.26.0-6.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64" }, "product_reference": "sqlite-debugsource-0:3.26.0-6.el8.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-devel-0:3.26.0-6.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64" }, "product_reference": "sqlite-devel-0:3.26.0-6.el8.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-devel-0:3.26.0-6.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686" }, "product_reference": "sqlite-devel-0:3.26.0-6.el8.i686", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-devel-0:3.26.0-6.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le" }, "product_reference": "sqlite-devel-0:3.26.0-6.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-devel-0:3.26.0-6.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x" }, "product_reference": "sqlite-devel-0:3.26.0-6.el8.s390x", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-devel-0:3.26.0-6.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64" }, "product_reference": "sqlite-devel-0:3.26.0-6.el8.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-doc-0:3.26.0-6.el8.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch" }, "product_reference": "sqlite-doc-0:3.26.0-6.el8.noarch", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-0:3.26.0-6.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64" }, "product_reference": "sqlite-libs-0:3.26.0-6.el8.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-0:3.26.0-6.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686" }, "product_reference": "sqlite-libs-0:3.26.0-6.el8.i686", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-0:3.26.0-6.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le" }, "product_reference": "sqlite-libs-0:3.26.0-6.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-0:3.26.0-6.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x" }, "product_reference": "sqlite-libs-0:3.26.0-6.el8.s390x", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-0:3.26.0-6.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64" }, "product_reference": "sqlite-libs-0:3.26.0-6.el8.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64" }, "product_reference": "sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-debuginfo-0:3.26.0-6.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686" }, "product_reference": "sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le" }, "product_reference": "sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x" }, "product_reference": "sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64" }, "product_reference": "sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64" }, "product_reference": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686" }, "product_reference": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le" }, "product_reference": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x" }, "product_reference": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "relates_to_product_reference": "BaseOS-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" }, "product_reference": "sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.GA" } ] }, "vulnerabilities": [ { "cve": "CVE-2019-8457", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2019-05-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1716881" } ], "notes": [ { "category": "description", "text": "SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.", "title": "Vulnerability description" }, { "category": "summary", "text": "sqlite: heap out-of-bound read in function rtreenode()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-8457" }, { "category": "external", "summary": "RHBZ#1716881", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1716881" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-8457", "url": "https://www.cve.org/CVERecord?id=CVE-2019-8457" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8457", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8457" } ], "release_date": "2019-03-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:49:32+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1810" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "sqlite: heap out-of-bound read in function rtreenode()" }, { "cve": "CVE-2019-13752", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781999" } ], "notes": [ { "category": "description", "text": "Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "sqlite: fts3: improve shadow table corruption detection", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13752" }, { "category": "external", "summary": "RHBZ#1781999", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781999" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13752", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13752" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13752", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13752" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:49:32+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1810" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "sqlite: fts3: improve shadow table corruption detection" }, { "cve": "CVE-2019-13753", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1782000" } ], "notes": [ { "category": "description", "text": "Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "sqlite: fts3: incorrectly removed corruption check", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13753" }, { "category": "external", "summary": "RHBZ#1782000", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782000" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13753", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13753" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13753", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13753" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:49:32+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1810" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "sqlite: fts3: incorrectly removed corruption check" }, { "cve": "CVE-2019-19923", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2020-01-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1788846" } ], "notes": [ { "category": "description", "text": "flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results).", "title": "Vulnerability description" }, { "category": "summary", "text": "sqlite: mishandling of certain uses of SELECT DISTINCT involving a LEFT JOIN in flattenSubquery in select.c leads to a NULL pointer dereference", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-19923" }, { "category": "external", "summary": "RHBZ#1788846", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788846" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-19923", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19923" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19923", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19923" } ], "release_date": "2020-01-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:49:32+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1810" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "sqlite: mishandling of certain uses of SELECT DISTINCT involving a LEFT JOIN in flattenSubquery in select.c leads to a NULL pointer dereference" }, { "cve": "CVE-2019-19924", "cwe": { "id": "CWE-391", "name": "Unchecked Error Condition" }, "discovery_date": "2020-01-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1788842" } ], "notes": [ { "category": "description", "text": "SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect sqlite3WindowRewrite() error handling.", "title": "Vulnerability description" }, { "category": "summary", "text": "sqlite: incorrect sqlite3WindowRewrite() error handling leads to mishandling certain parser-tree rewriting", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-19924" }, { "category": "external", "summary": "RHBZ#1788842", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788842" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-19924", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19924" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19924", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19924" } ], "release_date": "2020-01-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:49:32+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1810" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" }, "products": [ "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "sqlite: incorrect sqlite3WindowRewrite() error handling leads to mishandling certain parser-tree rewriting" }, { "cve": "CVE-2019-19925", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2020-01-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1788866" } ], "notes": [ { "category": "description", "text": "zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive.", "title": "Vulnerability description" }, { "category": "summary", "text": "sqlite: zipfileUpdate in ext/misc/zipfile.c mishandles a NULL pathname during an update of a ZIP archive", "title": "Vulnerability summary" }, { "category": "other", "text": "The zip extension was introduced in sqlite-3.22.0, therefore previous versions are not affected by this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-19925" }, { "category": "external", "summary": "RHBZ#1788866", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788866" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-19925", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19925" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19925", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19925" } ], "release_date": "2020-01-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:49:32+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1810" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "sqlite: zipfileUpdate in ext/misc/zipfile.c mishandles a NULL pathname during an update of a ZIP archive" }, { "cve": "CVE-2019-19959", "cwe": { "id": "CWE-626", "name": "Null Byte Interaction Error (Poison Null Byte)" }, "discovery_date": "2020-01-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1789595" } ], "notes": [ { "category": "description", "text": "ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded \u0027\\0\u0027 characters in filenames, leading to a memory-management error that can be detected by (for example) valgrind.", "title": "Vulnerability description" }, { "category": "summary", "text": "sqlite: mishandles certain uses of INSERT INTO in situations involving embedded \u0027\\0\u0027 characters in filenames", "title": "Vulnerability summary" }, { "category": "other", "text": "The zip extension was introduced in sqlite-3.22.0, therefore previous versions are not affected by this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-19959" }, { "category": "external", "summary": "RHBZ#1789595", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1789595" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-19959", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19959" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19959", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19959" } ], "release_date": "2019-12-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:49:32+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1810" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "AppStream-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "AppStream-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:lemon-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.src", "BaseOS-8.2.0.GA:sqlite-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-analyzer-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-debugsource-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-devel-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-doc-0:3.26.0-6.el8.noarch", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-libs-debuginfo-0:3.26.0-6.el8.x86_64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.aarch64", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.i686", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.ppc64le", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.s390x", "BaseOS-8.2.0.GA:sqlite-tcl-debuginfo-0:3.26.0-6.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "sqlite: mishandles certain uses of INSERT INTO in situations involving embedded \u0027\\0\u0027 characters in filenames" } ] }
RHSA-2019:4238
Vulnerability from csaf_redhat
Published
2019-12-16 09:09
Modified
2024-11-15 04:13
Summary
Red Hat Security Advisory: chromium-browser security update
Notes
Topic
An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Chromium is an open-source web browser, powered by WebKit (Blink).
This update upgrades Chromium to version 79.0.3945.79.
Security Fix(es):
* chromium-browser: Use after free in Bluetooth (CVE-2019-13725)
* chromium-browser: Heap buffer overflow in password manager (CVE-2019-13726)
* chromium-browser: Insufficient policy enforcement in WebSockets (CVE-2019-13727)
* chromium-browser: Out of bounds write in V8 (CVE-2019-13728)
* chromium-browser: Use after free in WebSockets (CVE-2019-13729)
* chromium-browser: Type Confusion in V8 (CVE-2019-13730)
* chromium-browser: Use after free in WebAudio (CVE-2019-13732)
* chromium-browser: Out of bounds write in SQLite (CVE-2019-13734)
* chromium-browser: Out of bounds write in V8 (CVE-2019-13735)
* chromium-browser: Type Confusion in V8 (CVE-2019-13764)
* chromium-browser: Integer overflow in PDFium (CVE-2019-13736)
* chromium-browser: Insufficient policy enforcement in autocomplete (CVE-2019-13737)
* chromium-browser: Insufficient policy enforcement in navigation (CVE-2019-13738)
* chromium-browser: Incorrect security UI in Omnibox (CVE-2019-13739)
* chromium-browser: Incorrect security UI in sharing (CVE-2019-13740)
* chromium-browser: Insufficient validation of untrusted input in Blink (CVE-2019-13741)
* chromium-browser: Incorrect security UI in Omnibox (CVE-2019-13742)
* chromium-browser: Incorrect security UI in external protocol handling (CVE-2019-13743)
* chromium-browser: Insufficient policy enforcement in cookies (CVE-2019-13744)
* chromium-browser: Insufficient policy enforcement in audio (CVE-2019-13745)
* chromium-browser: Insufficient policy enforcement in Omnibox (CVE-2019-13746)
* chromium-browser: Uninitialized Use in rendering (CVE-2019-13747)
* chromium-browser: Insufficient policy enforcement in developer tools (CVE-2019-13748)
* chromium-browser: Incorrect security UI in Omnibox (CVE-2019-13749)
* chromium-browser: Insufficient data validation in SQLite (CVE-2019-13750)
* chromium-browser: Uninitialized Use in SQLite (CVE-2019-13751)
* chromium-browser: Out of bounds read in SQLite (CVE-2019-13752)
* chromium-browser: Out of bounds read in SQLite (CVE-2019-13753)
* chromium-browser: Insufficient policy enforcement in extensions (CVE-2019-13754)
* chromium-browser: Insufficient policy enforcement in extensions (CVE-2019-13755)
* chromium-browser: Incorrect security UI in printing (CVE-2019-13756)
* chromium-browser: Incorrect security UI in Omnibox (CVE-2019-13757)
* chromium-browser: Insufficient policy enforcement in navigation (CVE-2019-13758)
* chromium-browser: Incorrect security UI in interstitials (CVE-2019-13759)
* chromium-browser: Incorrect security UI in Omnibox (CVE-2019-13761)
* chromium-browser: Insufficient policy enforcement in downloads (CVE-2019-13762)
* chromium-browser: Insufficient policy enforcement in payments (CVE-2019-13763)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Chromium is an open-source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 79.0.3945.79.\n\nSecurity Fix(es):\n\n* chromium-browser: Use after free in Bluetooth (CVE-2019-13725)\n\n* chromium-browser: Heap buffer overflow in password manager (CVE-2019-13726)\n\n* chromium-browser: Insufficient policy enforcement in WebSockets (CVE-2019-13727)\n\n* chromium-browser: Out of bounds write in V8 (CVE-2019-13728)\n\n* chromium-browser: Use after free in WebSockets (CVE-2019-13729)\n\n* chromium-browser: Type Confusion in V8 (CVE-2019-13730)\n\n* chromium-browser: Use after free in WebAudio (CVE-2019-13732)\n\n* chromium-browser: Out of bounds write in SQLite (CVE-2019-13734)\n\n* chromium-browser: Out of bounds write in V8 (CVE-2019-13735)\n\n* chromium-browser: Type Confusion in V8 (CVE-2019-13764)\n\n* chromium-browser: Integer overflow in PDFium (CVE-2019-13736)\n\n* chromium-browser: Insufficient policy enforcement in autocomplete (CVE-2019-13737)\n\n* chromium-browser: Insufficient policy enforcement in navigation (CVE-2019-13738)\n\n* chromium-browser: Incorrect security UI in Omnibox (CVE-2019-13739)\n\n* chromium-browser: Incorrect security UI in sharing (CVE-2019-13740)\n\n* chromium-browser: Insufficient validation of untrusted input in Blink (CVE-2019-13741)\n\n* chromium-browser: Incorrect security UI in Omnibox (CVE-2019-13742)\n\n* chromium-browser: Incorrect security UI in external protocol handling (CVE-2019-13743)\n\n* chromium-browser: Insufficient policy enforcement in cookies (CVE-2019-13744)\n\n* chromium-browser: Insufficient policy enforcement in audio (CVE-2019-13745)\n\n* chromium-browser: Insufficient policy enforcement in Omnibox (CVE-2019-13746)\n\n* chromium-browser: Uninitialized Use in rendering (CVE-2019-13747)\n\n* chromium-browser: Insufficient policy enforcement in developer tools (CVE-2019-13748)\n\n* chromium-browser: Incorrect security UI in Omnibox (CVE-2019-13749)\n\n* chromium-browser: Insufficient data validation in SQLite (CVE-2019-13750)\n\n* chromium-browser: Uninitialized Use in SQLite (CVE-2019-13751)\n\n* chromium-browser: Out of bounds read in SQLite (CVE-2019-13752)\n\n* chromium-browser: Out of bounds read in SQLite (CVE-2019-13753)\n\n* chromium-browser: Insufficient policy enforcement in extensions (CVE-2019-13754)\n\n* chromium-browser: Insufficient policy enforcement in extensions (CVE-2019-13755)\n\n* chromium-browser: Incorrect security UI in printing (CVE-2019-13756)\n\n* chromium-browser: Incorrect security UI in Omnibox (CVE-2019-13757)\n\n* chromium-browser: Insufficient policy enforcement in navigation (CVE-2019-13758)\n\n* chromium-browser: Incorrect security UI in interstitials (CVE-2019-13759)\n\n* chromium-browser: Incorrect security UI in Omnibox (CVE-2019-13761)\n\n* chromium-browser: Insufficient policy enforcement in downloads (CVE-2019-13762)\n\n* chromium-browser: Insufficient policy enforcement in payments (CVE-2019-13763)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2019:4238", "url": "https://access.redhat.com/errata/RHSA-2019:4238" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "1781973", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781973" }, { "category": "external", "summary": "1781974", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781974" }, { "category": "external", "summary": "1781975", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781975" }, { "category": "external", "summary": "1781976", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781976" }, { "category": "external", "summary": "1781977", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781977" }, { "category": "external", "summary": "1781978", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781978" }, { "category": "external", "summary": "1781979", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781979" }, { "category": "external", "summary": "1781980", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781980" }, { "category": "external", "summary": "1781981", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781981" }, { "category": "external", "summary": "1781982", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781982" }, { "category": "external", "summary": "1781983", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781983" }, { "category": "external", "summary": "1781984", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781984" }, { "category": "external", "summary": "1781985", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781985" }, { "category": "external", "summary": "1781986", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781986" }, { "category": "external", "summary": "1781987", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781987" }, { "category": "external", "summary": "1781988", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781988" }, { "category": "external", "summary": "1781989", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781989" }, { "category": "external", "summary": "1781990", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781990" }, { "category": "external", "summary": "1781991", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781991" }, { "category": "external", "summary": "1781992", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781992" }, { "category": "external", "summary": "1781993", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781993" }, { "category": "external", "summary": "1781994", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781994" }, { "category": "external", "summary": "1781995", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781995" }, { "category": "external", "summary": "1781997", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781997" }, { "category": "external", "summary": "1781998", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781998" }, { "category": "external", "summary": "1781999", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781999" }, { "category": "external", "summary": "1782000", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782000" }, { "category": "external", "summary": "1782001", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782001" }, { "category": "external", "summary": "1782002", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782002" }, { "category": "external", "summary": "1782003", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782003" }, { "category": "external", "summary": "1782004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782004" }, { "category": "external", "summary": "1782005", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782005" }, { "category": "external", "summary": "1782006", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782006" }, { "category": "external", "summary": "1782007", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782007" }, { "category": "external", "summary": "1782008", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782008" }, { "category": "external", "summary": "1782017", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782017" }, { "category": "external", "summary": "1782021", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782021" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_4238.json" } ], "title": "Red Hat Security Advisory: chromium-browser security update", "tracking": { "current_release_date": "2024-11-15T04:13:35+00:00", "generator": { "date": "2024-11-15T04:13:35+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2019:4238", "initial_release_date": "2019-12-16T09:09:31+00:00", "revision_history": [ { "date": "2019-12-16T09:09:31+00:00", "number": "1", "summary": "Initial version" }, { "date": "2019-12-16T09:09:31+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T04:13:35+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.10.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.10.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.10.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.10.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux Supplementary" }, { "branches": [ { "category": "product_version", "name": "chromium-browser-0:79.0.3945.79-1.el6_10.i686", "product": { "name": "chromium-browser-0:79.0.3945.79-1.el6_10.i686", "product_id": "chromium-browser-0:79.0.3945.79-1.el6_10.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/chromium-browser@79.0.3945.79-1.el6_10?arch=i686" } } }, { "category": "product_version", "name": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "product": { "name": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "product_id": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/chromium-browser-debuginfo@79.0.3945.79-1.el6_10?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "product": { "name": "chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "product_id": "chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/chromium-browser@79.0.3945.79-1.el6_10?arch=x86_64" } } }, { "category": "product_version", "name": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "product": { "name": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "product_id": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/chromium-browser-debuginfo@79.0.3945.79-1.el6_10?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-0:79.0.3945.79-1.el6_10.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686" }, "product_reference": "chromium-browser-0:79.0.3945.79-1.el6_10.i686", "relates_to_product_reference": "6Client-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-0:79.0.3945.79-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64" }, "product_reference": "chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686" }, "product_reference": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "relates_to_product_reference": "6Client-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" }, "product_reference": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-0:79.0.3945.79-1.el6_10.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686" }, "product_reference": "chromium-browser-0:79.0.3945.79-1.el6_10.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-0:79.0.3945.79-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64" }, "product_reference": "chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686" }, "product_reference": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" }, "product_reference": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-0:79.0.3945.79-1.el6_10.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686" }, "product_reference": "chromium-browser-0:79.0.3945.79-1.el6_10.i686", "relates_to_product_reference": "6Server-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-0:79.0.3945.79-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64" }, "product_reference": "chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686" }, "product_reference": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "relates_to_product_reference": "6Server-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" }, "product_reference": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-0:79.0.3945.79-1.el6_10.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686" }, "product_reference": "chromium-browser-0:79.0.3945.79-1.el6_10.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-0:79.0.3945.79-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64" }, "product_reference": "chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686" }, "product_reference": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" }, "product_reference": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.10.z" } ] }, "vulnerabilities": [ { "cve": "CVE-2019-13725", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781973" } ], "notes": [ { "category": "description", "text": "Use-after-free in Bluetooth in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Use after free in Bluetooth", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13725" }, { "category": "external", "summary": "RHBZ#1781973", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781973" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13725", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13725" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13725", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13725" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.6, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "chromium-browser: Use after free in Bluetooth" }, { "cve": "CVE-2019-13726", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781974" } ], "notes": [ { "category": "description", "text": "Buffer overflow in password manager in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Heap buffer overflow in password manager", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13726" }, { "category": "external", "summary": "RHBZ#1781974", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781974" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13726", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13726" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13726", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13726" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.6, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "chromium-browser: Heap buffer overflow in password manager" }, { "cve": "CVE-2019-13727", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781975" } ], "notes": [ { "category": "description", "text": "Insufficient policy enforcement in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass same origin policy via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Insufficient policy enforcement in WebSockets", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13727" }, { "category": "external", "summary": "RHBZ#1781975", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781975" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13727", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13727" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13727", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13727" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "chromium-browser: Insufficient policy enforcement in WebSockets" }, { "cve": "CVE-2019-13728", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781976" } ], "notes": [ { "category": "description", "text": "Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Out of bounds write in V8", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13728" }, { "category": "external", "summary": "RHBZ#1781976", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781976" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13728", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13728" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13728", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13728" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "chromium-browser: Out of bounds write in V8" }, { "cve": "CVE-2019-13729", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781977" } ], "notes": [ { "category": "description", "text": "Use-after-free in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Use after free in WebSockets", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13729" }, { "category": "external", "summary": "RHBZ#1781977", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781977" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13729", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13729" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13729", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13729" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "chromium-browser: Use after free in WebSockets" }, { "cve": "CVE-2019-13730", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781978" } ], "notes": [ { "category": "description", "text": "Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Type Confusion in V8", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13730" }, { "category": "external", "summary": "RHBZ#1781978", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781978" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13730", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13730" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13730", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13730" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "chromium-browser: Type Confusion in V8" }, { "cve": "CVE-2019-13732", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781979" } ], "notes": [ { "category": "description", "text": "Use-after-free in WebAudio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Use after free in WebAudio", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13732" }, { "category": "external", "summary": "RHBZ#1781979", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781979" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13732", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13732" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13732", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13732" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "chromium-browser: Use after free in WebAudio" }, { "cve": "CVE-2019-13734", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781980" } ], "notes": [ { "category": "description", "text": "Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "sqlite: fts3: improve shadow table corruption detection", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13734" }, { "category": "external", "summary": "RHBZ#1781980", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781980" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13734", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13734" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13734", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13734" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "sqlite: fts3: improve shadow table corruption detection" }, { "cve": "CVE-2019-13735", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781981" } ], "notes": [ { "category": "description", "text": "Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Out of bounds write in V8", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13735" }, { "category": "external", "summary": "RHBZ#1781981", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781981" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13735", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13735" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13735", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13735" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "chromium-browser: Out of bounds write in V8" }, { "cve": "CVE-2019-13736", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781983" } ], "notes": [ { "category": "description", "text": "Integer overflow in PDFium in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Integer overflow in PDFium", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13736" }, { "category": "external", "summary": "RHBZ#1781983", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781983" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13736", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13736" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13736", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13736" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "chromium-browser: Integer overflow in PDFium" }, { "cve": "CVE-2019-13737", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781984" } ], "notes": [ { "category": "description", "text": "Insufficient policy enforcement in autocomplete in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Insufficient policy enforcement in autocomplete", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13737" }, { "category": "external", "summary": "RHBZ#1781984", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781984" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13737", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13737" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13737", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13737" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "chromium-browser: Insufficient policy enforcement in autocomplete" }, { "cve": "CVE-2019-13738", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781985" } ], "notes": [ { "category": "description", "text": "Insufficient policy enforcement in navigation in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass site isolation via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Insufficient policy enforcement in navigation", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13738" }, { "category": "external", "summary": "RHBZ#1781985", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781985" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13738", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13738" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13738", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13738" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "chromium-browser: Insufficient policy enforcement in navigation" }, { "cve": "CVE-2019-13739", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781986" } ], "notes": [ { "category": "description", "text": "Insufficient policy enforcement in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Incorrect security UI in Omnibox", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13739" }, { "category": "external", "summary": "RHBZ#1781986", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781986" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13739", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13739" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13739", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13739" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "chromium-browser: Incorrect security UI in Omnibox" }, { "cve": "CVE-2019-13740", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781987" } ], "notes": [ { "category": "description", "text": "Incorrect security UI in sharing in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Incorrect security UI in sharing", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13740" }, { "category": "external", "summary": "RHBZ#1781987", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781987" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13740", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13740" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13740", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13740" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "chromium-browser: Incorrect security UI in sharing" }, { "cve": "CVE-2019-13741", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781988" } ], "notes": [ { "category": "description", "text": "Insufficient validation of untrusted input in Blink in Google Chrome prior to 79.0.3945.79 allowed a local attacker to bypass same origin policy via crafted clipboard content.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Insufficient validation of untrusted input in Blink", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13741" }, { "category": "external", "summary": "RHBZ#1781988", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781988" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13741", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13741" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13741", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13741" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "chromium-browser: Insufficient validation of untrusted input in Blink" }, { "cve": "CVE-2019-13742", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781989" } ], "notes": [ { "category": "description", "text": "Incorrect security UI in Omnibox in Google Chrome on iOS prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Incorrect security UI in Omnibox", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13742" }, { "category": "external", "summary": "RHBZ#1781989", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781989" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13742", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13742" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13742", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13742" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "chromium-browser: Incorrect security UI in Omnibox" }, { "cve": "CVE-2019-13743", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781990" } ], "notes": [ { "category": "description", "text": "Incorrect security UI in external protocol handling in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to spoof security UI via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Incorrect security UI in external protocol handling", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13743" }, { "category": "external", "summary": "RHBZ#1781990", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781990" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13743", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13743" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13743", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13743" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "chromium-browser: Incorrect security UI in external protocol handling" }, { "cve": "CVE-2019-13744", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1782021" } ], "notes": [ { "category": "description", "text": "Insufficient policy enforcement in cookies in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Insufficient policy enforcement in cookies", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13744" }, { "category": "external", "summary": "RHBZ#1782021", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782021" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13744", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13744" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13744", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13744" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "chromium-browser: Insufficient policy enforcement in cookies" }, { "cve": "CVE-2019-13745", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781991" } ], "notes": [ { "category": "description", "text": "Insufficient policy enforcement in audio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Insufficient policy enforcement in audio", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13745" }, { "category": "external", "summary": "RHBZ#1781991", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781991" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13745", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13745" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13745", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13745" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "chromium-browser: Insufficient policy enforcement in audio" }, { "cve": "CVE-2019-13746", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781992" } ], "notes": [ { "category": "description", "text": "Insufficient policy enforcement in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Insufficient policy enforcement in Omnibox", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13746" }, { "category": "external", "summary": "RHBZ#1781992", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781992" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13746", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13746" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13746", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13746" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "chromium-browser: Insufficient policy enforcement in Omnibox" }, { "cve": "CVE-2019-13747", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781993" } ], "notes": [ { "category": "description", "text": "Uninitialized data in rendering in Google Chrome on Android prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Uninitialized Use in rendering", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13747" }, { "category": "external", "summary": "RHBZ#1781993", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781993" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13747", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13747" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13747", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13747" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "chromium-browser: Uninitialized Use in rendering" }, { "cve": "CVE-2019-13748", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781994" } ], "notes": [ { "category": "description", "text": "Insufficient policy enforcement in developer tools in Google Chrome prior to 79.0.3945.79 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Insufficient policy enforcement in developer tools", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13748" }, { "category": "external", "summary": "RHBZ#1781994", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781994" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13748", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13748" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13748", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13748" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "chromium-browser: Insufficient policy enforcement in developer tools" }, { "cve": "CVE-2019-13749", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781995" } ], "notes": [ { "category": "description", "text": "Incorrect security UI in Omnibox in Google Chrome on iOS prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Incorrect security UI in Omnibox", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13749" }, { "category": "external", "summary": "RHBZ#1781995", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781995" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13749", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13749" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13749", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13749" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "chromium-browser: Incorrect security UI in Omnibox" }, { "cve": "CVE-2019-13750", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781997" } ], "notes": [ { "category": "description", "text": "Insufficient data validation in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass defense-in-depth measures via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "sqlite: dropping of shadow tables not restricted in defensive mode", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13750" }, { "category": "external", "summary": "RHBZ#1781997", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781997" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13750", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13750" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13750", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13750" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "sqlite: dropping of shadow tables not restricted in defensive mode" }, { "cve": "CVE-2019-13751", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781998" } ], "notes": [ { "category": "description", "text": "Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "sqlite: fts3: improve detection of corrupted records", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13751" }, { "category": "external", "summary": "RHBZ#1781998", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781998" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13751", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13751" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13751", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13751" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "sqlite: fts3: improve detection of corrupted records" }, { "cve": "CVE-2019-13752", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781999" } ], "notes": [ { "category": "description", "text": "Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "sqlite: fts3: improve shadow table corruption detection", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13752" }, { "category": "external", "summary": "RHBZ#1781999", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781999" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13752", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13752" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13752", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13752" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "sqlite: fts3: improve shadow table corruption detection" }, { "cve": "CVE-2019-13753", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1782000" } ], "notes": [ { "category": "description", "text": "Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "sqlite: fts3: incorrectly removed corruption check", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13753" }, { "category": "external", "summary": "RHBZ#1782000", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782000" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13753", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13753" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13753", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13753" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "sqlite: fts3: incorrectly removed corruption check" }, { "cve": "CVE-2019-13754", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1782001" } ], "notes": [ { "category": "description", "text": "Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Insufficient policy enforcement in extensions", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13754" }, { "category": "external", "summary": "RHBZ#1782001", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782001" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13754", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13754" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13754", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13754" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "chromium-browser: Insufficient policy enforcement in extensions" }, { "cve": "CVE-2019-13755", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1782002" } ], "notes": [ { "category": "description", "text": "Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to disable extensions via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Insufficient policy enforcement in extensions", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13755" }, { "category": "external", "summary": "RHBZ#1782002", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782002" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13755", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13755" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13755", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13755" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "chromium-browser: Insufficient policy enforcement in extensions" }, { "cve": "CVE-2019-13756", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1782003" } ], "notes": [ { "category": "description", "text": "Incorrect security UI in printing in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Incorrect security UI in printing", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13756" }, { "category": "external", "summary": "RHBZ#1782003", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782003" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13756", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13756" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13756", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13756" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "chromium-browser: Incorrect security UI in printing" }, { "cve": "CVE-2019-13757", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1782004" } ], "notes": [ { "category": "description", "text": "Incorrect security UI in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Incorrect security UI in Omnibox", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13757" }, { "category": "external", "summary": "RHBZ#1782004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782004" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13757", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13757" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13757", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13757" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "chromium-browser: Incorrect security UI in Omnibox" }, { "cve": "CVE-2019-13758", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1782017" } ], "notes": [ { "category": "description", "text": "Insufficient policy enforcement in navigation in Google Chrome on Android prior to 79.0.3945.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Insufficient policy enforcement in navigation", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13758" }, { "category": "external", "summary": "RHBZ#1782017", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782017" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13758", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13758" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13758", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13758" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "chromium-browser: Insufficient policy enforcement in navigation" }, { "cve": "CVE-2019-13759", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1782005" } ], "notes": [ { "category": "description", "text": "Incorrect security UI in interstitials in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Incorrect security UI in interstitials", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13759" }, { "category": "external", "summary": "RHBZ#1782005", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782005" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13759", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13759" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13759", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13759" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "chromium-browser: Incorrect security UI in interstitials" }, { "cve": "CVE-2019-13761", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1782006" } ], "notes": [ { "category": "description", "text": "Incorrect security UI in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Incorrect security UI in Omnibox", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13761" }, { "category": "external", "summary": "RHBZ#1782006", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782006" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13761", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13761" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13761", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13761" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "chromium-browser: Incorrect security UI in Omnibox" }, { "cve": "CVE-2019-13762", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1782007" } ], "notes": [ { "category": "description", "text": "Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 79.0.3945.79 allowed a local attacker to spoof downloaded files via local code.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Insufficient policy enforcement in downloads", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13762" }, { "category": "external", "summary": "RHBZ#1782007", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782007" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13762", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13762" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13762", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13762" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "chromium-browser: Insufficient policy enforcement in downloads" }, { "cve": "CVE-2019-13763", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1782008" } ], "notes": [ { "category": "description", "text": "Insufficient policy enforcement in payments in Google Chrome prior to 79.0.3945.79 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Insufficient policy enforcement in payments", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13763" }, { "category": "external", "summary": "RHBZ#1782008", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782008" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13763", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13763" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13763", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13763" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "chromium-browser: Insufficient policy enforcement in payments" }, { "cve": "CVE-2019-13764", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781982" } ], "notes": [ { "category": "description", "text": "Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Type Confusion in V8", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13764" }, { "category": "external", "summary": "RHBZ#1781982", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781982" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13764", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13764" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13764", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13764" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "chromium-browser: Type Confusion in V8" } ] }
rhsa-2019_4238
Vulnerability from csaf_redhat
Published
2019-12-16 09:09
Modified
2024-11-15 04:13
Summary
Red Hat Security Advisory: chromium-browser security update
Notes
Topic
An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Chromium is an open-source web browser, powered by WebKit (Blink).
This update upgrades Chromium to version 79.0.3945.79.
Security Fix(es):
* chromium-browser: Use after free in Bluetooth (CVE-2019-13725)
* chromium-browser: Heap buffer overflow in password manager (CVE-2019-13726)
* chromium-browser: Insufficient policy enforcement in WebSockets (CVE-2019-13727)
* chromium-browser: Out of bounds write in V8 (CVE-2019-13728)
* chromium-browser: Use after free in WebSockets (CVE-2019-13729)
* chromium-browser: Type Confusion in V8 (CVE-2019-13730)
* chromium-browser: Use after free in WebAudio (CVE-2019-13732)
* chromium-browser: Out of bounds write in SQLite (CVE-2019-13734)
* chromium-browser: Out of bounds write in V8 (CVE-2019-13735)
* chromium-browser: Type Confusion in V8 (CVE-2019-13764)
* chromium-browser: Integer overflow in PDFium (CVE-2019-13736)
* chromium-browser: Insufficient policy enforcement in autocomplete (CVE-2019-13737)
* chromium-browser: Insufficient policy enforcement in navigation (CVE-2019-13738)
* chromium-browser: Incorrect security UI in Omnibox (CVE-2019-13739)
* chromium-browser: Incorrect security UI in sharing (CVE-2019-13740)
* chromium-browser: Insufficient validation of untrusted input in Blink (CVE-2019-13741)
* chromium-browser: Incorrect security UI in Omnibox (CVE-2019-13742)
* chromium-browser: Incorrect security UI in external protocol handling (CVE-2019-13743)
* chromium-browser: Insufficient policy enforcement in cookies (CVE-2019-13744)
* chromium-browser: Insufficient policy enforcement in audio (CVE-2019-13745)
* chromium-browser: Insufficient policy enforcement in Omnibox (CVE-2019-13746)
* chromium-browser: Uninitialized Use in rendering (CVE-2019-13747)
* chromium-browser: Insufficient policy enforcement in developer tools (CVE-2019-13748)
* chromium-browser: Incorrect security UI in Omnibox (CVE-2019-13749)
* chromium-browser: Insufficient data validation in SQLite (CVE-2019-13750)
* chromium-browser: Uninitialized Use in SQLite (CVE-2019-13751)
* chromium-browser: Out of bounds read in SQLite (CVE-2019-13752)
* chromium-browser: Out of bounds read in SQLite (CVE-2019-13753)
* chromium-browser: Insufficient policy enforcement in extensions (CVE-2019-13754)
* chromium-browser: Insufficient policy enforcement in extensions (CVE-2019-13755)
* chromium-browser: Incorrect security UI in printing (CVE-2019-13756)
* chromium-browser: Incorrect security UI in Omnibox (CVE-2019-13757)
* chromium-browser: Insufficient policy enforcement in navigation (CVE-2019-13758)
* chromium-browser: Incorrect security UI in interstitials (CVE-2019-13759)
* chromium-browser: Incorrect security UI in Omnibox (CVE-2019-13761)
* chromium-browser: Insufficient policy enforcement in downloads (CVE-2019-13762)
* chromium-browser: Insufficient policy enforcement in payments (CVE-2019-13763)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Chromium is an open-source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 79.0.3945.79.\n\nSecurity Fix(es):\n\n* chromium-browser: Use after free in Bluetooth (CVE-2019-13725)\n\n* chromium-browser: Heap buffer overflow in password manager (CVE-2019-13726)\n\n* chromium-browser: Insufficient policy enforcement in WebSockets (CVE-2019-13727)\n\n* chromium-browser: Out of bounds write in V8 (CVE-2019-13728)\n\n* chromium-browser: Use after free in WebSockets (CVE-2019-13729)\n\n* chromium-browser: Type Confusion in V8 (CVE-2019-13730)\n\n* chromium-browser: Use after free in WebAudio (CVE-2019-13732)\n\n* chromium-browser: Out of bounds write in SQLite (CVE-2019-13734)\n\n* chromium-browser: Out of bounds write in V8 (CVE-2019-13735)\n\n* chromium-browser: Type Confusion in V8 (CVE-2019-13764)\n\n* chromium-browser: Integer overflow in PDFium (CVE-2019-13736)\n\n* chromium-browser: Insufficient policy enforcement in autocomplete (CVE-2019-13737)\n\n* chromium-browser: Insufficient policy enforcement in navigation (CVE-2019-13738)\n\n* chromium-browser: Incorrect security UI in Omnibox (CVE-2019-13739)\n\n* chromium-browser: Incorrect security UI in sharing (CVE-2019-13740)\n\n* chromium-browser: Insufficient validation of untrusted input in Blink (CVE-2019-13741)\n\n* chromium-browser: Incorrect security UI in Omnibox (CVE-2019-13742)\n\n* chromium-browser: Incorrect security UI in external protocol handling (CVE-2019-13743)\n\n* chromium-browser: Insufficient policy enforcement in cookies (CVE-2019-13744)\n\n* chromium-browser: Insufficient policy enforcement in audio (CVE-2019-13745)\n\n* chromium-browser: Insufficient policy enforcement in Omnibox (CVE-2019-13746)\n\n* chromium-browser: Uninitialized Use in rendering (CVE-2019-13747)\n\n* chromium-browser: Insufficient policy enforcement in developer tools (CVE-2019-13748)\n\n* chromium-browser: Incorrect security UI in Omnibox (CVE-2019-13749)\n\n* chromium-browser: Insufficient data validation in SQLite (CVE-2019-13750)\n\n* chromium-browser: Uninitialized Use in SQLite (CVE-2019-13751)\n\n* chromium-browser: Out of bounds read in SQLite (CVE-2019-13752)\n\n* chromium-browser: Out of bounds read in SQLite (CVE-2019-13753)\n\n* chromium-browser: Insufficient policy enforcement in extensions (CVE-2019-13754)\n\n* chromium-browser: Insufficient policy enforcement in extensions (CVE-2019-13755)\n\n* chromium-browser: Incorrect security UI in printing (CVE-2019-13756)\n\n* chromium-browser: Incorrect security UI in Omnibox (CVE-2019-13757)\n\n* chromium-browser: Insufficient policy enforcement in navigation (CVE-2019-13758)\n\n* chromium-browser: Incorrect security UI in interstitials (CVE-2019-13759)\n\n* chromium-browser: Incorrect security UI in Omnibox (CVE-2019-13761)\n\n* chromium-browser: Insufficient policy enforcement in downloads (CVE-2019-13762)\n\n* chromium-browser: Insufficient policy enforcement in payments (CVE-2019-13763)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2019:4238", "url": "https://access.redhat.com/errata/RHSA-2019:4238" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "1781973", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781973" }, { "category": "external", "summary": "1781974", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781974" }, { "category": "external", "summary": "1781975", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781975" }, { "category": "external", "summary": "1781976", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781976" }, { "category": "external", "summary": "1781977", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781977" }, { "category": "external", "summary": "1781978", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781978" }, { "category": "external", "summary": "1781979", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781979" }, { "category": "external", "summary": "1781980", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781980" }, { "category": "external", "summary": "1781981", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781981" }, { "category": "external", "summary": "1781982", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781982" }, { "category": "external", "summary": "1781983", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781983" }, { "category": "external", "summary": "1781984", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781984" }, { "category": "external", "summary": "1781985", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781985" }, { "category": "external", "summary": "1781986", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781986" }, { "category": "external", "summary": "1781987", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781987" }, { "category": "external", "summary": "1781988", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781988" }, { "category": "external", "summary": "1781989", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781989" }, { "category": "external", "summary": "1781990", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781990" }, { "category": "external", "summary": "1781991", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781991" }, { "category": "external", "summary": "1781992", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781992" }, { "category": "external", "summary": "1781993", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781993" }, { "category": "external", "summary": "1781994", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781994" }, { "category": "external", "summary": "1781995", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781995" }, { "category": "external", "summary": "1781997", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781997" }, { "category": "external", "summary": "1781998", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781998" }, { "category": "external", "summary": "1781999", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781999" }, { "category": "external", "summary": "1782000", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782000" }, { "category": "external", "summary": "1782001", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782001" }, { "category": "external", "summary": "1782002", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782002" }, { "category": "external", "summary": "1782003", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782003" }, { "category": "external", "summary": "1782004", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782004" }, { "category": "external", "summary": "1782005", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782005" }, { "category": "external", "summary": "1782006", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782006" }, { "category": "external", "summary": "1782007", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782007" }, { "category": "external", "summary": "1782008", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782008" }, { "category": "external", "summary": "1782017", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782017" }, { "category": "external", "summary": "1782021", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782021" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_4238.json" } ], "title": "Red Hat Security Advisory: chromium-browser security update", "tracking": { "current_release_date": "2024-11-15T04:13:35+00:00", "generator": { "date": "2024-11-15T04:13:35+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2019:4238", "initial_release_date": "2019-12-16T09:09:31+00:00", "revision_history": [ { "date": "2019-12-16T09:09:31+00:00", "number": "1", "summary": "Initial version" }, { "date": "2019-12-16T09:09:31+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T04:13:35+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.10.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.10.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.10.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.10.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux Supplementary" }, { "branches": [ { "category": "product_version", "name": "chromium-browser-0:79.0.3945.79-1.el6_10.i686", "product": { "name": "chromium-browser-0:79.0.3945.79-1.el6_10.i686", "product_id": "chromium-browser-0:79.0.3945.79-1.el6_10.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/chromium-browser@79.0.3945.79-1.el6_10?arch=i686" } } }, { "category": "product_version", "name": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "product": { "name": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "product_id": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/chromium-browser-debuginfo@79.0.3945.79-1.el6_10?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "product": { "name": "chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "product_id": "chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/chromium-browser@79.0.3945.79-1.el6_10?arch=x86_64" } } }, { "category": "product_version", "name": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "product": { "name": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "product_id": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/chromium-browser-debuginfo@79.0.3945.79-1.el6_10?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-0:79.0.3945.79-1.el6_10.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686" }, "product_reference": "chromium-browser-0:79.0.3945.79-1.el6_10.i686", "relates_to_product_reference": "6Client-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-0:79.0.3945.79-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64" }, "product_reference": "chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686" }, "product_reference": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "relates_to_product_reference": "6Client-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" }, "product_reference": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-0:79.0.3945.79-1.el6_10.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686" }, "product_reference": "chromium-browser-0:79.0.3945.79-1.el6_10.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-0:79.0.3945.79-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64" }, "product_reference": "chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686" }, "product_reference": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" }, "product_reference": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-0:79.0.3945.79-1.el6_10.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686" }, "product_reference": "chromium-browser-0:79.0.3945.79-1.el6_10.i686", "relates_to_product_reference": "6Server-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-0:79.0.3945.79-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64" }, "product_reference": "chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686" }, "product_reference": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "relates_to_product_reference": "6Server-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" }, "product_reference": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-0:79.0.3945.79-1.el6_10.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686" }, "product_reference": "chromium-browser-0:79.0.3945.79-1.el6_10.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-0:79.0.3945.79-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64" }, "product_reference": "chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686" }, "product_reference": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.10.z" }, { "category": "default_component_of", "full_product_name": { "name": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" }, "product_reference": "chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.10.z" } ] }, "vulnerabilities": [ { "cve": "CVE-2019-13725", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781973" } ], "notes": [ { "category": "description", "text": "Use-after-free in Bluetooth in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Use after free in Bluetooth", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13725" }, { "category": "external", "summary": "RHBZ#1781973", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781973" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13725", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13725" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13725", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13725" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.6, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "chromium-browser: Use after free in Bluetooth" }, { "cve": "CVE-2019-13726", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781974" } ], "notes": [ { "category": "description", "text": "Buffer overflow in password manager in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Heap buffer overflow in password manager", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13726" }, { "category": "external", "summary": "RHBZ#1781974", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781974" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13726", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13726" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13726", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13726" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.6, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "chromium-browser: Heap buffer overflow in password manager" }, { "cve": "CVE-2019-13727", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781975" } ], "notes": [ { "category": "description", "text": "Insufficient policy enforcement in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass same origin policy via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Insufficient policy enforcement in WebSockets", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13727" }, { "category": "external", "summary": "RHBZ#1781975", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781975" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13727", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13727" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13727", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13727" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "chromium-browser: Insufficient policy enforcement in WebSockets" }, { "cve": "CVE-2019-13728", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781976" } ], "notes": [ { "category": "description", "text": "Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Out of bounds write in V8", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13728" }, { "category": "external", "summary": "RHBZ#1781976", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781976" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13728", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13728" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13728", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13728" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "chromium-browser: Out of bounds write in V8" }, { "cve": "CVE-2019-13729", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781977" } ], "notes": [ { "category": "description", "text": "Use-after-free in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Use after free in WebSockets", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13729" }, { "category": "external", "summary": "RHBZ#1781977", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781977" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13729", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13729" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13729", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13729" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "chromium-browser: Use after free in WebSockets" }, { "cve": "CVE-2019-13730", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781978" } ], "notes": [ { "category": "description", "text": "Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Type Confusion in V8", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13730" }, { "category": "external", "summary": "RHBZ#1781978", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781978" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13730", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13730" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13730", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13730" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "chromium-browser: Type Confusion in V8" }, { "cve": "CVE-2019-13732", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781979" } ], "notes": [ { "category": "description", "text": "Use-after-free in WebAudio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Use after free in WebAudio", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13732" }, { "category": "external", "summary": "RHBZ#1781979", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781979" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13732", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13732" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13732", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13732" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "chromium-browser: Use after free in WebAudio" }, { "cve": "CVE-2019-13734", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781980" } ], "notes": [ { "category": "description", "text": "Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "sqlite: fts3: improve shadow table corruption detection", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13734" }, { "category": "external", "summary": "RHBZ#1781980", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781980" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13734", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13734" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13734", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13734" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "sqlite: fts3: improve shadow table corruption detection" }, { "cve": "CVE-2019-13735", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781981" } ], "notes": [ { "category": "description", "text": "Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Out of bounds write in V8", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13735" }, { "category": "external", "summary": "RHBZ#1781981", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781981" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13735", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13735" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13735", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13735" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "chromium-browser: Out of bounds write in V8" }, { "cve": "CVE-2019-13736", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781983" } ], "notes": [ { "category": "description", "text": "Integer overflow in PDFium in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Integer overflow in PDFium", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13736" }, { "category": "external", "summary": "RHBZ#1781983", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781983" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13736", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13736" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13736", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13736" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "chromium-browser: Integer overflow in PDFium" }, { "cve": "CVE-2019-13737", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781984" } ], "notes": [ { "category": "description", "text": "Insufficient policy enforcement in autocomplete in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Insufficient policy enforcement in autocomplete", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13737" }, { "category": "external", "summary": "RHBZ#1781984", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781984" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13737", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13737" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13737", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13737" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "chromium-browser: Insufficient policy enforcement in autocomplete" }, { "cve": "CVE-2019-13738", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781985" } ], "notes": [ { "category": "description", "text": "Insufficient policy enforcement in navigation in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass site isolation via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Insufficient policy enforcement in navigation", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13738" }, { "category": "external", "summary": "RHBZ#1781985", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781985" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13738", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13738" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13738", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13738" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "chromium-browser: Insufficient policy enforcement in navigation" }, { "cve": "CVE-2019-13739", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781986" } ], "notes": [ { "category": "description", "text": "Insufficient policy enforcement in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Incorrect security UI in Omnibox", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13739" }, { "category": "external", "summary": "RHBZ#1781986", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781986" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13739", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13739" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13739", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13739" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "chromium-browser: Incorrect security UI in Omnibox" }, { "cve": "CVE-2019-13740", "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781987" } ], "notes": [ { "category": "description", "text": "Incorrect security UI in sharing in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page.", "title": "Vulnerability description" }, { "category": "summary", "text": "chromium-browser: Incorrect security UI in sharing", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13740" }, { "category": "external", "summary": "RHBZ#1781987", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781987" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13740", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13740" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13740", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13740" }, { "category": "external", "summary": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-12-16T09:09:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", "product_ids": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6ComputeNode-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Server-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.i686", "6Workstation-Supplementary-6.10.z:chromium-browser-debuginfo-0:79.0.3945.79-1.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:4238" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.i686", "6Client-Supplementary-6.10.z:chromium-browser-0:79.0.3945.79-1.el6_10.x86_64", "6Client-Sup