Debian Security Advisory

DSA-4575-1 chromium -- security update

Date Reported:
24 Nov 2019
Affected Packages:
Security database references:
In Mitre's CVE dictionary: CVE-2019-13723, CVE-2019-13724.
More information:

Several vulnerabilities have been discovered in the chromium web browser.

  • CVE-2019-13723

    Yuxiang Li discovered a use-after-free issue in the bluetooth service.

  • CVE-2019-13724

    Yuxiang Li discovered an out-of-bounds read issue in the bluetooth service.

For the oldstable distribution (stretch), security support for the chromium package has been discontinued.

For the stable distribution (buster), these problems have been fixed in version 78.0.3904.108-1~deb10u1.

We recommend that you upgrade your chromium packages.

For the detailed security status of chromium please refer to its security tracker page at: