diff options
| author | Tommy Steimel <steimel@chromium.org> | 2021-05-04 19:30:56 +0000 |
|---|---|---|
| committer | Michael BrĂ¼ning <michael.bruning@qt.io> | 2021-05-26 15:20:33 +0000 |
| commit | f5056d0249417c71d82c714ac3d86226ecf2af6d (patch) | |
| tree | 0386fa44bc5ba8b6491cef77ddb0e963abade1a4 | |
| parent | 5b2293cf1f238916da5cb40c4746dd987c071abd (diff) | |
[Backport] CVE-2021-30508: Heap buffer overflow in Media Feeds
Manual backport of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/2847504:
Media Feeds: Disable Media Feeds and related features in M90
Media Feeds is deleted in M91 and later and is unused in previous
versions as well. There is a security issue with Media Feeds though, so
we'd like to force it to be disabled in previous versions, so this CL
turns it off for M90.
Bug: 1195340
Change-Id: I29e18be2abe4c1b4560d6324af3b6da93a97d947
Reviewed-by: dpapad <dpapad@chromium.org>
Reviewed-by: Frank Liberato <liberato@chromium.org>
Commit-Queue: Tommy Steimel <steimel@chromium.org>
Cr-Commit-Position: refs/branch-heads/4430@{#1389}
Cr-Branched-From: e5ce7dc4f7518237b3d9bb93cccca35d25216cbe-refs/heads/master@{#857950}
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
| -rw-r--r-- | chromium/media/base/media_switches.cc | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/chromium/media/base/media_switches.cc b/chromium/media/base/media_switches.cc index c845bff827a..22101ed4949 100644 --- a/chromium/media/base/media_switches.cc +++ b/chromium/media/base/media_switches.cc @@ -730,15 +730,15 @@ const base::Feature kMediaEngagementHTTPSOnly{ // Enables Media Feeds to allow sites to provide specific recommendations for // users. -const base::Feature kMediaFeeds{"MediaFeeds", base::FEATURE_ENABLED_BY_DEFAULT}; +const base::Feature kMediaFeeds{"MediaFeeds", base::FEATURE_DISABLED_BY_DEFAULT}; // Enables fetching Media Feeds periodically in the background. const base::Feature kMediaFeedsBackgroundFetching{ - "MediaFeedsBackgroundFetching", base::FEATURE_ENABLED_BY_DEFAULT}; + "MediaFeedsBackgroundFetching", base::FEATURE_DISABLED_BY_DEFAULT}; // Enables checking Media Feeds against safe search to prevent adult content. const base::Feature kMediaFeedsSafeSearch{"MediaFeedsSafeSearch", - base::FEATURE_ENABLED_BY_DEFAULT}; + base::FEATURE_DISABLED_BY_DEFAULT}; // Send events to devtools rather than to chrome://media-internals const base::Feature kMediaInspectorLogging{"MediaInspectorLogging", |