Arch Linux: ASA-201602-17 Critical: Chromium Remote Code Execution
Feb 21, 2016
•
LinuxSecurity Advisories
1 min read
The package chromium before version 48.0.2564.116-1 is vulnerable to multiple issues.
Arch Linux Security Advisory ASA-201602-17 ========================================= Severity: Critical Date : 2016-02-21 CVE-ID : CVE-2016-1629 Package : chromium Type : multiple issues Remote : Yes Link : https://wiki.archlinux.org/title/CVE Summary ====== The package chromium before version 48.0.2564.116-1 is vulnerable to multiple issues. Resolution ========= Upgrade to 48.0.2564.116-1. # pacman -Syu "chromium>=48.0.2564.116-1" The problem has been fixed upstream in version 48.0.2564.116. Workaround ========= None. Description ========== Same-origin bypass in Blink and Sandbox escape in Chrome. Impact ===== A remote attacker might be able to execute arbitrary code by getting the affected user to visit a specially crafted web page. References ========= https://chromereleases.googleblog.com/2016/02/stable-channel-update_18.html https://access.redhat.com/security/cve/CVE-2016-1629
PREVIOUS
NEXT
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!