ArchLinux: 201603-5: chromium: multiple issues
Summary
- CVE-2016-1643 (type confusion)
Type confusion in Blink.
- CVE-2016-1644 (use-after-free)
Use-after-free in Blink.
- CVE-2016-1645 (out-of-bounds write)
Out-of-bounds write in PDFium.
Resolution
Upgrade to 49.0.2623.87-1.
# pacman -Syu "chromium>=49.0.2623.87-1"
The problems have been fixed upstream in version 49.0.2623.87.
References
https://access.redhat.com/security/cve/CVE-2016-1643 https://access.redhat.com/security/cve/CVE-2016-1644 https://access.redhat.com/security/cve/CVE-2016-1645 https://chromereleases.googleblog.com/2016/03/stable-channel-update_8.html
Workaround
None.