ArchLinux: 201702-2: qt5-webengine: multiple issues
Summary
- CVE-2016-5182 (arbitrary code execution)
A heap overflow flaw was found in the Blink component of the Chromium
browser.
- CVE-2016-5183 (arbitrary code execution)
An use after free flaw was found in the PDFium component of the
Chromium browser.
- CVE-2016-5189 (content spoofing)
An URL spoofing flaw was found in the Chromium browser.
- CVE-2016-5199 (arbitrary code execution)
FFMPEG MP4 decoder contains an off-by-one error resulting in an
allocation of size 0, followed by corrupting an arbitrary number of
pointers out of bounds on the heap, where each is pointing to
controllable or uninitialized data. A remote attacker can potentially
use this flaw to exploit heap corruption via a crafted video file.
- CVE-2016-5201 (information disclosure)
An information disclosure flaw was found in the extensions component of
the Chromium browser before 54.0.2840.100.
- CVE-2016-5203 (arbitrary code execution)
An use after free flaw was found in the PDFium component of the
Chromium browser.
- CVE-2016-5204 (cross-site scripting)
An universal XSS flaw was found in the Blink component of the Chromium
browser.
- CVE-2016-5205 (cross-site scripting)
An universal XSS flaw was found in the Blink component of the Chromium
browser.
- CVE-2016-5206 (same-origin policy bypass)
A same-origin bypass flaw was found in the PDFium component of the
Chromium browser.
- CVE-2016-5207 (cross-site scripting)
An universal XSS flaw was found in the Blink component of the Chromium
browser.
- CVE-2016-5208 (cross-site scripting)
An universal XSS flaw was found in the Blink component of the Chromium
browser.
- CVE-2016-5210 (arbitrary code execution)
An out of bounds write flaw was found in the PDFium component of the
Chromium browser.
- CVE-2016-5211 (arbitrary code execution)
An use after free flaw was found in the PDFium component of the
Chromium browser.
- CVE-2016-5212 (arbitrary filesystem access)
A local file disclosure flaw was found in the DevTools component of the
Chromium browser.
- CVE-2016-5213 (arbitrary code execution)
An use after free flaw was found in the V8 component of the Chromium
browser.
- CVE-2016-5214 (insufficient validation)
A file download protection bypass was discovered in the Chromium
browser.
- CVE-2016-5215 (arbitrary code execution)
An use after free flaw was found in the Webaudio component of the
Chromium browser.
- CVE-2016-5216 (arbitrary code execution)
An use after free flaw was found in the PDFium component of the
Chromium browser.
- CVE-2016-5217 (insufficient validation)
An use of unvalidated data flaw was found in the PDFium component of
the Chromium browser.
- CVE-2016-5218 (content spoofing)
An address spoofing flaw was found in the Omnibox component of the
Chromium browser.
- CVE-2016-5219 (arbitrary code execution)
An use after free flaw was found in the V8 component of the Chromium
browser.
- CVE-2016-5221 (arbitrary code execution)
An integer overflow flaw was found in the ANGLE component of the
Chromium browser.
- CVE-2016-5222 (content spoofing)
An address spoofing flaw was found in the Omnibox component of the
Chromium browser.
- CVE-2016-5223 (arbitrary code execution)
An integer overflow flaw was found in the PDFium component of the
Chromium browser.
- CVE-2016-5224 (same-origin policy bypass)
A same-origin bypass flaw was found in the SVG component of the
Chromium browser.
- CVE-2016-5225 (access restriction bypass)
A CSP bypass flaw was found in the Blink component of the Chromium
browser.
- CVE-2016-9650 (information disclosure)
A CSP referrer disclosure vulnerability has been discovered in the
Chromium browser.
- CVE-2016-9651 (access restriction bypass)
A private property access flaw was found in the V8 component of the
Chromium browser.
Resolution
Upgrade to 5.8.0-1.
# pacman -Syu "qt5-webengine>=5.8.0-1"
The problems have been fixed upstream in version 5.8.0.
References
https://code.qt.io/cgit/qt/qtwebengine.git/tree/dist/changes-5.8.0 https://chromereleases.googleblog.com/2016/10/stable-channel-update-for-desktop.html https://chromereleases.googleblog.com/2016/11/stable-channel-update-for-desktop_9.html https://bugs.chromium.org/p/chromium/issues/detail?id=643948 https://bugs.chromium.org/p/chromium/issues/detail?id=660678 https://chromereleases.googleblog.com/2016/12/stable-channel-update-for-desktop.html https://security.archlinux.org/CVE-2016-5182 https://security.archlinux.org/CVE-2016-5183 https://security.archlinux.org/CVE-2016-5189 https://security.archlinux.org/CVE-2016-5199 https://security.archlinux.org/CVE-2016-5201 https://security.archlinux.org/CVE-2016-5203 https://security.archlinux.org/CVE-2016-5204 https://security.archlinux.org/CVE-2016-5205 https://security.archlinux.org/CVE-2016-5206 https://security.archlinux.org/CVE-2016-5207 https://security.archlinux.org/CVE-2016-5208 https://security.archlinux.org/CVE-2016-5210 https://security.archlinux.org/CVE-2016-5211 https://security.archlinux.org/CVE-2016-5212 https://security.archlinux.org/CVE-2016-5213 https://security.archlinux.org/CVE-2016-5214 https://security.archlinux.org/CVE-2016-5215 https://security.archlinux.org/CVE-2016-5216 https://security.archlinux.org/CVE-2016-5217 https://security.archlinux.org/CVE-2016-5218 https://security.archlinux.org/CVE-2016-5219 https://security.archlinux.org/CVE-2016-5221 https://security.archlinux.org/CVE-2016-5222 https://security.archlinux.org/CVE-2016-5223 https://security.archlinux.org/CVE-2016-5224 https://security.archlinux.org/CVE-2016-5225 https://security.archlinux.org/CVE-2016-9650 https://security.archlinux.org/CVE-2016-9651
Workaround
None.