Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 438
Alerts This Week
Warning Icon 1 438

Debian DSA-3315-1 High Severity: Multiple Browser Threats

debian
Calendar Grey July 24, 2015
Debian Logo
Enhance your Firefox browser to fix various weaknesses affecting security and performance in Fedora environments.
Several vulnerabilities were discovered in the chromium web browser

Summary

CVE-2015-1266

Intended access restrictions could be bypassed for certain URLs like
chrome://gpu.

CVE-2015-1267

A way to bypass the Same Origin Policy was discovered.

CVE-2015-1268

Mariusz Mlynski also discovered a way to bypass the Same Origin Policy.

CVE-2015-1269

Mike Rudy discovered that hostnames were not properly compared in the
HTTP Strict Transport Policy and HTTP Public Key Pinning features,
which could allow those access restrictions to be bypassed.

CVE-2015-1270

Atte Kettunen discovered an uninitialized memory read in the ICU library.

CVE-2015-1271

cloudfuzzer discovered a buffer overflow in the pdfium library.

CVE-2015-1272

Chamal de Silva discovered race conditions in the GPU process
implementation.

CVE-2015-1273

makosoft discovered a buffer overflow in openjpeg, which is used by
the pdfium library embedded in chromium.

CVE-2015-1274

andrewm.bpi discovered that the auto-open list allowed certain file
types to be executed immediately a...

Read the Full Advisory

Package: chromium-browser
CVE ID: CVE-2015-1266 CVE-2015-1267 CVE-2015-1268 CVE-2015-1269

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.