Debian: DSA-3507-1: chromium-browser security update

    Date05 Mar 2016
    CategoryDebian
    118
    Posted ByLinuxSecurity Advisories
    Several vulnerabilities have been discovered in the chromium web browser. CVE-2015-8126
    
    - -------------------------------------------------------------------------
    Debian Security Advisory DSA-3507-1                   This email address is being protected from spambots. You need JavaScript enabled to view it.
    https://www.debian.org/security/                          Michael Gilbert
    March 05, 2016                        https://www.debian.org/security/faq
    - -------------------------------------------------------------------------
    
    Package        : chromium-browser
    CVE ID         : CVE-2015-8126 CVE-2016-1630 CVE-2016-1631 CVE-2016-1632
                     CVE-2016-1633 CVE-2016-1634 CVE-2016-1635 CVE-2016-1636
                     CVE-2016-1637 CVE-2016-1638 CVE-2016-1639 CVE-2016-1640
                     CVE-2016-1641 CVE-2016-1642
    
    Several vulnerabilities have been discovered in the chromium web browser.
    
    CVE-2015-8126
    
        Joerg Bornemann discovered multiple buffer overflow issues in the
        libpng library.
    
    CVE-2016-1630
    
        Mariusz Mlynski discovered a way to bypass the Same Origin Policy
        in Blink/Webkit.
    
    CVE-2016-1631
    
        Mariusz Mlynski discovered a way to bypass the Same Origin Policy
        in the Pepper Plugin API.
    
    CVE-2016-1632
    
        A bad cast was discovered.
    
    CVE-2016-1633
    
        cloudfuzzer discovered a use-after-free issue in Blink/Webkit.
    
    CVE-2016-1634
    
        cloudfuzzer discovered a use-after-free issue in Blink/Webkit.
    
    CVE-2016-1635
    
        Rob Wu discovered a use-after-free issue in Blink/Webkit.
    
    CVE-2016-1636
    
        A way to bypass SubResource Integrity validation was discovered.
    
    CVE-2016-1637
    
        Keve Nagy discovered an information leak in the skia library.
    
    CVE-2016-1638
    
        Rob Wu discovered a WebAPI bypass issue.
    
    CVE-2016-1639
    
        Khalil Zhani discovered a use-after-free issue in the WebRTC
        implementation.
    
    CVE-2016-1640
    
        Luan Herrera discovered an issue with the Extensions user interface.
    
    CVE-2016-1641
    
        Atte Kettunen discovered a use-after-free issue in the handling of
        favorite icons.
    
    CVE-2016-1642
    
        The chrome 49 development team found and fixed various issues
        during internal auditing.  Also multiple issues were fixed in
        the v8 javascript library, version 4.9.385.26.
    
    For the stable distribution (jessie), these problems have been fixed in
    version 49.0.2623.75-1~deb8u1.
    
    For the testing distribution (stretch), these problems will be fixed soon.
    
    For the unstable distribution (sid), these problems have been fixed in
    version 49.0.2623.75-1.
    
    We recommend that you upgrade your chromium-browser packages.
    
    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/
    
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"23","type":"x","order":"1","pct":56.1,"resources":[]},{"id":"88","title":"Should be more technical","votes":"5","type":"x","order":"2","pct":12.2,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"13","type":"x","order":"3","pct":31.71,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.