Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 448
Alerts This Week
Warning Icon 1 448

Fedora 24: 2016-bf8c64a060 Critical Issue: Chromium Script Injection

fedora
Calendar Grey September 10, 2016
Dist Fedora Esm H88
Fedora 24 has released an updated Chromium browser that fixes various security vulnerabilities, enhancing users' safe browsing experience with important patches
Stable update to 53.0.2785.101

Summary

Chromium is an open-source web browser, powered by WebKit (Blink).

Update Information:

Stable update to 53.0.2785.101. Security fix for CVE-2016-5147, CVE-2016-5148, CVE-2016-5149, CVE-2016-5150, CVE-2016-5151, CVE-2016-5152, CVE-2016-5153, CVE-2016-5154, CVE-2016-5155, CVE-2016-5156, CVE-2016-5157, CVE-2016-5158, CVE-2016-5159, CVE-2016-5161, CVE-2016-5162, CVE-2016-5163, CVE-2016-5164, CVE-2016-5165, CVE-2016-5166, CVE-2016-5160, CVE-2016-5167 Also applies fix for chrome-remote-desktop where HOME env variable was not properly set via systemd service.

Change Log

References


[ 1 ] Bug #1372229 - CVE-2016-5167 chromium-browser: various fixes from internal audits https://bugzilla.redhat.com/show_bug.cgi?id=1372229 [ 2 ] Bug #1372228 - CVE-2016-5160 chromium-browser: extensions web accessible resources bypass https://bugzilla.redhat.com/show_bug.cgi?id=1372228 [ 3 ] Bug #1372227 - CVE-2016-5166 chromium-browser: smb relay attack via save page as https://bugzilla.redhat.com/show_bug.cgi?id=1372227 [ 4 ] Bug #1372225 - CVE-2016-5165 chromium-browser: script injection in devtools https://bugzilla.redhat.com/show_bug.cgi?id=1372225 [ 5 ] Bug #1372224 - CVE-2016-5164 chromium-browser: universal xss using devtools https://bugzilla.redhat.com/show_bug.cgi?id=1372224 [ 6 ] Bug #1372223 - CVE-2016-5163 chromium-browser: address bar spoofing https://bugzilla.redhat.com/show_bug.cgi?id=1372223 [ 7 ] Bug #1372222 - CVE-2016-5162 chromium-browser: extensions web accessible resources bypass https://bu...

Read the Full Advisory

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update chromium' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: chromium
Product: Fedora 24
Version: 53.0.2785.101
Release: 1.fc24
Summary: A WebKit (Blink) powered web browser

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.