Gentoo: GLSA-201603-09: Chromium: Multiple vulnerabilities
Summary
Multiple vulnerabilities have been discovered in the Chromium web browser. Please review the CVE identifiers referenced below for details.
Resolution
All Chromium users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-client/chromium-49.0.2623.87"
References
[ 1 ] CVE-2015-1270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1270 [ 2 ] CVE-2015-1271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1271 [ 3 ] CVE-2015-1272 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1272 [ 4 ] CVE-2015-1273 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1273 [ 5 ] CVE-2015-1274 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1274 [ 6 ] CVE-2015-1275 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1275 [ 7 ] CVE-2015-1276 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1276 [ 8 ] CVE-2015-1277 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1277 [ 9 ] CVE-2015-1278 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1278 [ 10 ] CVE-2015-1279 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1279 [ 11 ] CVE-2015-1280 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1280 [ 12 ] CVE-2015-1281 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1281 [ 13 ] CVE-2015-1282 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1282 [ 14 ] CVE-2015-1283 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1283 [ 15 ] CVE-2015-1284 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1284 [ 16 ] CVE-2015-1285 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1285 [ 17 ] CVE-2015-1286 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1286 [ 18 ] CVE-2015-1287 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1287 [ 19 ] CVE-2015-1288 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1288 [ 20 ] CVE-2015-1289 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1289 [ 21 ] CVE-2015-1291 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1291 [ 22 ] CVE-2015-1292 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1292 [ 23 ] CVE-2015-1293 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1293 [ 24 ] CVE-2015-1294 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1294 [ 25 ] CVE-2015-1295 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1295 [ 26 ] CVE-2015-1296 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1296 [ 27 ] CVE-2015-1297 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1297 [ 28 ] CVE-2015-1298 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1298 [ 29 ] CVE-2015-1299 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1299 [ 30 ] CVE-2015-1300 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1300 [ 31 ] CVE-2015-1302 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1302 [ 32 ] CVE-2015-1303 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1303 [ 33 ] CVE-2015-1304 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1304 [ 34 ] CVE-2015-6755 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6755 [ 35 ] CVE-2015-6756 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6756 [ 36 ] CVE-2015-6757 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6757 [ 37 ] CVE-2015-6758 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6758 [ 38 ] CVE-2015-6759 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6759 [ 39 ] CVE-2015-6760 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6760 [ 40 ] CVE-2015-6761 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6761 [ 41 ] CVE-2015-6762 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6762 [ 42 ] CVE-2015-6763 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6763 [ 43 ] CVE-2015-6764 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6764 [ 44 ] CVE-2015-6765 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6765 [ 45 ] CVE-2015-6766 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6766 [ 46 ] CVE-2015-6767 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6767 [ 47 ] CVE-2015-6768 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6768 [ 48 ] CVE-2015-6769 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6769 [ 49 ] CVE-2015-6770 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6770 [ 50 ] CVE-2015-6771 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6771 [ 51 ] CVE-2015-6772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6772 [ 52 ] CVE-2015-6773 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6773 [ 53 ] CVE-2015-6774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6774 [ 54 ] CVE-2015-6775 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6775 [ 55 ] CVE-2015-6776 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6776 [ 56 ] CVE-2015-6777 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6777 [ 57 ] CVE-2015-6778 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6778 [ 58 ] CVE-2015-6779 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6779 [ 59 ] CVE-2015-6780 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6780 [ 60 ] CVE-2015-6781 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6781 [ 61 ] CVE-2015-6782 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6782 [ 62 ] CVE-2015-6783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6783 [ 63 ] CVE-2015-6784 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6784 [ 64 ] CVE-2015-6785 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6785 [ 65 ] CVE-2015-6786 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6786 [ 66 ] CVE-2015-6787 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6787 [ 67 ] CVE-2015-6788 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6788 [ 68 ] CVE-2015-6789 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6789 [ 69 ] CVE-2015-6790 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6790 [ 70 ] CVE-2015-6791 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6791 [ 71 ] CVE-2015-6792 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6792 [ 72 ] CVE-2015-8126 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8126 [ 73 ] CVE-2016-1612 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1612 [ 74 ] CVE-2016-1613 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1613 [ 75 ] CVE-2016-1614 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1614 [ 76 ] CVE-2016-1615 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1615 [ 77 ] CVE-2016-1616 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1616 [ 78 ] CVE-2016-1617 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1617 [ 79 ] CVE-2016-1618 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1618 [ 80 ] CVE-2016-1619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1619 [ 81 ] CVE-2016-1620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1620 [ 82 ] CVE-2016-1621 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1621 [ 83 ] CVE-2016-1622 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1622 [ 84 ] CVE-2016-1623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1623 [ 85 ] CVE-2016-1624 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1624 [ 86 ] CVE-2016-1625 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1625 [ 87 ] CVE-2016-1626 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1626 [ 88 ] CVE-2016-1627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1627 [ 89 ] CVE-2016-1628 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1628 [ 90 ] CVE-2016-1629 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1629 [ 91 ] CVE-2016-1630 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1630 [ 92 ] CVE-2016-1631 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1631 [ 93 ] CVE-2016-1632 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1632 [ 94 ] CVE-2016-1633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1633 [ 95 ] CVE-2016-1634 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1634 [ 96 ] CVE-2016-1635 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1635 [ 97 ] CVE-2016-1636 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1636 [ 98 ] CVE-2016-1637 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1637 [ 99 ] CVE-2016-1638 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1638 [ 100 ] CVE-2016-1639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1639 [ 101 ] CVE-2016-1640 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1640 [ 102 ] CVE-2016-1641 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1641
Availability
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/201603-09
Concerns
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
Synopsis
Multiple vulnerabilities have been found in the Chromium web browser, the worst of which allows remote attackers to execute arbitrary code.
Background
Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web.
Affected Packages
------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-client/chromium < 49.0.2623.87 >= 49.0.2623.87
Impact
===== A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information, or bypass security restrictions.
Workaround
There is no known workaround at this time.