Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Mehrere Probleme in Chromium
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in Chromium
ID: FEDORA-2016-bf8c64a060
Distribution: Fedora
Plattformen: Fedora 24
Datum: Sa, 10. September 2016, 23:16
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5150
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5160
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5154
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5166
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5162
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5159
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5149
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5151
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5148
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5164
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5155
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5158
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5163
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5152
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5167
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5161
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5156
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5165
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5153
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5147
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5157

Originalnachricht

Name        : chromium
Product : Fedora 24
Version : 53.0.2785.101
Release : 1.fc24
URL : http://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).

-------------------------------------------------------------------------------
-
Update Information:

Stable update to 53.0.2785.101. Security fix for CVE-2016-5147, CVE-2016-5148,
CVE-2016-5149, CVE-2016-5150, CVE-2016-5151, CVE-2016-5152, CVE-2016-5153,
CVE-2016-5154, CVE-2016-5155, CVE-2016-5156, CVE-2016-5157, CVE-2016-5158,
CVE-2016-5159, CVE-2016-5161, CVE-2016-5162, CVE-2016-5163, CVE-2016-5164,
CVE-2016-5165, CVE-2016-5166, CVE-2016-5160, CVE-2016-5167 Also applies fix
for
chrome-remote-desktop where HOME env variable was not properly set via systemd
service.
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1372229 - CVE-2016-5167 chromium-browser: various fixes from
internal audits
https://bugzilla.redhat.com/show_bug.cgi?id=1372229
[ 2 ] Bug #1372228 - CVE-2016-5160 chromium-browser: extensions web
accessible resources bypass
https://bugzilla.redhat.com/show_bug.cgi?id=1372228
[ 3 ] Bug #1372227 - CVE-2016-5166 chromium-browser: smb relay attack via
save page as
https://bugzilla.redhat.com/show_bug.cgi?id=1372227
[ 4 ] Bug #1372225 - CVE-2016-5165 chromium-browser: script injection in
devtools
https://bugzilla.redhat.com/show_bug.cgi?id=1372225
[ 5 ] Bug #1372224 - CVE-2016-5164 chromium-browser: universal xss using
devtools
https://bugzilla.redhat.com/show_bug.cgi?id=1372224
[ 6 ] Bug #1372223 - CVE-2016-5163 chromium-browser: address bar spoofing
https://bugzilla.redhat.com/show_bug.cgi?id=1372223
[ 7 ] Bug #1372222 - CVE-2016-5162 chromium-browser: extensions web
accessible resources bypass
https://bugzilla.redhat.com/show_bug.cgi?id=1372222
[ 8 ] Bug #1372221 - CVE-2016-5161 chromium-browser: type confusion in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1372221
[ 9 ] Bug #1372220 - CVE-2016-5159 chromium-browser: heap overflow in pdfium
https://bugzilla.redhat.com/show_bug.cgi?id=1372220
[ 10 ] Bug #1372219 - CVE-2016-5158 chromium-browser: heap overflow in pdfium
https://bugzilla.redhat.com/show_bug.cgi?id=1372219
[ 11 ] Bug #1372218 - CVE-2016-5157 chromium-browser: heap overflow in pdfium
https://bugzilla.redhat.com/show_bug.cgi?id=1372218
[ 12 ] Bug #1372217 - CVE-2016-5156 chromium-browser: use after free in event
bindings
https://bugzilla.redhat.com/show_bug.cgi?id=1372217
[ 13 ] Bug #1372216 - CVE-2016-5155 chromium-browser: address bar spoofing
https://bugzilla.redhat.com/show_bug.cgi?id=1372216
[ 14 ] Bug #1372215 - CVE-2016-5154 chromium-browser: heap overflow in pdfium
https://bugzilla.redhat.com/show_bug.cgi?id=1372215
[ 15 ] Bug #1372214 - CVE-2016-5153 chromium-browser: use after destruction
in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1372214
[ 16 ] Bug #1372213 - CVE-2016-5152 chromium-browser: heap overflow in pdfium
https://bugzilla.redhat.com/show_bug.cgi?id=1372213
[ 17 ] Bug #1372212 - CVE-2016-5151 chromium-browser: use after free in
pdfium
https://bugzilla.redhat.com/show_bug.cgi?id=1372212
[ 18 ] Bug #1372210 - CVE-2016-5150 chromium-browser: use after free in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1372210
[ 19 ] Bug #1372209 - CVE-2016-5149 chromium-browser: script injection in
extensions
https://bugzilla.redhat.com/show_bug.cgi?id=1372209
[ 20 ] Bug #1372208 - CVE-2016-5148 chromium-browser: universal xss in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1372208
[ 21 ] Bug #1372207 - CVE-2016-5147 chromium-browser: universal xss in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1372207
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update chromium' at the command line.
For more information, refer to "Managing Software with yum",
available at https://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://lists.fedoraproject.org/admin/lists/package-announce@lists.fedoraproject.org
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung