drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in Chromium
Name: |
Mehrere Probleme in Chromium |
|
ID: |
DSA-3486-1 |
|
Distribution: |
Debian |
|
Plattformen: |
Debian sid, Debian jessie |
|
Datum: |
So, 21. Februar 2016, 23:29 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1626
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1629
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1623
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1627
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1625
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1628
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1624
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1622 |
|
Applikationen: |
Chromium |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
- ------------------------------------------------------------------------- Debian Security Advisory DSA-3486-1 security@debian.org https://www.debian.org/security/ Michael Gilbert February 21, 2016 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : chromium-browser CVE ID : CVE-2016-1622 CVE-2016-1623 CVE-2016-1624 CVE-2016-1625 CVE-2016-1626 CVE-2016-1627 CVE-2016-1628 CVE-2016-1629
Several vulnerabilities have been discovered in the chromium web browser.
CVE-2016-1622
It was discovered that a maliciously crafted extension could bypass the Same Origin Policy.
CVE-2016-1623
Mariusz Mlynski discovered a way to bypass the Same Origin Policy.
CVE-2016-1624
lukezli discovered a buffer overflow issue in the Brotli library.
CVE-2016-1625
Jann Horn discovered a way to cause the Chrome Instant feature to navigate to unintended destinations.
CVE-2016-1626
An out-of-bounds read issue was discovered in the openjpeg library.
CVE-2016-1627
It was discovered that the Developer Tools did not validate URLs.
CVE-2016-1628
An out-of-bounds read issue was discovered in the pdfium library.
CVE-2016-1629
A way to bypass the Same Origin Policy was discovered in Blink/WebKit, along with a way to escape the chromium sandbox.
For the stable distribution (jessie), these problems have been fixed in version 48.0.2564.116-1~deb8u1.
For the testing distribution (stretch), these problems will be fixed soon.
For the unstable distribution (sid), these problems have been fixed in version 48.0.2564.116-1.
We recommend that you upgrade your chromium-browser packages.
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQQcBAEBCgAGBQJWyjGQAAoJELjWss0C1vRzCOggAIHfWmQnUTLoAnqKYxsfAnLN xRTduJLr2Fba1JcINXKiiRMcrEsYrWTiN+UdiMYtC0TSU933qKEEFvHnVl6FhZCH 9crXNFGknjpz7ql+OkKG6d4Snw1SuoOEziBtk53AaF7T49g4FwV7vzep16gnK4FS vzZJQDr9qyz1DeUMXC/Z1kJRRystU0waqV8G94Cv4X3xcB1zcTFQleQyyRrM3NcU fJkVi35CX7SNnwWrxAqHG0MZvFmDI07Uro/v+erSVxAF2+Pst0Gx6NkawmsPTNcY qMDnWSpCXLp0r4btFZIsCviH1dhvvf91wolTb9m1AkL7gp0j7KQZbjNqvlmYWNLj mpdcDbYwJq9vvJd8y/Xjri0nEHftemDXkEjqf/0cjfqJqsJakk4sADQZ6HEydJ0c +P5K4Xhz1Xef6+5oIFRJxoYl1kWrYDy3By74aiY++IKj/pkzff0wYNQFLHpj0FZ0 mBnOTYHsvB88afGklSyPdfUxChPQ80t+CXp0QdVGJQnS7EG7tLSC+D4Icootnf06 Gmx4WRTtRm4vN6xufY3/wqDyHJNJTAteqN9/sjXGOjs3WjeSpEy7EMHrvOPU73aH 6WTERHwTCkMRub9M39bOCxHIgkFAU0U27Kc1WwuFHnRsh6b44jfYZJjf0BUhC22F I4Ym+jtmMOt17KrvAlta+qBb6weF89U2Twaxx2MPCO4Z1g1smnTX1FYV3SuK8/+/ 5Sltbp9dXRPbnsPtWNdXkf0tlRbjBVz5L+lQF8GM4H4Y61xfcNY4EeCYWHMbBWk3 m6PR8jFViFdsh6woxASE5CYadSsqhYR+5r9FXsZsgmX2rPuv8QysauiWIXQA8AU5 y6YIZPk/JoL5D87BwUKwzE1SHfNBmr+pLxB21TIIsDOSfvwyk/VQgKWMK36tlc77 eXGFJ8ErCIXAzn9VTd27q5lnmbfwQMt/+i6bR09mIoFtFiJz0X0b9Pcw0AjiSkVm 6PsfqJf9b7O1HOEeqYdzGW5nKuWpC34EVo1iTbtxP8LzwaQMgM6J8SPTRmJianep FaeD3b4z16XehX/p2FGutoWDd/oxgl48TwpET40HKOab4ZNehRGJk7CEUtYH2Z9C 2gHOH1vOQSfrkxPCBcQvkbsjFbtL4ECJ5aktAg4GkXslAIE4ZyxQ9bNFZC5fM/rX /LoK/O26mHsZLJtdd3JMnqPTrNhYe9gOrdOcYnr73D5En9kyP0nNoUhQ6k4J8eOH C7iILgXfYhVjscNJ2L8IFEDnBe9naQM8Bh3pgZ2pWNU1PhjJDGiZbN4IN6LqaI/6 dPYLn5Ib0hQZM7gCn50uUnxFD10PqG7EYdZmuWrkNC2CzAO++UxSC2Du94/id6I= =5OhE -----END PGP SIGNATURE-----
|
|
|
|