SUSE Package Hub - openSUSE-2016-950

Update Info

openSUSE-2016-950

Security update for Chromium

Type: security

Severity: important

Issued: 2016-08-07

Description:

Chromium was updated to 52.0.2743.116 to fix the following security issues: (boo#992305)

- CVE-2016-5141: Address bar spoofing (boo#992314)
- CVE-2016-5142: Use-after-free in Blink (boo#992313)
- CVE-2016-5139: Heap overflow in pdfium (boo#992311)
- CVE-2016-5140: Heap overflow in pdfium (boo#992310)
- CVE-2016-5145: Same origin bypass for images in Blink (boo#992320)
- CVE-2016-5143: Parameter sanitization failure in DevTools (boo#992319)
- CVE-2016-5144: Parameter sanitization failure in DevTools (boo#992315)
- CVE-2016-5146: Various fixes from internal audits, fuzzing and other initiatives (boo#992309)

References

CVE: CVE-2016-5146
CVE: CVE-2016-5145
CVE: CVE-2016-5144
CVE: CVE-2016-5143
CVE: CVE-2016-5142
CVE: CVE-2016-5141
CVE: CVE-2016-5140
CVE: CVE-2016-5139
Bugzilla: 992320 VUL-0: CVE-2016-5145: chromium: Same origin bypass for images in Blink
Bugzilla: 992319 VUL-0: CVE-2016-5143: chromium: Parameter sanitization failure in DevTools
Bugzilla: 992315 VUL-0: CVE-2016-5144: chromium: Parameter sanitization failure in DevTools
Bugzilla: 992314 VUL-0: CVE-2016-5141: chromium: Address bar spoofing
Bugzilla: 992313 VUL-0: CVE-2016-5142: chromium: Use-after-free in Blink
Bugzilla: 992311 VUL-0: CVE-2016-5139: chromium: Heap overflow in pdfium
Bugzilla: 992310 VUL-0: CVE-2016-5140: chromium: Heap overflow in pdfium
Bugzilla: 992309 VUL-0: CVE-2016-5146: chromium: various fixes from internal audits
Bugzilla: 992305 VUL-0: chromium: 52.0.2743.116 security release

Packages

chromium-52.0.2743.116-92.1