You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa chromium

Sigurnosni nedostaci programskog paketa chromium

——————————————————————————–
Fedora Update Notification
FEDORA-2016-e0e1cb2b2b
2016-12-15 23:54:24.668724
——————————————————————————–

Name : chromium
Product : Fedora 24
Version : 55.0.2883.87
Release : 1.fc24
URL : http://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).

——————————————————————————–
Update Information:

Update to Chromium 55. Security fix for CVE-2016-5199, CVE-2016-5200,
CVE-2016-5201, CVE-2016-5202, CVE-2016-9651, CVE-2016-5208, CVE-2016-5207,
CVE-2016-5206, CVE-2016-5205, CVE-2016-5204, CVE-2016-5209, CVE-2016-5203,
CVE-2016-5210, CVE-2016-5212, CVE-2016-5211, CVE-2016-5213, CVE-2016-5214,
CVE-2016-5216, CVE-2016-5215, CVE-2016-5217, CVE-2016-5218, CVE-2016-5219,
CVE-2016-5221, CVE-2016-5220, CVE-2016-5222, CVE-2016-9650, CVE-2016-5223,
CVE-2016-5226, CVE-2016-5225, CVE-2016-5224, CVE-2016-9652
——————————————————————————–
References:

[ 1 ] Bug #1393734 – CVE-2016-5202 chromium-browser: various fixes from internal audits
https://bugzilla.redhat.com/show_bug.cgi?id=1393734
[ 2 ] Bug #1393733 – CVE-2016-5201 chromium-browser: info leak in extensions
https://bugzilla.redhat.com/show_bug.cgi?id=1393733
[ 3 ] Bug #1393732 – CVE-2016-5200 chromium-browser: out of bounds memory access in v8
https://bugzilla.redhat.com/show_bug.cgi?id=1393732
[ 4 ] Bug #1393731 – CVE-2016-5199 chromium-browser: heap corruption in ffmpeg
https://bugzilla.redhat.com/show_bug.cgi?id=1393731
[ 5 ] Bug #1400879 – CVE-2016-9652 chromium-browser: various fixes from internal audits
https://bugzilla.redhat.com/show_bug.cgi?id=1400879
[ 6 ] Bug #1400878 – CVE-2016-5224 chromium-browser: same-origin bypass in svg
https://bugzilla.redhat.com/show_bug.cgi?id=1400878
[ 7 ] Bug #1400877 – CVE-2016-5225 chromium-browser: csp bypass in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1400877
[ 8 ] Bug #1400876 – CVE-2016-5226 chromium-browser: limited xss in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1400876
[ 9 ] Bug #1400875 – CVE-2016-5223 chromium-browser: integer overflow in pdfium
https://bugzilla.redhat.com/show_bug.cgi?id=1400875
[ 10 ] Bug #1400873 – CVE-2016-9650 chromium-browser: csp referrer disclosure
https://bugzilla.redhat.com/show_bug.cgi?id=1400873
[ 11 ] Bug #1400872 – CVE-2016-5222 chromium-browser: address spoofing in omnibox
https://bugzilla.redhat.com/show_bug.cgi?id=1400872
[ 12 ] Bug #1400871 – CVE-2016-5220 chromium-browser: local file access in pdfium
https://bugzilla.redhat.com/show_bug.cgi?id=1400871
[ 13 ] Bug #1400870 – CVE-2016-5221 chromium-browser: integer overflow in angle
https://bugzilla.redhat.com/show_bug.cgi?id=1400870
[ 14 ] Bug #1400869 – CVE-2016-5219 chromium-browser: use after free in v8
https://bugzilla.redhat.com/show_bug.cgi?id=1400869
[ 15 ] Bug #1400868 – CVE-2016-5218 chromium-browser: address spoofing in omnibox
https://bugzilla.redhat.com/show_bug.cgi?id=1400868
[ 16 ] Bug #1400867 – CVE-2016-5217 chromium-browser: use of unvalidated data in pdfium
https://bugzilla.redhat.com/show_bug.cgi?id=1400867
[ 17 ] Bug #1400866 – CVE-2016-5215 chromium-browser: use after free in webaudio
https://bugzilla.redhat.com/show_bug.cgi?id=1400866
[ 18 ] Bug #1400865 – CVE-2016-5216 chromium-browser: use after free in pdfium
https://bugzilla.redhat.com/show_bug.cgi?id=1400865
[ 19 ] Bug #1400864 – CVE-2016-5214 chromium-browser: file download protection bypass
https://bugzilla.redhat.com/show_bug.cgi?id=1400864
[ 20 ] Bug #1400863 – CVE-2016-5213 chromium-browser: use after free in v8
https://bugzilla.redhat.com/show_bug.cgi?id=1400863
[ 21 ] Bug #1400862 – CVE-2016-5211 chromium-browser: use after free in pdfium
https://bugzilla.redhat.com/show_bug.cgi?id=1400862
[ 22 ] Bug #1400861 – CVE-2016-5212 chromium-browser: local file disclosure in devtools
https://bugzilla.redhat.com/show_bug.cgi?id=1400861
[ 23 ] Bug #1400859 – CVE-2016-5210 chromium-browser: out of bounds write in pdfium
https://bugzilla.redhat.com/show_bug.cgi?id=1400859
[ 24 ] Bug #1400857 – CVE-2016-5203 chromium-browser: use after free in pdfium
https://bugzilla.redhat.com/show_bug.cgi?id=1400857
[ 25 ] Bug #1400856 – CVE-2016-5209 chromium-browser: out of bounds write in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1400856
[ 26 ] Bug #1400855 – CVE-2016-5204 chromium-browser: universal xss in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1400855
[ 27 ] Bug #1400854 – CVE-2016-5205 chromium-browser: universal xss in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1400854
[ 28 ] Bug #1400853 – CVE-2016-5206 chromium-browser: same-origin bypass in pdfium
https://bugzilla.redhat.com/show_bug.cgi?id=1400853
[ 29 ] Bug #1400852 – CVE-2016-5207 chromium-browser: universal xss in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1400852
[ 30 ] Bug #1400851 – CVE-2016-5208 chromium-browser: universal xss in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1400851
[ 31 ] Bug #1400850 – CVE-2016-9651 chromium-browser: private property access in v8
https://bugzilla.redhat.com/show_bug.cgi?id=1400850
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade chromium’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2016-a815b7bf5d
2016-12-15 23:54:29.139054
——————————————————————————–

Name : chromium
Product : Fedora 25
Version : 55.0.2883.87
Release : 1.fc25
URL : http://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).

——————————————————————————–
Update Information:

Update to Chromium 55. Security fix for CVE-2016-5199, CVE-2016-5200,
CVE-2016-5201, CVE-2016-5202, CVE-2016-9651, CVE-2016-5208, CVE-2016-5207,
CVE-2016-5206, CVE-2016-5205, CVE-2016-5204, CVE-2016-5209, CVE-2016-5203,
CVE-2016-5210, CVE-2016-5212, CVE-2016-5211, CVE-2016-5213, CVE-2016-5214,
CVE-2016-5216, CVE-2016-5215, CVE-2016-5217, CVE-2016-5218, CVE-2016-5219,
CVE-2016-5221, CVE-2016-5220, CVE-2016-5222, CVE-2016-9650, CVE-2016-5223,
CVE-2016-5226, CVE-2016-5225, CVE-2016-5224, CVE-2016-9652
——————————————————————————–
References:

[ 1 ] Bug #1393734 – CVE-2016-5202 chromium-browser: various fixes from internal audits
https://bugzilla.redhat.com/show_bug.cgi?id=1393734
[ 2 ] Bug #1393733 – CVE-2016-5201 chromium-browser: info leak in extensions
https://bugzilla.redhat.com/show_bug.cgi?id=1393733
[ 3 ] Bug #1393732 – CVE-2016-5200 chromium-browser: out of bounds memory access in v8
https://bugzilla.redhat.com/show_bug.cgi?id=1393732
[ 4 ] Bug #1393731 – CVE-2016-5199 chromium-browser: heap corruption in ffmpeg
https://bugzilla.redhat.com/show_bug.cgi?id=1393731
[ 5 ] Bug #1400879 – CVE-2016-9652 chromium-browser: various fixes from internal audits
https://bugzilla.redhat.com/show_bug.cgi?id=1400879
[ 6 ] Bug #1400878 – CVE-2016-5224 chromium-browser: same-origin bypass in svg
https://bugzilla.redhat.com/show_bug.cgi?id=1400878
[ 7 ] Bug #1400877 – CVE-2016-5225 chromium-browser: csp bypass in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1400877
[ 8 ] Bug #1400876 – CVE-2016-5226 chromium-browser: limited xss in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1400876
[ 9 ] Bug #1400875 – CVE-2016-5223 chromium-browser: integer overflow in pdfium
https://bugzilla.redhat.com/show_bug.cgi?id=1400875
[ 10 ] Bug #1400873 – CVE-2016-9650 chromium-browser: csp referrer disclosure
https://bugzilla.redhat.com/show_bug.cgi?id=1400873
[ 11 ] Bug #1400872 – CVE-2016-5222 chromium-browser: address spoofing in omnibox
https://bugzilla.redhat.com/show_bug.cgi?id=1400872
[ 12 ] Bug #1400871 – CVE-2016-5220 chromium-browser: local file access in pdfium
https://bugzilla.redhat.com/show_bug.cgi?id=1400871
[ 13 ] Bug #1400870 – CVE-2016-5221 chromium-browser: integer overflow in angle
https://bugzilla.redhat.com/show_bug.cgi?id=1400870
[ 14 ] Bug #1400869 – CVE-2016-5219 chromium-browser: use after free in v8
https://bugzilla.redhat.com/show_bug.cgi?id=1400869
[ 15 ] Bug #1400868 – CVE-2016-5218 chromium-browser: address spoofing in omnibox
https://bugzilla.redhat.com/show_bug.cgi?id=1400868
[ 16 ] Bug #1400867 – CVE-2016-5217 chromium-browser: use of unvalidated data in pdfium
https://bugzilla.redhat.com/show_bug.cgi?id=1400867
[ 17 ] Bug #1400866 – CVE-2016-5215 chromium-browser: use after free in webaudio
https://bugzilla.redhat.com/show_bug.cgi?id=1400866
[ 18 ] Bug #1400865 – CVE-2016-5216 chromium-browser: use after free in pdfium
https://bugzilla.redhat.com/show_bug.cgi?id=1400865
[ 19 ] Bug #1400864 – CVE-2016-5214 chromium-browser: file download protection bypass
https://bugzilla.redhat.com/show_bug.cgi?id=1400864
[ 20 ] Bug #1400863 – CVE-2016-5213 chromium-browser: use after free in v8
https://bugzilla.redhat.com/show_bug.cgi?id=1400863
[ 21 ] Bug #1400862 – CVE-2016-5211 chromium-browser: use after free in pdfium
https://bugzilla.redhat.com/show_bug.cgi?id=1400862
[ 22 ] Bug #1400861 – CVE-2016-5212 chromium-browser: local file disclosure in devtools
https://bugzilla.redhat.com/show_bug.cgi?id=1400861
[ 23 ] Bug #1400859 – CVE-2016-5210 chromium-browser: out of bounds write in pdfium
https://bugzilla.redhat.com/show_bug.cgi?id=1400859
[ 24 ] Bug #1400857 – CVE-2016-5203 chromium-browser: use after free in pdfium
https://bugzilla.redhat.com/show_bug.cgi?id=1400857
[ 25 ] Bug #1400856 – CVE-2016-5209 chromium-browser: out of bounds write in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1400856
[ 26 ] Bug #1400855 – CVE-2016-5204 chromium-browser: universal xss in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1400855
[ 27 ] Bug #1400854 – CVE-2016-5205 chromium-browser: universal xss in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1400854
[ 28 ] Bug #1400853 – CVE-2016-5206 chromium-browser: same-origin bypass in pdfium
https://bugzilla.redhat.com/show_bug.cgi?id=1400853
[ 29 ] Bug #1400852 – CVE-2016-5207 chromium-browser: universal xss in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1400852
[ 30 ] Bug #1400851 – CVE-2016-5208 chromium-browser: universal xss in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1400851
[ 31 ] Bug #1400850 – CVE-2016-9651 chromium-browser: private property access in v8
https://bugzilla.redhat.com/show_bug.cgi?id=1400850
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade chromium’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Top
More in Preporuke
Sigurnosni nedostaci programskog paketa libupnp

Otkriveni su sigurnosni nedostaci u programskom paketu libupnp za operacijski sustav Debian. Otkriveni nedostaci potencijalnim napadačima omogućuju izvršavanje proizvoljnog programskog...

Close