——————————————————————————–
Fedora Update Notification
FEDORA-2016-012de4c97e
2016-11-18 23:41:23.964828
——————————————————————————–
Name : chromium
Product : Fedora 23
Version : 54.0.2840.90
Release : 3.fc23
URL : http://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).
——————————————————————————–
Update Information:
Security fix for CVE-2016-5181, CVE-2016-5182, CVE-2016-5183, CVE-2016-5184,
CVE-2016-5185, CVE-2016-5187, CVE-2016-5188, CVE-2016-5192, CVE-2016-5189,
CVE-2016-5186, CVE-2016-5191, CVE-2016-5190, CVE-2016-5193, CVE-2016-5194
Security fix for CVE-2016-5198 Update to new stable, 54.0.2840.90.
——————————————————————————–
References:
[ 1 ] Bug #1384365 – CVE-2016-5194 chromium-browser: various fixes from internal audits
https://bugzilla.redhat.com/show_bug.cgi?id=1384365
[ 2 ] Bug #1384364 – CVE-2016-5193 chromium-browser: scheme bypass
https://bugzilla.redhat.com/show_bug.cgi?id=1384364
[ 3 ] Bug #1384362 – CVE-2016-5190 chromium-browser: use after free in internals
https://bugzilla.redhat.com/show_bug.cgi?id=1384362
[ 4 ] Bug #1384361 – CVE-2016-5191 chromium-browser: universal xss in bookmarks
https://bugzilla.redhat.com/show_bug.cgi?id=1384361
[ 5 ] Bug #1384360 – CVE-2016-5186 chromium-browser: out of bounds read in devtools
https://bugzilla.redhat.com/show_bug.cgi?id=1384360
[ 6 ] Bug #1384358 – CVE-2016-5189 chromium-browser: url spoofing
https://bugzilla.redhat.com/show_bug.cgi?id=1384358
[ 7 ] Bug #1384357 – CVE-2016-5192 chromium-browser: cross-origin bypass in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1384357
[ 8 ] Bug #1384355 – CVE-2016-5188 chromium-browser: ui spoofing
https://bugzilla.redhat.com/show_bug.cgi?id=1384355
[ 9 ] Bug #1384354 – CVE-2016-5187 chromium-browser: url spoofing
https://bugzilla.redhat.com/show_bug.cgi?id=1384354
[ 10 ] Bug #1384352 – CVE-2016-5185 chromium-browser: use after free in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1384352
[ 11 ] Bug #1384350 – CVE-2016-5184 chromium-browser: use after free in pdfium
https://bugzilla.redhat.com/show_bug.cgi?id=1384350
[ 12 ] Bug #1384349 – CVE-2016-5183 chromium-browser: use after free in pdfium
https://bugzilla.redhat.com/show_bug.cgi?id=1384349
[ 13 ] Bug #1384348 – CVE-2016-5182 chromium-browser: heap overflow in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1384348
[ 14 ] Bug #1384347 – CVE-2016-5181 chromium-browser: universal xss in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1384347
[ 15 ] Bug #1391356 – CVE-2016-5198 chromium-browser: out of bounds memory access in v8
https://bugzilla.redhat.com/show_bug.cgi?id=1391356
——————————————————————————–
This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade chromium’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org