openSUSE Security Update : Chromium (openSUSE-2016-505)
Critical Nessus Plugin ID 90702
SynopsisThe remote openSUSE host is missing a security update.
DescriptionChromium was updated to 50.0.2661.75 to fix the following vulnerabilities :
- CVE-2016-1651: Out-of-bounds read in Pdfium JPEG2000 decoding
- CVE-2016-1652: Universal XSS in extension bindings
- CVE-2016-1653: Out-of-bounds write in V8
- CVE-2016-1654: Uninitialized memory read in media
- CVE-2016-1655: Use-after-free related to extensions
- CVE-2016-1656: Android downloaded file path restriction bypass
- CVE-2016-1657: Address bar spoofing
- CVE-2016-1658: Potential leak of sensitive information to malicious extensions
- CVE-2016-1659: Various fixes from internal audits, fuzzing and other initiatives
SolutionUpdate the affected Chromium packages.