Debian DSA-3594-1 : chromium-browser - security update

Medium Nessus Plugin ID 91473

Synopsis

The remote Debian host is missing a security-related update.

Description

Several vulnerabilities have been discovered in the chromium web browser.

- CVE-2016-1696 A cross-origin bypass was found in the bindings to extensions.

- CVE-2016-1697 Mariusz Mlynski discovered a cross-origin bypass in Blink/Webkit.

- CVE-2016-1698 Rob Wu discovered an information leak.

- CVE-2016-1699 Gregory Panakkal discovered an issue in the Developer Tools feature.

- CVE-2016-1700 Rob Wu discovered a use-after-free issue in extensions.

- CVE-2016-1701 Rob Wu discovered a use-after-free issue in the autofill feature.

- CVE-2016-1702 cloudfuzzer discovered an out-of-bounds read issue in the skia library.

Solution

Upgrade the chromium-browser packages.

For the stable distribution (jessie), these problems have been fixed in version 51.0.2704.79-1~deb8u1.

Debian DSA-3594-1 : chromium-browser - security update

Synopsis

Description

Solution

See Also

Plugin Details

Risk Information

CVSS v2.0

CVSS v3.0

Vulnerability Information

Reference Information