[ubuntu/xenial-security] chromium-browser 50.0.2661.102-0ubuntu0.16.04.1.1237 (Accepted)

Chris Coulson chrisccoulson at ubuntu.com
Wed May 18 17:45:58 UTC 2016


chromium-browser (50.0.2661.102-0ubuntu0.16.04.1.1237) xenial-security; urgency=medium

  * Upstream release 50.0.2661.102:
    - CVE-2016-1667: Same origin bypass in DOM.
    - CVE-2016-1668: Same origin bypass in Blink V8 bindings.
    - CVE-2016-1669: Buffer overflow in V8.
    - CVE-2016-1670: Race condition in loader.
    - CVE-2016-1671: Directory traversal using the file scheme on Android.
  * Upstream release 50.0.2661.94:
    - CVE-2016-1660: Out-of-bounds write in Blink.
    - CVE-2016-1661: Memory corruption in cross-process frames.
    - CVE-2016-1662: Use-after-free in extensions.
    - CVE-2016-1663: Use-after-free in Blink’s V8 bindings.
    - CVE-2016-1664: Address bar spoofing.
    - CVE-2016-1665: Information leak in V8.
    - CVE-2016-1666: Various fixes from internal audits, fuzzing and other
      initiatives.
  * Upstream release 50.0.2661.75:
    - CVE-2016-1652: Universal XSS in extension bindings.
    - CVE-2016-1653: Out-of-bounds write in V8.
    - CVE-2016-1651: Out-of-bounds read in Pdfium JPEG2000 decoding.
    - CVE-2016-1654: Uninitialized memory read in media.
    - CVE-2016-1655: Use-after-free related to extensions.
    - CVE-2016-1656: Android downloaded file path restriction bypass.
    - CVE-2016-1657: Address bar spoofing.
    - CVE-2016-1658: Potential leak of sensitive information to malicious
      extensions.
    - CVE-2015-1659: Various fixes from internal audits, fuzzing and other
      initiatives.
  * debian/patches/seccomp-allow-set-robust-list: pass through syscall
    set_robust_list. glibc nptl thread creation uses it.
  * debian/rules: use new libsecret way of contacting keyring.
  * debian/patches/blink-platform-export-class: avoid Trusty bug where
    WebKit Platform class vtable not found at link time.
  * debian/apport/chromium-browser.py: Handle case when crash and no
    chromium directory exists. Still report errors in apport.

Date: 2016-05-13 16:03:13.104391+00:00
Changed-By: Chad Miller <chad.miller at canonical.com>
Signed-By: Chris Coulson <chrisccoulson at ubuntu.com>
https://launchpad.net/ubuntu/+source/chromium-browser/50.0.2661.102-0ubuntu0.16.04.1.1237
-------------- next part --------------
Sorry, changesfile not available.


More information about the Xenial-changes mailing list