Updated chromium-browser-stable packages fix security vulnerability
Publication date: 09 Aug 2016Modification date: 09 Aug 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-5139 , CVE-2016-5140 , CVE-2016-5141 , CVE-2016-5142 , CVE-2016-5143 , CVE-2016-5144 , CVE-2016-5145 , CVE-2016-5146
Description
Chromium-browser-stable 52.0.2743.116 fixes security issues: two heap overflow issues in pdfium (CVE-2016-5139 and CVE-2016-5140); an address bar spoofing problem (CVE-2016-5141); a use-after-free bug (CVE-2016-5142) and a same origin bypass problem (CVE-2016-5145) in blink; two parameter sanitization failures in DevTools (CVE-2016-5143 and CVE-2016-5144); and various fixes from upstream's internal audits, fuzzing, and other initiatives (CVE-2016-5146).
References
- https://bugs.mageia.org/show_bug.cgi?id=19134
- http://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5139
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5140
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5141
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5142
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5143
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5144
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5145
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5146
SRPMS
5/core
- chromium-browser-stable-52.0.2743.116-1.mga5