Advisories ยป MGASA-2015-0265

Updated chromium-browser package fixes security vulnerability

Publication date: 05 Jul 2015
Modification date: 09 Jul 2015
Type: security
Affected Mageia releases : 4 , 5
CVE: CVE-2015-1266 , CVE-2015-1267 , CVE-2015-1268 , CVE-2015-1269

Description

A scheme validation error in WebUI (CVE-2015-1266).

Two cross-origin bypass issues in Blink (CVE-2015-1267, CVE-2015-1268).

A normalization error in the HSTS/HPKP preload list (CVE-2015-1269).

This update also disables the automatic, silent downloading and
installation of "external components" like the hotword extension.
                

References

SRPMS

5/core

4/core