Advisories ยป MGASA-2015-0448

Updated chromium-browser-stable packages fix security vulnerabilities

Publication date: 16 Nov 2015
Type: security
Affected Mageia releases : 5
CVE: CVE-2015-1302

Description

Updated chromium-browser-stable packages fix security vulnerabilities:

The PDF viewer in Google Chrome before 46.0.2490.86 does not properly restrict
scripting messages and API exposure, which allows remote attackers to bypass
the Same Origin Policy via an unintended embedder or unintended plugin loading,
related to pdf.js and out_of_process_instance.cc (CVE-2015-1302).
                

References

SRPMS

5/core