[gentoo-announce] [ GLSA 201603-09 ] Chromium: Multiple vulnerabilities

news · March 12, 2016

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Gentoo Linux Security Advisory GLSA 201603-09

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

https://security.gentoo.org/

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal

Title: Chromium: Multiple vulnerabilities

Date: March 12, 2016

Bugs: #555640, #559384, #561448, #563098, #565510, #567308,

#567870, #568396, #572542, #574416, #575434, #576354, #576858

ID: 201603-09

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis

========

Multiple vulnerabilities have been found in the Chromium web browser,

the worst of which allows remote attackers to execute arbitrary code.

Background

==========

Chromium is an open-source browser project that aims to build a safer,

faster, and more stable way for all users to experience the web.

Affected packages

=================

-------------------------------------------------------------------

Package / Vulnerable / Unaffected

-------------------------------------------------------------------

1 www-client/chromium < 49.0.2623.87 >= 49.0.2623.87

Description

===========

Multiple vulnerabilities have been discovered in the Chromium web

browser. Please review the CVE identifiers referenced below for

details.

Impact

======

A remote attacker could possibly execute arbitrary code with the

privileges of the process, cause a Denial of Service condition, obtain

sensitive information, or bypass security restrictions.

Workaround

==========

There is no known workaround at this time.

Resolution

==========

All Chromium users should upgrade to the latest version:

# emerge --sync

# emerge --ask --oneshot -v ">=www-client/chromium-49.0.2623.87"

References

==========

[ 1 ] CVE-2015-1270

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1270

[ 2 ] CVE-2015-1271

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1271

[ 3 ] CVE-2015-1272

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1272

[ 4 ] CVE-2015-1273

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1273

[ 5 ] CVE-2015-1274

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1274

[ 6 ] CVE-2015-1275

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1275

[ 7 ] CVE-2015-1276

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1276

[ 8 ] CVE-2015-1277

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1277

[ 9 ] CVE-2015-1278

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1278

[ 10 ] CVE-2015-1279

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1279

[ 11 ] CVE-2015-1280

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1280

[ 12 ] CVE-2015-1281

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1281

[ 13 ] CVE-2015-1282

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1282

[ 14 ] CVE-2015-1283

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1283

[ 15 ] CVE-2015-1284

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1284

[ 16 ] CVE-2015-1285

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1285

[ 17 ] CVE-2015-1286

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1286

[ 18 ] CVE-2015-1287

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1287

[ 19 ] CVE-2015-1288

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1288

[ 20 ] CVE-2015-1289

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1289

[ 21 ] CVE-2015-1291

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1291

[ 22 ] CVE-2015-1292

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1292

[ 23 ] CVE-2015-1293

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1293

[ 24 ] CVE-2015-1294

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1294

[ 25 ] CVE-2015-1295

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1295

[ 26 ] CVE-2015-1296

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1296

[ 27 ] CVE-2015-1297

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1297

[ 28 ] CVE-2015-1298

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1298

[ 29 ] CVE-2015-1299

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1299

[ 30 ] CVE-2015-1300

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1300

[ 31 ] CVE-2015-1302

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1302

[ 32 ] CVE-2015-1303

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1303

[ 33 ] CVE-2015-1304

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1304

[ 34 ] CVE-2015-6755

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6755

[ 35 ] CVE-2015-6756

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6756

[ 36 ] CVE-2015-6757

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6757

[ 37 ] CVE-2015-6758

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6758

[ 38 ] CVE-2015-6759

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6759

[ 39 ] CVE-2015-6760

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6760

[ 40 ] CVE-2015-6761

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6761

[ 41 ] CVE-2015-6762

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6762

[ 42 ] CVE-2015-6763

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6763

[ 43 ] CVE-2015-6764

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6764

[ 44 ] CVE-2015-6765

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6765

[ 45 ] CVE-2015-6766

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6766

[ 46 ] CVE-2015-6767

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6767

[ 47 ] CVE-2015-6768

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6768

[ 48 ] CVE-2015-6769

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6769

[ 49 ] CVE-2015-6770

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6770

[ 50 ] CVE-2015-6771

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6771

[ 51 ] CVE-2015-6772

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6772

[ 52 ] CVE-2015-6773

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6773

[ 53 ] CVE-2015-6774

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6774

[ 54 ] CVE-2015-6775

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6775

[ 55 ] CVE-2015-6776

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6776

[ 56 ] CVE-2015-6777

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6777

[ 57 ] CVE-2015-6778

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6778

[ 58 ] CVE-2015-6779

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6779

[ 59 ] CVE-2015-6780

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6780

[ 60 ] CVE-2015-6781

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6781

[ 61 ] CVE-2015-6782

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6782

[ 62 ] CVE-2015-6783

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6783

[ 63 ] CVE-2015-6784

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6784

[ 64 ] CVE-2015-6785

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6785

[ 65 ] CVE-2015-6786

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6786

[ 66 ] CVE-2015-6787

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6787

[ 67 ] CVE-2015-6788

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6788

[ 68 ] CVE-2015-6789

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6789

[ 69 ] CVE-2015-6790

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6790

[ 70 ] CVE-2015-6791

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6791

[ 71 ] CVE-2015-6792

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6792

[ 72 ] CVE-2015-8126

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8126

[ 73 ] CVE-2016-1612

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1612

[ 74 ] CVE-2016-1613

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1613

[ 75 ] CVE-2016-1614

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1614

[ 76 ] CVE-2016-1615

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1615

[ 77 ] CVE-2016-1616

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1616

[ 78 ] CVE-2016-1617

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1617

[ 79 ] CVE-2016-1618

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1618

[ 80 ] CVE-2016-1619

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1619

[ 81 ] CVE-2016-1620

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1620

[ 82 ] CVE-2016-1621

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1621

[ 83 ] CVE-2016-1622

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1622

[ 84 ] CVE-2016-1623

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1623

[ 85 ] CVE-2016-1624

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1624

[ 86 ] CVE-2016-1625

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1625

[ 87 ] CVE-2016-1626

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1626

[ 88 ] CVE-2016-1627

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1627

[ 89 ] CVE-2016-1628

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1628

[ 90 ] CVE-2016-1629

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1629

[ 91 ] CVE-2016-1630

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1630

[ 92 ] CVE-2016-1631

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1631

[ 93 ] CVE-2016-1632

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1632

[ 94 ] CVE-2016-1633

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1633

[ 95 ] CVE-2016-1634

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1634

[ 96 ] CVE-2016-1635

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1635

[ 97 ] CVE-2016-1636

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1636

[ 98 ] CVE-2016-1637

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1637

[ 99 ] CVE-2016-1638

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1638

[ 100 ] CVE-2016-1639

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1639

[ 101 ] CVE-2016-1640

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1640

[ 102 ] CVE-2016-1641

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1641

Availability

============

This GLSA and any updates to it are available for viewing at

the Gentoo Security Website:

https://security.gentoo.org/glsa/201603-09

Concerns?

=========

Security is a primary focus of Gentoo Linux and ensuring the

confidentiality and security of our users' machines is of utmost

importance to us. Any security concerns should be addressed to

security ( -at -) gentoo.org or alternatively, you may file a bug at

https://bugs.gentoo.org.

License

=======

belongs to its owner(s).

The contents of this document are licensed under the

Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5

Sign In

[gentoo-announce] [ GLSA 201603-09 ] Chromium: Multiple vulnerabilities

Recommended Posts

news 28

Share this post

Link to post

Please sign in to comment

Browse

Activity