chromium -- multiple vulnerabilities

ID A9350DF8-5157-11E5-B5C1-E8E0B747A45A
Type freebsd
Reporter FreeBSD
Modified 2015-09-01T00:00:00


Google Chrome Releases reports:

29 security fixes in this release, including:

[516377] High CVE-2015-1291: Cross-origin bypass in DOM. Credit to anonymous. [522791] High CVE-2015-1292: Cross-origin bypass in ServiceWorker. Credit to Mariusz Mlynski. [524074] High CVE-2015-1293: Cross-origin bypass in DOM. Credit to Mariusz Mlynski. [492263] High CVE-2015-1294: Use-after-free in Skia. Credit to cloudfuzzer. [502562] High CVE-2015-1295: Use-after-free in Printing. Credit to anonymous. [421332] High CVE-2015-1296: Character spoofing in omnibox. Credit to zcorpan. [510802] Medium CVE-2015-1297: Permission scoping error in Webrequest. Credit to Alexander Kashev. [518827] Medium CVE-2015-1298: URL validation error in extensions. Credit to Rob Wu. [416362] Medium CVE-2015-1299: Use-after-free in Blink. Credit to [511616] Medium CVE-2015-1300: Information leak in Blink. Credit to cgvwzq. [526825] CVE-2015-1301: Various fixes from internal audits, fuzzing and other initiatives.