logo
DATABASE RESOURCES PRICING ABOUT US

Debian DSA-3267-1 : chromium-browser - security update

Description

Several vulnerabilities were discovered in the chromium web browser. - CVE-2015-1251 SkyLined discovered a use-after-free issue in speech recognition. - CVE-2015-1252 An out-of-bounds write issue was discovered that could be used to escape from the sandbox. - CVE-2015-1253 A cross-origin bypass issue was discovered in the DOM parser. - CVE-2015-1254 A cross-origin bypass issue was discovered in the DOM editing feature. - CVE-2015-1255 Khalil Zhani discovered a use-after-free issue in WebAudio. - CVE-2015-1256 Atte Kettunen discovered a use-after-free issue in the SVG implementation. - CVE-2015-1257 miaubiz discovered an overflow issue in the SVG implementation. - CVE-2015-1258 cloudfuzzer discovered an invalid size parameter used in the libvpx library. - CVE-2015-1259 Atte Kettunen discovered an uninitialized memory issue in the pdfium library. - CVE-2015-1260 Khalil Zhani discovered multiple use-after-free issues in chromium's interface to the WebRTC library. - CVE-2015-1261 Juho Nurminen discovered a URL bar spoofing issue. - CVE-2015-1262 miaubiz discovered the use of an uninitialized class member in font handling. - CVE-2015-1263 Mike Ruddy discovered that downloading the spellcheck dictionary was not done over HTTPS. - CVE-2015-1264 K0r3Ph1L discovered a cross-site scripting issue that could be triggered by bookmarking a site. - CVE-2015-1265 The chrome 43 development team found and fixed various issues during internal auditing. Also multiple issues were fixed in the libv8 library, version 4.3.61.21.


Related