On 2016-08-04 Google released Chrome 52.0.2743.116 which fixes at least 8 security issues: CVE-2016-5141, CVE-2016-5142, CVE-2016-5139, CVE-2016-5140, CVE-2016-5145, CVE-2016-5143 and CVE-2016-5144.
Additionally, this update :
Splits libmedia and libffmpeg into the libs-media subpackage, so that it can be replaced by non-Fedora repos to provide additional codecs.
Enables gtk3 support
Adds additional ICU Text codec aliases (from openSUSE via Russian Fedora)
Uses PIE in the Linux sandbox (from openSUSE via Russian Fedora)
Enables ARM CPU detection for webrtc (from archlinux via Russian Fedora)
Does not force -m32 in icu compile on ARM (from archlinux via Russian Fedora)
Enables fpic on linux
Enables hidpi
Enables touch_ui
Adds chromedriver subpackage (from Russian Fedora)
Sets default master_preferences location to /etc/chromium (and includes master_preferences file)
Creates PepperFlash directory where plugin needs to live if user has it
Improves translations in chromium-browser.desktop (from Russian Fedora)
Improves translation in Appinfo xml file (thanks to Richard Hughes)
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory FEDORA-2016-e9798eaaa3.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(92962);
script_version("2.7");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");
script_cve_id("CVE-2016-5139", "CVE-2016-5140", "CVE-2016-5141", "CVE-2016-5142", "CVE-2016-5143", "CVE-2016-5144", "CVE-2016-5145");
script_xref(name:"FEDORA", value:"2016-e9798eaaa3");
script_name(english:"Fedora 24 : chromium (2016-e9798eaaa3)");
script_summary(english:"Checks rpm output for the updated package.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Fedora host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"On 2016-08-04 Google released Chrome 52.0.2743.116 which fixes at
least 8 security issues: CVE-2016-5141, CVE-2016-5142, CVE-2016-5139,
CVE-2016-5140, CVE-2016-5145, CVE-2016-5143 and CVE-2016-5144.
Additionally, this update :
- Splits libmedia and libffmpeg into the libs-media
subpackage, so that it can be replaced by non-Fedora
repos to provide additional codecs.
- Enables gtk3 support
- Adds additional ICU Text codec aliases (from openSUSE
via Russian Fedora)
- Uses PIE in the Linux sandbox (from openSUSE via Russian
Fedora)
- Enables ARM CPU detection for webrtc (from archlinux via
Russian Fedora)
- Does not force -m32 in icu compile on ARM (from
archlinux via Russian Fedora)
- Enables fpic on linux
- Enables hidpi
- Enables touch_ui
- Adds chromedriver subpackage (from Russian Fedora)
- Sets default master_preferences location to
/etc/chromium (and includes master_preferences file)
- Creates PepperFlash directory where plugin needs to live
if user has it
- Improves translations in chromium-browser.desktop (from
Russian Fedora)
- Improves translation in Appinfo xml file (thanks to
Richard Hughes)
Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as
possible without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://bodhi.fedoraproject.org/updates/FEDORA-2016-e9798eaaa3"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected chromium package."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:chromium");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:24");
script_set_attribute(attribute:"vuln_publication_date", value:"2016/08/07");
script_set_attribute(attribute:"patch_publication_date", value:"2016/08/12");
script_set_attribute(attribute:"plugin_publication_date", value:"2016/08/15");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Fedora Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! preg(pattern:"^24([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 24", "Fedora " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
flag = 0;
if (rpm_check(release:"FC24", reference:"chromium-52.0.2743.116-1.fc24")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "chromium");
}
Vendor | Product | Version |
---|---|---|
fedoraproject | fedora | chromium |
fedoraproject | fedora | 24 |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5139
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5140
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5141
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5142
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5143
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5144
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5145
bodhi.fedoraproject.org/updates/FEDORA-2016-e9798eaaa3