chromium-browser - security update

Several vulnerabilities were discovered in the chromium web browser.

• CVE-2015-1251
  SkyLined discovered a use-after-free issue in speech
  recognition.
• CVE-2015-1252
  An out-of-bounds write issue was discovered that could be used to
  escape from the sandbox.
• CVE-2015-1253
  A cross-origin bypass issue was discovered in the DOM parser.
• CVE-2015-1254
  A cross-origin bypass issue was discovered in the DOM editing
  feature.
• CVE-2015-1255
  Khalil Zhani discovered a use-after-free issue in WebAudio.
• CVE-2015-1256
  Atte Kettunen discovered a use-after-free issue in the SVG
  implementation.
• CVE-2015-1257
  miaubiz discovered an overflow issue in the SVG implementation.
• CVE-2015-1258
  cloudfuzzer discovered an invalid size parameter used in the
  libvpx library.
• CVE-2015-1259
  Atte Kettunen discovered an uninitialized memory issue in the
  pdfium library.
• CVE-2015-1260
  Khalil Zhani discovered multiple use-after-free issues in chromium’s
  interface to the WebRTC library.
• CVE-2015-1261
  Juho Nurminen discovered a URL bar spoofing issue.
• CVE-2015-1262
  miaubiz discovered the use of an uninitialized class member in
  font handling.
• CVE-2015-1263
  Mike Ruddy discovered that downloading the spellcheck dictionary
  was not done over HTTPS.
• CVE-2015-1264
  K0r3Ph1L discovered a cross-site scripting issue that could be
  triggered by bookmarking a site.
• CVE-2015-1265
  The chrome 43 development team found and fixed various issues
  during internal auditing. Also multiple issues were fixed in
  the libv8 library, version 4.3.61.21.

For the stable distribution (jessie), these problems have been fixed in
version 43.0.2357.65-1~deb8u1.

For the testing distribution (stretch), these problems will be fixed soon.

For the unstable distribution (sid), these problems have been fixed in
version 43.0.2357.65-1.

We recommend that you upgrade your chromium-browser packages.