[SECURITY] [DSA 3376-1] chromium-browser security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3376-1 [email protected] https://www.debian.org/security/ Michael Gilbert October 20, 2015 https://www.debian.org/security/faq -...

Debian DSA-3376-1 : chromium-browser - security update

Several vulnerabilities have been discovered in the chromium web browser. - CVE-2015-1303 Mariusz Mlynski discovered a way to bypass the Same Origin Policy in the DOM implementation. - CVE-2015-1304 Mariusz Mlynski discovered a way to bypass the Same Origin Policy in the v8 JavaScript library. -...

DSA-3376-1 chromium-browser - security update

Bulletin has no description...

CVE-2015-6757

Use-after-free vulnerability in content/browser/serviceworker/embeddedworkerinstance.cc in the ServiceWorker implementation in Google Chrome before 46.0.2490.71 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging object destruction in a...

Design/Logic Flaw

Use-after-free vulnerability in content/browser/serviceworker/embeddedworkerinstance.cc in the ServiceWorker implementation in Google Chrome before 46.0.2490.71 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging object destruction in a...

CVE-2015-6757

Use-after-free vulnerability in content/browser/serviceworker/embeddedworkerinstance.cc in the ServiceWorker implementation in Google Chrome before 46.0.2490.71 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging object destruction in a...

CVE-2015-6757

CVE-2015-6757 is a use-after-free vulnerability in Chrome’s ServiceWorker implementation (content/browser/service_worker/embedded_worker_instance.cc) that affects Chrome before 46.0.2490.71. The issue could allow a remote attacker to cause a denial of service or potentially other impact by manipu...

CVE-2015-6757

Removed by vendor...

CVE-2015-6757

Use-after-free vulnerability in content/browser/serviceworker/embeddedworkerinstance.cc in the ServiceWorker implementation in Google Chrome before 46.0.2490.71 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging object destruction in a...

chromium: multiple issues

CVE-2015-6755 cross-origin bypass: Cross-origin bypass in Blink. Credit to Mariusz Mlynski. - CVE-2015-6756 use-after-free: Use-after-free in PDFium. - CVE-2015-6757 use-after-free: Use-after-free in ServiceWorker. Credit to Collin Payne. - CVE-2015-6758: Bad-cast in PDFium. Credit to Atte...

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 24 security fixes in this release, including: 519558 High CVE-2015-6755: Cross-origin bypass in Blink. Credit to Mariusz Mlynski. 507316 High CVE-2015-6756: Use-after-free in PDFium. Credit to anonymous. 529520 High CVE-2015-6757: Use-after-free in ServiceWorker...

openSUSE Security Update : Chromium (openSUSE-2015-595)

Chromium was updated to the 45.0.2454.85 of the stable channel to fix multiple security issues. The following vulnerabilities were fixed : - CVE-2015-1291: Cross-origin bypass in DOM - CVE-2015-1292: Cross-origin bypass in ServiceWorker - CVE-2015-1293: Cross-origin bypass in DOM - CVE-2015-1294:...

[SECURITY] [DSA 3351-1] chromium-browser security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3351-1 [email protected] https://www.debian.org/security/ Michael Gilbert September 03, 2015 https://www.debian.org/security/faq -...

Debian Security Advisory DSA 3351-1 (chromium-browser - security update)

Several vulnerabilities have been discovered in the chromium web browser. CVE-2015-1291 A cross-origin bypass issue was discovered in DOM. CVE-2015-1292 Mariusz Mlynski discovered a cross-origin bypass issue in ServiceWorker. CVE-2015-1293 Mariusz Mlynski discovered a cross-origin bypass issue in...

chromium: multiple issues

CVE-2015-1291, CVE-2015-1293: Cross-origin bypass in DOM. - CVE-2015-1292: Cross-origin bypass in ServiceWorker. - CVE-2015-1294: Use-after-free in Skia. - CVE-2015-1295: Use-after-free in Printing. - CVE-2015-1296: Character spoofing in omnibox. - CVE-2015-1297: Permission scoping error in...

CVE-2015-1222

Multiple use-after-free vulnerabilities in the ServiceWorkerScriptCacheMap implementation in content/browser/serviceworker/serviceworkerscriptcachemap.cc in Google Chrome before 41.0.2272.76 allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors...

Updated chromium-browser-stable packages fix security vulnerabilities

Updated chromium-browser packages fix security vulnerabilities: Use-after-free vulnerability in the VisibleSelection::nonBoundaryShadowTreeRootNode function in core/editing/VisibleSelection.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.111 allows remote attacke...

MGASA-2015-0062 Updated chromium-browser-stable packages fix security vulnerabilities

Updated chromium-browser packages fix security vulnerabilities: Use-after-free vulnerability in the VisibleSelection::nonBoundaryShadowTreeRootNode function in core/editing/VisibleSelection.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.111 allows remote attacke...

Ubuntu 14.04 LTS : Oxide vulnerabilities (USN-2495-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2495-1 advisory. A use-after-free bug was discovered in the DOM implementation in Blink. If a user were tricked in to opening a specially crafted website, an attacker cou...

Ubuntu: Security Advisory (USN-2495-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...