SUSE CVE-2013-6666

The PepperFlashRendererHost::OnNavigate function in renderer/pepper/pepperflashrendererhost.cc in Google Chrome before 33.0.1750.146 does not verify that all headers are Cross-Origin Resource Sharing CORS simple headers before proceeding with a PPBFlash.Navigate operation, which might allow remot...

Chrome Universal XSS via the interception of |Binding| with Object.prototype.create (CVE-2016-1674)

VULNERABILITY DETAILS The fix for the issue 590118 is insufficient to protect against the bindings interception. While they can't be accessed by triggering accessors on the |modules| object anymore, it's still possible to trap the set operation for |Binding. create| using the Object. prototype...

Chrome Universal XSS using a flaw in the load deferral logic

VULNERABILITY DETAILS This is a regression from https://crrev.com/f92a1f3b9 . Previously, ResourceLoader::start bailed out if ResourceLoader::mdefersLoading was true. Now, it calls setDefersLoading on the associated WebURLLoader instead: void ResourceLoader::startResourceRequest& request...

Chrome Universal XSS using widget updates in ContainerNode::parserRemoveChild (CVE-2016-1630)

VULNERABILITY DETAILS There are 3 methods where ContainerNode::removeBetween is invoked: 1. ContainerNode::removeChild 2. ContainerNode::parserRemoveChild 3. ContainerNode::removeChildren The calls in 1 and 3 are within the scope of HTMLFrameOwnerElement::UpdateSuspendScope, but 2 is unprotected...

Chrome Universal XSS using a FrameNavigationDisabler bypass (CVE-2016-1673)

VULNERABILITY DETAILS When a top-level navigation is triggered on a frame displaying the initial empty document, FrameLoader::load is invoked directly: void LocalFrame::navigateDocument& originDocument, const KURL& url, bool replaceCurrentItem, UserGestureStatus userGestureStatus ... if isMainFra...

Chrome Universal XSS using late widget updates (CVE-2017-5006)

VULNERABILITY DETAILS Among the things that Document::shutdown does, |view-dispose| is called: From /thirdparty/WebKit/Source/core/frame/FrameView.cpp: void FrameView::dispose ... // FIXME: Do we need to do something here for OOPI? HTMLFrameOwnerElement ownerElement = mframe-deprecatedLocalOwner;...

openSUSE: Security Advisory for Chromium (openSUSE-SU-2015:1287-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : Chromium (openSUSE-2015-513)

Chromium was updated to 44.0.2403.89 to fix multiple security issues. The following vulnerabilities were fixed : - CVE-2015-1271: Heap-buffer-overflow in pdfium - CVE-2015-1273: Heap-buffer-overflow in pdfium - CVE-2015-1274: Settings allowed executable files to run immediately after download -...

Security update for Chromium (important)

Chromium was updated to 44.0.2403.89 to fix multiple security issues. The following vulnerabilities were fixed: CVE-2015-1271: Heap-buffer-overflow in pdfium CVE-2015-1273: Heap-buffer-overflow in pdfium CVE-2015-1274: Settings allowed executable files to run immediately after download...

Debian DSA-2883-1 : chromium-browser - security update

Several vulnerabilities have been discovered in the chromium web browser. - CVE-2013-6653 Khalil Zhani discovered a use-after-free issue in chromium's web contents color chooser. - CVE-2013-6654 TheShow3511 discovered an issue in SVG handling. - CVE-2013-6655 cloudfuzzer discovered a use-after-fr...

Debian Security Advisory DSA 2883-1 (chromium-browser - security update)

Several vulnerabilities have been discovered in the chromium web browser. CVE-2013-6653 Khalil Zhani discovered a use-after-free issue in chromium's web contents color chooser. CVE-2013-6654 TheShow3511 discovered an issue in SVG handling. CVE-2013-6655 cloudfuzzer discovered a use-after-free iss...

Stable Channel Update for Chrome OS

The Stable channel has been updated to 27.0.1453.116 Platform version: 3912.101.0 for all Chrome OS devices. This build contains a number of stability fixes and security improvements. Machines will be receiving updates over then next several days. Release Highlights: Pepper Flash updated to...

Chrome OS Stable Channel Update

The Stable channel has been updated to 26.0.1410.57 Platform version: 3701.81.0 for all Chrome OS devices. This build contains a number of bug fixes and security improvements. Machines will be receiving updates over the next several days. Release highlights: Pepper Flash updated to 11.6.602.180...

Stable Channel Update

The Stable channel has been updated to 21.0.1180.89 for Linux, Mac, Windows and Chrome Frame This build fixes the following issues: Several Pepper Flash fixes Issue 140577, 144107, 140498, 142479. Microphone issues with tinychat.com Issue: 143192 devtools regression with "save as" of edited sourc...

Stable Channel Update for Chromebooks

The Google Chrome team is happy to announce the release of Chrome 17 on the Stable Channel for Chromebooks Acer AC700, Samsung Series 5, and Cr-48. You can read more about the Chrome version 17.0.963.54 Platform version: 1412.186.0 Release highlights: Read about improvements to Chrome over on the...