[SECURITY] [DSA 3507-1] chromium-browser security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3507-1 [email protected] https://www.debian.org/security/ Michael Gilbert March 05, 2016 https://www.debian.org/security/faq -...

CVE-2016-1630

The ContainerNode::parserRemoveChild function in WebKit/Source/core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 49.0.2623.75, mishandles widget updates, which makes it easier for remote attackers to bypass the Same Origin Policy via a crafted web site...

CVE-2016-1631

The PPBFlashMessageLoopImpl::InternalRun function in content/renderer/pepper/ppbflashmessageloopimpl.cc in the Pepper plugin in Google Chrome before 49.0.2623.75 mishandles nested message loops, which allows remote attackers to bypass the Same Origin Policy via a crafted web site...

Debian Security Advisory DSA 3507-1 (chromium-browser - security update)

Several vulnerabilities have been discovered in the chromium web browser. CVE-2015-8126 Joerg Bornemann discovered multiple buffer overflow issues in the libpng library. CVE-2016-1630 Mariusz Mlynski discovered a way to bypass the Same Origin Policy in Blink/Webkit. CVE-2016-1631 Mariusz Mlynski...

DSA-3507-1 chromium-browser - security update

Bulletin has no description...

UBUNTU-CVE-2016-1631

The PPBFlashMessageLoopImpl::InternalRun function in content/renderer/pepper/ppbflashmessageloopimpl.cc in the Pepper plugin in Google Chrome before 49.0.2623.75 mishandles nested message loops, which allows remote attackers to bypass the Same Origin Policy via a crafted web site...

UBUNTU-CVE-2016-1630

The ContainerNode::parserRemoveChild function in WebKit/Source/core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 49.0.2623.75, mishandles widget updates, which makes it easier for remote attackers to bypass the Same Origin Policy via a crafted web site...

Google Chrome < 49.0.2623.75 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 49.0.2623.75. It is, therefore, affected by multiple vulnerabilities as referenced in the 201603stable-channel-update advisory. - Multiple unspecified vulnerabilities in Google Chrome before 49.0.2623.75 allow attackers t...

Debian: Security Advisory (DSA-3507-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

chromium: multiple issues

CVE-2015-8126: Buffer overflow vulnerabilities in functions pnggetPLTE/pngsetPLTE, allowing remote attackers to cause DoS to application or have unspecified other impact. These functions failed to check for an out-of-range palette when reading or writing PNG files with a bitdepth less than 8...

Stable Channel Update

The Chrome team is delighted to announce the promotion of Chrome 49 to the stable channel for Windows, Mac and Linux. Chrome 49.0.2623.75 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new...

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 560011 High CVE-2016-1630: Same-origin bypass in Blink. 569496 High CVE-2016-1631: Same-origin bypass in Pepper Plugin. 549986 High CVE-2016-1632: Bad cast in Extensions. 572537 High CVE-2016-1633: Use-after-free in Blink. 559292 High CVE-2016-1634: Use-after-free ...

openSUSE: Security Advisory for Security (openSUSE-SU-2016:0525-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Google Chrome < 48.0.2564.116 Vulnerability

The version of Google Chrome installed on the remote Windows host is prior to 48.0.2564.116. It is, therefore, affected by a vulnerability as referenced in the 201602stable-channel-update18 advisory. - Google Chrome before 48.0.2564.116 allows remote attackers to bypass the Blink Same Origin Poli...

Google Chrome < 48.0.2564.116 Vulnerability

The version of Google Chrome installed on the remote macOS host is prior to 48.0.2564.116. It is, therefore, affected by a vulnerability as referenced in the 201602stable-channel-update18 advisory. - Google Chrome before 48.0.2564.116 allows remote attackers to bypass the Blink Same Origin Policy...

Ubuntu: Security Advisory (USN-2905-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS : Oxide vulnerability (USN-2905-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2905-1 advisory. A security issue was discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypas...

USN-2905-1: Oxide vulnerability

A security issue was discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions or a sandbox protection mechanism. CVE-2016-1629...

USN-2905-1 oxide-qt vulnerability

A security issue was discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions or a sandbox protection mechanism. CVE-2016-1629...

chromium-browser: same-origin bypass in Blink and Sandbox escape in Chrome

Google Chrome before 48.0.2564.116 allows remote attackers to bypass the Blink Same Origin Policy and a sandbox protection mechanism via unspecified vectors...