Security update for Chromium (important)

2016-01-26T18:13:18
ID OPENSUSE-SU-2016:0250-1
Type suse
Reporter Suse
Modified 2016-01-26T18:13:18

Description

Chromium was updated to 48.0.2564.82 to fix security issues and bugs.

The following vulnerabilities were fixed:

  • CVE-2016-1612: Bad cast in V8 (boo#963184)
  • CVE-2016-1613: Use-after-free in PDFium (boo#963185)
  • CVE-2016-1614: Information leak in Blink (boo#963186)
  • CVE-2016-1615: Origin confusion in Omnibox (boo#963187)
  • CVE-2016-1616: URL Spoofing (boo#963188)
  • CVE-2016-1617: History sniffing with HSTS and CSP (boo#963189)
  • CVE-2016-1618: Weak random number generator in Blink (boo#963190)
  • CVE-2016-1619: Out-of-bounds read in PDFium (boo#963191)
  • CVE-2016-1620 chromium-browser: various fixes (boo#963192)

This update also enables SSE2 support on x86_64, VA-API hardware acceleration and fixes a crash when trying to enable the Chromecast extension.