Security update for Chromium (important)

2016-03-08T11:12:27
ID OPENSUSE-SU-2016:0684-1
Type suse
Reporter Suse
Modified 2016-03-08T11:12:27

Description

Chromium was updated to 49.0.2623.75 to fix the following security issues: (boo#969333)

  • CVE-2016-1630: Same-origin bypass in Blink
  • CVE-2016-1631: Same-origin bypass in Pepper Plugin
  • CVE-2016-1632: Bad cast in Extensions
  • CVE-2016-1633: Use-after-free in Blink
  • CVE-2016-1634: Use-after-free in Blink
  • CVE-2016-1635: Use-after-free in Blink
  • CVE-2016-1636: SRI Validation Bypass
  • CVE-2015-8126: Out-of-bounds access in libpng
  • CVE-2016-1637: Information Leak in Skia
  • CVE-2016-1638: WebAPI Bypass
  • CVE-2016-1639: Use-after-free in WebRTC
  • CVE-2016-1640: Origin confusion in Extensions UI
  • CVE-2016-1641: Use-after-free in Favicon
  • CVE-2016-1642: Various fixes from internal audits, fuzzing and other initiatives
  • Multiple vulnerabilities in V8 fixed at the tip of the 4.9 branch (currently 4.9.385.26)