Security update for Chromium (important)

ID SUSE-SU-2016:1060-1
Type suse
Reporter Suse
Modified 2016-04-17T13:07:56


Chromium was updated to 50.0.2661.75 to fix the following vulnerabilities:

  • CVE-2016-1651: Out-of-bounds read in Pdfium JPEG2000 decoding
  • CVE-2016-1652: Universal XSS in extension bindings
  • CVE-2016-1653: Out-of-bounds write in V8
  • CVE-2016-1654: Uninitialized memory read in media
  • CVE-2016-1655: Use-after-free related to extensions
  • CVE-2016-1656: Android downloaded file path restriction bypass
  • CVE-2016-1657: Address bar spoofing
  • CVE-2016-1658: Potential leak of sensitive information to malicious extensions
  • CVE-2016-1659: Various fixes from internal audits, fuzzing and other initiatives