Re: [SECURITY] [DSA 3645-1] chromium-browser security update

Tue, 09 Aug 2016 10:55:42 -0700 

unsubscribe

On Mon, Aug 8, 2016 at 7:05 PM, Michael Gilbert <[email protected]> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> - ------------------------------------------------------------
> -------------
> Debian Security Advisory DSA-3645-1                   [email protected]
> https://www.debian.org/security/                          Michael Gilbert
> August 09, 2016                       https://www.debian.org/security/faq
> - ------------------------------------------------------------
> -------------
>
> Package        : chromium-browser
> CVE ID         : CVE-2016-5139 CVE-2016-5140 CVE-2016-5141 CVE-2016-5142
>                  CVE-2016-5143 CVE-2016-5144
>
> Several vulnerabilites have been discovered in the chromium web browser.
>
> CVE-2016-5139
>
>     GiWan Go discovered a use-after-free issue in the pdfium library.
>
> CVE-2016-5140
>
>     Ke Liu discovered a use-after-free issue in the pdfium library.
>
> CVE-2016-5141
>
>     Sergey Glazunov discovered a URL spoofing issue.
>
> CVE-2016-5142
>
>     Sergey Glazunov discovered a use-after-free issue.
>
> CVE-2016-5143
>
>     Gregory Panakkal discovered an issue in the developer tools.
>
> CVE-2016-5144
>
>     Gregory Panakkal discovered another issue in the developer tools.
>
> CVE-2016-5146
>
>     The chrome development team found and fixed various issues during
>     internal auditing.
>
> For the stable distribution (jessie), these problems have been fixed in
> version 52.0.2743.116-1~deb8u1.
>
> For the testing distribution (stretch), these problems will be fixed soon.
>
> For the unstable distribution (sid), these problems have been fixed in
> version 52.0.2743.116-1.
>
> We recommend that you upgrade your chromium-browser packages.
>
> Further information about Debian Security Advisories, how to apply
> these updates to your system and frequently asked questions can be
> found at: https://www.debian.org/security/
>
> Mailing list: [email protected]
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1
>
> iQQcBAEBCgAGBQJXqSxLAAoJELjWss0C1vRzZAMf/RlCz2hHRmB+2Ohkws4NYE1b
> Vfmfwk/CC4huOIURfkGsxa0ybUOKL3/477xpZwBnpngDe3fxMaKpBM8Z2/MGbk10
> r93KFtW+1ULgeN64FJPRsROkcmcQS1q+W+PXMmVUIt61FiThzg7RG6klNu5IKTU6
> s9RgFGuXiD6gY4SuBw2jq/RHI2KxXSW61WmRMyr8GHpRevds+Y4EU3xOwce75CNc
> XEIes0fU4FuI/tZrzI8NEwcvGF1Q2GyV6iMeOINXHcZd0et+IW0f0dWY6V/V46U5
> Q34wVmBLFVUHj50zQCA6QulhvJO83exspskXHk3IPPUZdW9ruImhQ3OqWW6vhTlT
> DJ3Gzv6TwEhsR3c+Nw4r1UtOCiD5TlCKiOmqf5CWeG7bYPaBGPCVaIxTQF7Qznpt
> amRpUyUCry63+/jzyqRnVDM3YoR4E4wgvYWkFgnBOrm/Yhr68FL7Bbb4iIGFuaXV
> KXpEDizxG0HxN/P68c1TsGQnO6rOck2LYZDh93c+RmS6j+Lx/m/1L8QUSnV9hPsW
> mc/Mch09BgDEouU1HyHt/XupSoPc3ByuPY8PwqotH6c72r8zgALNR4eUK9K5bWM7
> pFBquQT4AKkyqczGzkBxHOkR4fvgtRr9jzwNzgAz4SaAKw4/ApoybEza3LtERds5
> 41QjIx40Jq3Q7pmPcjpIQZ+Fmpir8e/8PptnZfuZVKC6VeO1qwBRrzstuDAO4uB3
> pU56M3+L3yobHWb52XYZY3s1sukILKOvCazbDwl0Qcgpwq8a6Gzq1B/N5+rD+9MS
> ipLxw6y6c2LL+0l6p/q9rl8BesQkF5EHdienW6p6VhkRhnT9RbKNtRDiYlD5i4G3
> 2k1oUkMCF7zfF+ft6bg/+E4pN4mYYm9T8RXklV47av8xIoXxz5z327kpKX4TZGqq
> 2f8EpbsvAVk8tO7JT0g/fCoR23KV28rDo8CdWIboa6WnaxqC3qEo382MmQsGtx1m
> uQE3mDFJp9w1m7Bye3VYDIv+HA20mX7rXSxH8DeabRmk1OYZU9cIRWANW0ozsv5p
> vJUdnCK5nk7gsE1Lpm3ERpu4UOcQBKM0XIKQ6GirmmBZBCDuglCdaKb6ox1vdqoF
> DjbusiZvfC7sZDYKtLNvJR9fKHrQZf2WZlFYfBPmthjLzIEH/ZCmzVUEigSeFQUA
> i8w4jBkCjxBLDNaUBX56o0B+jGAXywF2K5wnqjG7i8OBRC8LypRWyAA3s5z81V/G
> thoYOQqk3RQO03w+f9OECmCQ+BGC4iRdvOvdqn5r5XZsUEpTI+cvelRr6S2RWLCx
> zpUwPPRbr2ATf/XulSuYnQPGHt5haLcYeU+rKvSibOg6PJRNwDaGiZT934KoXRA=
> =d+e+
> -----END PGP SIGNATURE-----
>
>

Reply via email to