openSUSE-SU-2016:1868-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2016:1868-1.json
JSON Data
https://api.osv.dev/v1/vulns/openSUSE-SU-2016:1868-1
Related
Published
2016-07-25T09:41:24Z
Modified
2016-07-25T09:41:24Z
Summary
Security update for Chromium
Details

Chromium was updated to 52.0.2743.82 to fix the following security issues (boo#989901):

  • CVE-2016-1706: Sandbox escape in PPAPI
  • CVE-2016-1707: URL spoofing on iOS
  • CVE-2016-1708: Use-after-free in Extensions
  • CVE-2016-1709: Heap-buffer-overflow in sfntly
  • CVE-2016-1710: Same-origin bypass in Blink
  • CVE-2016-1711: Same-origin bypass in Blink
  • CVE-2016-5127: Use-after-free in Blink
  • CVE-2016-5128: Same-origin bypass in V8
  • CVE-2016-5129: Memory corruption in V8
  • CVE-2016-5130: URL spoofing
  • CVE-2016-5131: Use-after-free in libxml
  • CVE-2016-5132: Limited same-origin bypass in Service Workers
  • CVE-2016-5133: Origin confusion in proxy authentication
  • CVE-2016-5134: URL leakage via PAC script
  • CVE-2016-5135: Content-Security-Policy bypass
  • CVE-2016-5136: Use after free in extensions
  • CVE-2016-5137: History sniffing with HSTS and CSP
  • CVE-2016-1705: Various fixes from internal audits, fuzzing and other initiatives
References

Affected packages

SUSE:Package Hub 12 / chromium

Package

Name
chromium
Purl
purl:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2012

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
52.0.2743.82-89.1

Ecosystem specific 

{
    "binaries": [
        {
            "chromium-desktop-gnome": "52.0.2743.82-89.1",
            "chromedriver": "52.0.2743.82-89.1",
            "chromium": "52.0.2743.82-89.1",
            "chromium-desktop-kde": "52.0.2743.82-89.1",
            "chromium-ffmpegsumo": "52.0.2743.82-89.1"
        }
    ]
}