FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

chromium -- multiple vulnerabilities

Affected packages
chromium < 49.0.2623.75
chromium-npapi < 49.0.2623.75
chromium-pulse < 49.0.2623.75

Details

VuXML ID f85fa236-e2a6-412e-b5c7-c42120892de5
Discovery 2016-03-02
Entry 2016-03-05

Google Chrome Releases reports:

[560011] High CVE-2016-1630: Same-origin bypass in Blink.

[569496] High CVE-2016-1631: Same-origin bypass in Pepper Plugin.

[549986] High CVE-2016-1632: Bad cast in Extensions.

[572537] High CVE-2016-1633: Use-after-free in Blink.

[559292] High CVE-2016-1634: Use-after-free in Blink.

[585268] High CVE-2016-1635: Use-after-free in Blink.

[584155] High CVE-2016-1636: SRI Validation Bypass.

[555544] Medium CVE-2016-1637: Information Leak in Skia.

[585282] Medium CVE-2016-1638: WebAPI Bypass.

[572224] Medium CVE-2016-1639: Use-after-free in WebRTC.

[550047] Medium CVE-2016-1640: Origin confusion in Extensions UI.

[583718] Medium CVE-2016-1641: Use-after-free in Favicon.

[591402] CVE-2016-1642: Various fixes from internal audits, fuzzing and other initiatives.

Multiple vulnerabilities in V8 fixed.

References

CVE Name CVE-2016-1630
CVE Name CVE-2016-1631
CVE Name CVE-2016-1632
CVE Name CVE-2016-1633
CVE Name CVE-2016-1634
CVE Name CVE-2016-1635
CVE Name CVE-2016-1636
CVE Name CVE-2016-1637
CVE Name CVE-2016-1638
CVE Name CVE-2016-1639
CVE Name CVE-2016-1640
CVE Name CVE-2016-1641
CVE Name CVE-2016-1642
URL http://googlechromereleases.blogspot.de/2016/03/stable-channel-update.html