Arch Linux Security Advisory ASA-201605-7 ========================================= Severity: High Date : 2016-05-05 CVE-ID : CVE-2016-1660 CVE-2016-1661 CVE-2016-1662 CVE-2016-1663 CVE-2016-1664 CVE-2016-1665 CVE-2016-1666 Package : chromium Type : multiple issues Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package chromium before version 50.0.2661.94-1 is vulnerable to multiple issues leading to denial of service, information leakage or arbitrary code execution. Resolution ========== Upgrade to 50.0.2661.94-1. # pacman -Syu "chromium>=50.0.2661.94-1" The problems have been fixed upstream in version 50.0.2661.94. Workaround ========== None. Description =========== - CVE-2016-1660: Out-of-bounds write in Blink. Credit to Atte Kettunen of OUSPG. - CVE-2016-1661: Memory corruption in cross-process frames. Credit to Wadih Matar. - CVE-2016-1662: Use-after-free in extensions. Credit to Rob Wu. - CVE-2016-1663: Use-after-free in Blink's V8 bindings. Credit to anonymous. - CVE-2016-1664: Address bar spoofing. Credit to Wadih Matar. - CVE-2016-1665: Information leak in V8. Credit to HyungSeok Han. - CVE-2016-1666: Various fixes from internal audits, fuzzing and other initiatives. Impact ====== A remote attacker can cause a denial of service, access sensitive information or possibly execute arbitrary code on the affected host. References ========== http://googlechromereleases.blogspot.fr/2016/04/stable-channel-update_28.htm... https://access.redhat.com/security/cve/CVE-2016-1660 https://access.redhat.com/security/cve/CVE-2016-1661 https://access.redhat.com/security/cve/CVE-2016-1662 https://access.redhat.com/security/cve/CVE-2016-1663 https://access.redhat.com/security/cve/CVE-2016-1664 https://access.redhat.com/security/cve/CVE-2016-1665 https://access.redhat.com/security/cve/CVE-2016-1666