[arch-security] [ASA-201507-18] chromium: multiple issues
Arch Linux Security Advisory ASA-201507-18 ========================================== Severity: High Date : 2015-07-23 CVE-ID : CVE-2015-1270 CVE-2015-1271 CVE-2015-1272 CVE-2015-1273 CVE-2015-1274 CVE-2015-1276 CVE-2015-1277 CVE-2015-1278 CVE-2015-1279 CVE-2015-1280 CVE-2015-1281 CVE-2015-1282 CVE-2015-1283 CVE-2015-1284 CVE-2015-1285 CVE-2015-1286 CVE-2015-1287 CVE-2015-1288 CVE-2015-1289 Package : chromium Type : multiple issues Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package chromium before version 44.0.2403.89-1 is vulnerable to multiple issues including but not limited to denial of service, CSP and SOP bypass and spell-checking dictionaries hijack. Resolution ========== Upgrade to 44.0.2403.89-1. # pacman -Syu "chromium>=44.0.2403.89-1" The problem has been fixed upstream in version 44.0.2403.89. Workaround ========== None. Description =========== - CVE-2015-1270: Uninitialized memory read in ICU. - CVE-2015-1271: Heap overflow in pdfium. - CVE-2015-1272, CVE-2015-1273, CVE-2015-1279: Use-after-free related to unexpected GPU process termination. - CVE-2015-1274: Settings allowed executable files to run immediately after download. - CVE-2015-1276 : Use-after-free in IndexedDB. - CVE-2015-1277: Use-after-free in accessibility. - CVE-2015-1278: URL spoofing using pdf files. - CVE-2015-1280: Memory corruption in skia. - CVE-2015-1281: CSP bypass. - CVE-2015-1282: Use-after-free in pdfium. - CVE-2015-1283: Heap-buffer-overflow in expat. - CVE-2015-1284: Use-after-free in blink. - CVE-2015-1285: Information leak in XSS auditor. - CVE-2015-1286: UXSS in blink. - CVE-2015-1287: SOP bypass with CSS. - CVE-2015-1288: Spell checking dictionaries fetched over HTTP. - CVE-2015-1289: Various fixes from internal audits, fuzzing and other initiatives. Impact ====== A remote attacker can bypass the Same-Origin Policy or the Content Security Policy of a website, hijack spell-checking dictionaries, cause a denial of service or have other unspecified impact. References ========== http://googlechromereleases.blogspot.fr/2015/07/stable-channel-update_21.htm... https://access.redhat.com/security/cve/CVE-2015-1270 https://access.redhat.com/security/cve/CVE-2015-1271 https://access.redhat.com/security/cve/CVE-2015-1272 https://access.redhat.com/security/cve/CVE-2015-1273 https://access.redhat.com/security/cve/CVE-2015-1274 https://access.redhat.com/security/cve/CVE-2015-1276 https://access.redhat.com/security/cve/CVE-2015-1277 https://access.redhat.com/security/cve/CVE-2015-1278 https://access.redhat.com/security/cve/CVE-2015-1279 https://access.redhat.com/security/cve/CVE-2015-1280 https://access.redhat.com/security/cve/CVE-2015-1281 https://access.redhat.com/security/cve/CVE-2015-1282 https://access.redhat.com/security/cve/CVE-2015-1283 https://access.redhat.com/security/cve/CVE-2015-1284 https://access.redhat.com/security/cve/CVE-2015-1285 https://access.redhat.com/security/cve/CVE-2015-1286 https://access.redhat.com/security/cve/CVE-2015-1287 https://access.redhat.com/security/cve/CVE-2015-1288 https://access.redhat.com/security/cve/CVE-2015-1289
participants (1)
-
Remi Gacogne