Arch Linux Security Advisory ASA-201602-17 ========================================== Severity: Critical Date : 2016-02-21 CVE-ID : CVE-2016-1629 Package : chromium Type : multiple issues Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package chromium before version 48.0.2564.116-1 is vulnerable to multiple issues. Resolution ========== Upgrade to 48.0.2564.116-1. # pacman -Syu "chromium>=48.0.2564.116-1" The problem has been fixed upstream in version 48.0.2564.116. Workaround ========== None. Description =========== Same-origin bypass in Blink and Sandbox escape in Chrome. Impact ====== A remote attacker might be able to execute arbitrary code by getting the affected user to visit a specially crafted web page. References ========== http://googlechromereleases.blogspot.fr/2016/02/stable-channel-update_18.htm... https://access.redhat.com/security/cve/CVE-2016-1629