[arch-security] [ASA-201509-1] chromium: multiple issues
Remi Gacogne
rgacogne at archlinux.org
Wed Sep 2 14:02:47 UTC 2015
Arch Linux Security Advisory ASA-201509-1
=========================================
Severity: High
Date : 2015-09-02
CVE-ID : CVE-2015-1291 CVE-2015-1292 CVE-2015-1293 CVE-2015-1294
CVE-2015-1295 CVE-2015-1296 CVE-2015-1297 CVE-2015-1298 CVE-2015-1299
CVE-2015-1300 CVE-2015-1301
Package : chromium
Type : multiple issues
Remote : Yes
Link : https://wiki.archlinux.org/index.php/CVE
Summary
=======
The package chromium before version 45.0.2454.85-1 is vulnerable to
multiple issues including cross-origin bypass, use-after-free, character
spoofing and information leak.
Resolution
==========
Upgrade to 45.0.2454.85-1.
# pacman -Syu "chromium>=45.0.2454.85-1"
The problem has been fixed upstream in version 45.0.2454.85.
Workaround
==========
None.
Description
===========
- CVE-2015-1291, CVE-2015-1293:
Cross-origin bypass in DOM.
- CVE-2015-1292:
Cross-origin bypass in ServiceWorker.
- CVE-2015-1294:
Use-after-free in Skia.
- CVE-2015-1295:
Use-after-free in Printing.
- CVE-2015-1296:
Character spoofing in omnibox.
- CVE-2015-1297:
Permission scoping error in WebRequest.
- CVE-2015-1298:
URL validation error in extensions.
- CVE-2015-1299:
Use-after-free in Blink.
- CVE-2015-1300:
Information leak in Blink.
- CVE-2015-1301:
Various fixes from internal audits, fuzzing and other initiatives.
Impact
======
A remote attacker can bypass the Same-Origin Policy of a website, spoof
character in omnibox to trick the user, leak information, cause a denial
of service or have other unspecified impact.
References
==========
http://googlechromereleases.blogspot.fr/2015/09/stable-channel-update.html
https://access.redhat.com/security/cve/CVE-2015-1291
https://access.redhat.com/security/cve/CVE-2015-1292
https://access.redhat.com/security/cve/CVE-2015-1293
https://access.redhat.com/security/cve/CVE-2015-1294
https://access.redhat.com/security/cve/CVE-2015-1295
https://access.redhat.com/security/cve/CVE-2015-1296
https://access.redhat.com/security/cve/CVE-2015-1297
https://access.redhat.com/security/cve/CVE-2015-1298
https://access.redhat.com/security/cve/CVE-2015-1299
https://access.redhat.com/security/cve/CVE-2015-1300
https://access.redhat.com/security/cve/CVE-2015-1301
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-security/attachments/20150902/a6115075/attachment.asc>
More information about the arch-security
mailing list