DSA-3456-1 chromium-browser -- chromium-browserID: oval:org.secpod.oval:def:602350 | Date: (C)2016-02-01 (M)2023-11-13 |
Class: PATCH | Family: unix |
Several vulnerabilities were discovered in the chromium web browser. CVE-2015-6792 An issue was found in the handling of MIDI files. CVE-2016-1612 cloudfuzzer discovered a logic error related to receiver compatibility in the v8 javascript library. CVE-2016-1613 A use-after-free issue was discovered in the pdfium library. CVE-2016-1614 Christoph Diehl discovered an information leak in Webkit/Blink. CVE-2016-1615 Ron Masas discovered a way to spoof URLs. CVE-2016-1616 Luan Herrera discovered a way to spoof URLs. CVE-2016-1617 jenuis discovered a way to discover whether an HSTS web site had been visited. CVE-2016-1618 Aaron Toponce discovered the use of weak random number generator. CVE-2016-1619 Keve Nagy discovered an out-of-bounds-read issue in the pdfium library. CVE-2016-1620 The chrome 48 development team found and fixed various issues during internal auditing. Also multiple issues were fixed in the v8 javascript library, version 4.7.271.17.