Bug 18291

Summary: chromium-browser-stable new security issues fixed in 50.0.2661.94
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: critical    
Priority: Normal CC: cjw, sysadmin-bugs, wrw105
Version: 5Keywords: validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
URL: http://lwn.net/Vulnerabilities/685867/
Whiteboard: advisory MGA5-32-OK mga5-64-ok
Source RPM: chromium-browser-stable-50.0.2661.75-1.mga5.src.rpm CVE:
Status comment:

Description David Walser 2016-04-29 02:16:07 CEST 
Upstream has released version 50.0.2661.94 on April 28:
http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html

This fixes several new security issues.

This is the current version in the stable channel:
http://googlechromereleases.blogspot.com/search/label/Stable%20updates

There was also a bugfix release since our last update:
http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_20.html
Comment 1 Christiaan Welvaart 2016-04-29 10:07:17 CEST 
Updated packages are available for testing:

MGA5
SRPM:
chromium-browser-stable-50.0.2661.94-1.mga5.src.rpm
RPMS:
chromium-browser-stable-50.0.2661.94-1.mga5.i586.rpm
chromium-browser-50.0.2661.94-1.mga5.i586.rpm
chromium-browser-stable-50.0.2661.94-1.mga5.x86_64.rpm
chromium-browser-50.0.2661.94-1.mga5.x86_64.rpm



Proposed advisory:



Chromium-browser-stable 50.0.2661.94 fixes several security issues: an out-of-bounds write problem in Blink (CVE-2016-1660), memory corruption in cross-process frames (CVE-2016-1661), use-after-free bugs in extensions (CVE-2016-1662) and in Blink's V8 bindings (CVE-2016-1663), an address bar spoofing vulnerability (CVE-2016-1664), an information leak in V8 (CVE-2016-1665), and various fixes from upstream's internal audits, fuzzing, and other initiatives (CVE-2015-1666).


References:
http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html
http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_20.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1660
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1661
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1662
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1663
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1664
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1665
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1666

CC: (none) => cjw
Assignee: cjw => qa-bugs

Comment 2 David Walser 2016-04-29 11:28:37 CEST 
Working fine on Mageia 5 i586.

Whiteboard: (none) => MGA5-32-OK

Comment 3 Bill Wilkinson 2016-04-29 15:49:14 CEST 
Tested mga5-64

general browsing, jetstream for javascript, youtube video, acid3, all OK.

Validating.

Ready for push when advisory uploaded to SVN.

Whiteboard: MGA5-32-OK => MGA5-32-OK mga5-64-ok
Keywords: (none) => validated_update
CC: (none) => wrw105, sysadmin-bugs

Comment 4 claire robinson 2016-04-29 16:57:19 CEST 
Advisory uploaded.

Whiteboard: MGA5-32-OK mga5-64-ok => advisory MGA5-32-OK mga5-64-ok

Comment 5 Mageia Robot 2016-04-29 19:22:27 CEST 
An update for this issue has been pushed to the Mageia Updates repository.

http://advisories.mageia.org/MGASA-2016-0160.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED

David Walser 2016-05-04 19:47:58 CEST

URL: (none) => http://lwn.net/Vulnerabilities/685867/