Upstream has released version 46.0.2490.86 on November 10: http://googlechromereleases.blogspot.com/2015/11/stable-channel-update.html This fixes one new security issue. This is the current version in the stable channel: http://googlechromereleases.blogspot.com/search/label/Stable%20updates Reproducible: Steps to Reproduce:
Updated packages uploaded for Mageia 5 and Cauldron. Advisory: ======================== Updated chromium-browser-stable packages fix security vulnerabilities: The PDF viewer in Google Chrome before 46.0.2490.86 does not properly restrict scripting messages and API exposure, which allows remote attackers to bypass the Same Origin Policy via an unintended embedder or unintended plugin loading, related to pdf.js and out_of_process_instance.cc (CVE-2015-1302). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1302 http://googlechromereleases.blogspot.com/2015/11/stable-channel-update.html ======================== Updated packages in core/updates_testing: ======================== chromium-browser-46.0.2490.86-1.mga5 chromium-browser-stable-46.0.2490.86-1.mga5 from chromium-browser-stable-46.0.2490.86-1.mga5.src.rpm
Assignee: cjw => qa-bugs
MGA-32 on Acer D620 Xfce No installation issues. Typed in www.standaard.be (belgian newspaper) and just got a black window, even chromium's own settings page drew a blank. Closed Chromium and started it over again, and then all is normal. I wonder if anyone else got this behavior as well?
CC: (none) => herman.viaene
In VirtualBox, M5, KDE, 32-bit Package(s) under test: chromium-browser default install of chromium-browser [root@localhost wilcal]# urpmi chromium-browser Package chromium-browser-46.0.2490.80-1.mga5.i586 is already installed http://www.webstandards.org/files/acid2/test.html#top http://acid3.acidtests.org/ https://www.youtube.com/ http://www.cnn.com/videos http://www.amazon.com/ http://picasaweb.google.com/lh/explore# http://www.standaard.be all display properly install chromium-browser from updates_testing [root@localhost wilcal]# urpmi chromium-browser Package chromium-browser-46.0.2490.86-1.mga5.i586 is already installed http://www.webstandards.org/files/acid2/test.html#top http://acid3.acidtests.org/ https://www.youtube.com/ http://www.cnn.com/videos http://www.amazon.com/ http://picasaweb.google.com/lh/explore# http://www.standaard.be all display properly
CC: (none) => wilcal.int
In VirtualBox, M5, KDE, 64-bit Package(s) under test: chromium-browser default install of chromium-browser [root@localhost wilcal]# urpmi chromium-browser Package chromium-browser-46.0.2490.80-1.mga5.x86_64 is already installed http://www.webstandards.org/files/acid2/test.html#top http://acid3.acidtests.org/ https://www.youtube.com/ http://www.cnn.com/videos http://www.amazon.com/ http://picasaweb.google.com/lh/explore# http://www.standaard.be all display properly install chromium-browser from updates_testing [root@localhost wilcal]# urpmi chromium-browser Package chromium-browser-46.0.2490.86-1.mga5.x86_64 is already installed http://www.webstandards.org/files/acid2/test.html#top http://acid3.acidtests.org/ https://www.youtube.com/ http://www.cnn.com/videos http://www.amazon.com/ http://picasaweb.google.com/lh/explore# http://www.standaard.be all display properly
URL: (none) => http://lwn.net/Vulnerabilities/664368/
Adding OK from William's tests, tested OK for me on Mageia 5 i586 also.
Whiteboard: (none) => MGA5-32-OK MGA5-64-OK
This is good to go. Testing complete for MGA5, 32-bit & 64-bit Validating the update. Could someone from the sysadmin team push to updates. Thanks
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
Advisory uploaded.
Whiteboard: MGA5-32-OK MGA5-64-OK => has_procedure advisory MGA5-32-OK MGA5-64-OK
An update for this issue has been pushed to Mageia Updates repository. http://advisories.mageia.org/MGASA-2015-0448.html
Status: NEW => RESOLVEDResolution: (none) => FIXED