Overview Details

File _patchinfo of Package patchinfo

<patchinfo incident="5400">
  <packager>tittiatcoke</packager>
  <issue tracker="cve" id="2016-1705"></issue>
  <issue tracker="cve" id="2016-1706"></issue>
  <issue tracker="cve" id="2016-1707"></issue>
  <issue tracker="cve" id="2016-1708"></issue>
  <issue tracker="cve" id="2016-1709"></issue>
  <issue tracker="cve" id="2016-1710"></issue>
  <issue tracker="cve" id="2016-1711"></issue>
  <issue tracker="cve" id="2016-5127"></issue>
  <issue tracker="cve" id="2016-5128"></issue>
  <issue tracker="cve" id="2016-5129"></issue>
  <issue tracker="cve" id="2016-5130"></issue>
  <issue tracker="cve" id="2016-5131"></issue>
  <issue tracker="cve" id="2016-5132"></issue>
  <issue tracker="cve" id="2016-5133"></issue>
  <issue tracker="cve" id="2016-5134"></issue>
  <issue tracker="cve" id="2016-5135"></issue>
  <issue tracker="cve" id="2016-5136"></issue>
  <issue tracker="cve" id="2016-5137"></issue>
  <issue tracker="bnc" id="989901">VUL-0: New Chromium release 52.0.2743.82 available that includes 48 security fixes</issue>
  <category>security</category>
  <rating>important</rating>
  <summary>Security update for Chromium</summary>
  <description>Chromium was updated to 52.0.2743.82 to fix the following security issues (boo#989901):

- CVE-2016-1706: Sandbox escape in PPAPI
- CVE-2016-1707: URL spoofing on iOS
- CVE-2016-1708: Use-after-free in Extensions
- CVE-2016-1709: Heap-buffer-overflow in sfntly
- CVE-2016-1710: Same-origin bypass in Blink
- CVE-2016-1711: Same-origin bypass in Blink
- CVE-2016-5127: Use-after-free in Blink
- CVE-2016-5128: Same-origin bypass in V8
- CVE-2016-5129: Memory corruption in V8
- CVE-2016-5130: URL spoofing
- CVE-2016-5131: Use-after-free in libxml
- CVE-2016-5132: Limited same-origin bypass in Service Workers
- CVE-2016-5133: Origin confusion in proxy authentication
- CVE-2016-5134: URL leakage via PAC script
- CVE-2016-5135: Content-Security-Policy bypass
- CVE-2016-5136: Use after free in extensions
- CVE-2016-5137: History sniffing with HSTS and CSP
- CVE-2016-1705: Various fixes from internal audits, fuzzing and other initiatives
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places