Overview Details

File _patchinfo of Package patchinfo

<patchinfo incident="5460">
  <packager>AndreasStieger</packager>
  <issue tracker="cve" id="2016-5139"></issue>
  <issue tracker="cve" id="2016-5140"></issue>
  <issue tracker="cve" id="2016-5141"></issue>
  <issue tracker="cve" id="2016-5142"></issue>
  <issue tracker="cve" id="2016-5143"></issue>
  <issue tracker="cve" id="2016-5144"></issue>
  <issue tracker="cve" id="2016-5145"></issue>
  <issue tracker="cve" id="2016-5146"></issue>
  <issue tracker="bnc" id="992305">VUL-0: chromium: 52.0.2743.116 security release</issue>
  <issue tracker="bnc" id="992309">VUL-0: CVE-2016-5146: chromium: various fixes from internal audits</issue>
  <issue tracker="bnc" id="992310">VUL-0: CVE-2016-5140: chromium: Heap overflow in pdfium</issue>
  <issue tracker="bnc" id="992311">VUL-0: CVE-2016-5139: chromium: Heap overflow in pdfium</issue>
  <issue tracker="bnc" id="992313">VUL-0: CVE-2016-5142: chromium: Use-after-free in Blink</issue>
  <issue tracker="bnc" id="992314">VUL-0: CVE-2016-5141: chromium: Address bar spoofing</issue>
  <issue tracker="bnc" id="992315">VUL-0: CVE-2016-5144: chromium: Parameter sanitization failure in DevTools</issue>
  <issue tracker="bnc" id="992319">VUL-0: CVE-2016-5143: chromium: Parameter sanitization failure in DevTools</issue>
  <issue tracker="bnc" id="992320">VUL-0: CVE-2016-5145: chromium: Same origin bypass for images in Blink</issue>
  <category>security</category>
  <rating>important</rating>
  <summary>Security update for Chromium</summary>
  <description>Chromium was updated to 52.0.2743.116 to fix the following security issues: (boo#992305)

- CVE-2016-5141: Address bar spoofing (boo#992314)
- CVE-2016-5142: Use-after-free in Blink (boo#992313)
- CVE-2016-5139: Heap overflow in pdfium (boo#992311)
- CVE-2016-5140: Heap overflow in pdfium (boo#992310)
- CVE-2016-5145: Same origin bypass for images in Blink (boo#992320)
- CVE-2016-5143: Parameter sanitization failure in DevTools (boo#992319)
- CVE-2016-5144: Parameter sanitization failure in DevTools (boo#992315)
- CVE-2016-5146: Various fixes from internal audits, fuzzing and other initiatives (boo#992309)</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places