Twenty Year Anniversary

Gentoo Linux Security Advisory 201603-09

Gentoo Linux Security Advisory 201603-09
Posted Mar 14, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201603-9 - Multiple vulnerabilities have been found in the Chromium web browser, the worst of which allows remote attackers to execute arbitrary code. Versions less than 49.0.2623.87 are affected.

tags | advisory, remote, web, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2015-1270, CVE-2015-1271, CVE-2015-1272, CVE-2015-1273, CVE-2015-1274, CVE-2015-1275, CVE-2015-1276, CVE-2015-1277, CVE-2015-1278, CVE-2015-1279, CVE-2015-1280, CVE-2015-1281, CVE-2015-1282, CVE-2015-1283, CVE-2015-1284, CVE-2015-1285, CVE-2015-1286, CVE-2015-1287, CVE-2015-1288, CVE-2015-1289, CVE-2015-1291, CVE-2015-1292, CVE-2015-1293, CVE-2015-1294, CVE-2015-1295, CVE-2015-1296, CVE-2015-1297, CVE-2015-1298
MD5 | baf530ac8aaa1a2f7de2aa5a2ce04b05

Gentoo Linux Security Advisory 201603-09

Change Mirror Download
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201603-09
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Chromium: Multiple vulnerabilities
Date: March 12, 2016
Bugs: #555640, #559384, #561448, #563098, #565510, #567308,
#567870, #568396, #572542, #574416, #575434, #576354, #576858
ID: 201603-09

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities have been found in the Chromium web browser,
the worst of which allows remote attackers to execute arbitrary code.

Background
==========

Chromium is an open-source browser project that aims to build a safer,
faster, and more stable way for all users to experience the web.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-client/chromium < 49.0.2623.87 >= 49.0.2623.87

Description
===========

Multiple vulnerabilities have been discovered in the Chromium web
browser. Please review the CVE identifiers referenced below for
details.

Impact
======

A remote attacker could possibly execute arbitrary code with the
privileges of the process, cause a Denial of Service condition, obtain
sensitive information, or bypass security restrictions.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Chromium users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot -v ">=www-client/chromium-49.0.2623.87"

References
==========

[ 1 ] CVE-2015-1270
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1270
[ 2 ] CVE-2015-1271
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1271
[ 3 ] CVE-2015-1272
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1272
[ 4 ] CVE-2015-1273
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1273
[ 5 ] CVE-2015-1274
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1274
[ 6 ] CVE-2015-1275
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1275
[ 7 ] CVE-2015-1276
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1276
[ 8 ] CVE-2015-1277
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1277
[ 9 ] CVE-2015-1278
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1278
[ 10 ] CVE-2015-1279
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1279
[ 11 ] CVE-2015-1280
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1280
[ 12 ] CVE-2015-1281
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1281
[ 13 ] CVE-2015-1282
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1282
[ 14 ] CVE-2015-1283
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1283
[ 15 ] CVE-2015-1284
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1284
[ 16 ] CVE-2015-1285
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1285
[ 17 ] CVE-2015-1286
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1286
[ 18 ] CVE-2015-1287
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1287
[ 19 ] CVE-2015-1288
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1288
[ 20 ] CVE-2015-1289
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1289
[ 21 ] CVE-2015-1291
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1291
[ 22 ] CVE-2015-1292
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1292
[ 23 ] CVE-2015-1293
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1293
[ 24 ] CVE-2015-1294
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1294
[ 25 ] CVE-2015-1295
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1295
[ 26 ] CVE-2015-1296
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1296
[ 27 ] CVE-2015-1297
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1297
[ 28 ] CVE-2015-1298
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1298
[ 29 ] CVE-2015-1299
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1299
[ 30 ] CVE-2015-1300
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1300
[ 31 ] CVE-2015-1302
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1302
[ 32 ] CVE-2015-1303
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1303
[ 33 ] CVE-2015-1304
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1304
[ 34 ] CVE-2015-6755
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6755
[ 35 ] CVE-2015-6756
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6756
[ 36 ] CVE-2015-6757
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6757
[ 37 ] CVE-2015-6758
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6758
[ 38 ] CVE-2015-6759
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6759
[ 39 ] CVE-2015-6760
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6760
[ 40 ] CVE-2015-6761
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6761
[ 41 ] CVE-2015-6762
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6762
[ 42 ] CVE-2015-6763
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6763
[ 43 ] CVE-2015-6764
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6764
[ 44 ] CVE-2015-6765
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6765
[ 45 ] CVE-2015-6766
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6766
[ 46 ] CVE-2015-6767
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6767
[ 47 ] CVE-2015-6768
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6768
[ 48 ] CVE-2015-6769
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6769
[ 49 ] CVE-2015-6770
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6770
[ 50 ] CVE-2015-6771
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6771
[ 51 ] CVE-2015-6772
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6772
[ 52 ] CVE-2015-6773
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6773
[ 53 ] CVE-2015-6774
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6774
[ 54 ] CVE-2015-6775
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6775
[ 55 ] CVE-2015-6776
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6776
[ 56 ] CVE-2015-6777
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6777
[ 57 ] CVE-2015-6778
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6778
[ 58 ] CVE-2015-6779
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6779
[ 59 ] CVE-2015-6780
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6780
[ 60 ] CVE-2015-6781
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6781
[ 61 ] CVE-2015-6782
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6782
[ 62 ] CVE-2015-6783
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6783
[ 63 ] CVE-2015-6784
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6784
[ 64 ] CVE-2015-6785
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6785
[ 65 ] CVE-2015-6786
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6786
[ 66 ] CVE-2015-6787
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6787
[ 67 ] CVE-2015-6788
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6788
[ 68 ] CVE-2015-6789
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6789
[ 69 ] CVE-2015-6790
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6790
[ 70 ] CVE-2015-6791
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6791
[ 71 ] CVE-2015-6792
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6792
[ 72 ] CVE-2015-8126
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8126
[ 73 ] CVE-2016-1612
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1612
[ 74 ] CVE-2016-1613
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1613
[ 75 ] CVE-2016-1614
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1614
[ 76 ] CVE-2016-1615
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1615
[ 77 ] CVE-2016-1616
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1616
[ 78 ] CVE-2016-1617
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1617
[ 79 ] CVE-2016-1618
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1618
[ 80 ] CVE-2016-1619
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1619
[ 81 ] CVE-2016-1620
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1620
[ 82 ] CVE-2016-1621
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1621
[ 83 ] CVE-2016-1622
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1622
[ 84 ] CVE-2016-1623
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1623
[ 85 ] CVE-2016-1624
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1624
[ 86 ] CVE-2016-1625
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1625
[ 87 ] CVE-2016-1626
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1626
[ 88 ] CVE-2016-1627
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1627
[ 89 ] CVE-2016-1628
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1628
[ 90 ] CVE-2016-1629
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1629
[ 91 ] CVE-2016-1630
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1630
[ 92 ] CVE-2016-1631
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1631
[ 93 ] CVE-2016-1632
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1632
[ 94 ] CVE-2016-1633
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1633
[ 95 ] CVE-2016-1634
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1634
[ 96 ] CVE-2016-1635
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1635
[ 97 ] CVE-2016-1636
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1636
[ 98 ] CVE-2016-1637
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1637
[ 99 ] CVE-2016-1638
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1638
[ 100 ] CVE-2016-1639
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1639
[ 101 ] CVE-2016-1640
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1640
[ 102 ] CVE-2016-1641
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1641

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

https://security.gentoo.org/glsa/201603-09

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2016 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

August 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    19 Files
  • 2
    Aug 2nd
    17 Files
  • 3
    Aug 3rd
    16 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    1 Files
  • 6
    Aug 6th
    19 Files
  • 7
    Aug 7th
    15 Files
  • 8
    Aug 8th
    9 Files
  • 9
    Aug 9th
    7 Files
  • 10
    Aug 10th
    10 Files
  • 11
    Aug 11th
    1 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    14 Files
  • 14
    Aug 14th
    18 Files
  • 15
    Aug 15th
    38 Files
  • 16
    Aug 16th
    16 Files
  • 17
    Aug 17th
    22 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close