RHSA-2016:1854 - Security Advisory

Topic

An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Chromium is an open-source web browser, powered by WebKit (Blink).

This update upgrades Chromium to version 53.0.2785.89.

Security Fix(es):

• Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim. (CVE-2016-5147, CVE-2016-5148, CVE-2016-5149, CVE-2016-5150, CVE-2016-5151, CVE-2016-5152, CVE-2016-5153, CVE-2016-5154, CVE-2016-5155, CVE-2016-5156, CVE-2016-5157, CVE-2016-5158, CVE-2016-5159, CVE-2016-5167, CVE-2016-5161, CVE-2016-5162, CVE-2016-5163, CVE-2016-5164, CVE-2016-5165, CVE-2016-5166, CVE-2016-5160)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the update, Chromium must be restarted for the changes to take effect.

Affected Products

• Red Hat Enterprise Linux Server 6 x86_64
• Red Hat Enterprise Linux Server 6 i386
• Red Hat Enterprise Linux Workstation 6 x86_64
• Red Hat Enterprise Linux Workstation 6 i386
• Red Hat Enterprise Linux Desktop 6 x86_64
• Red Hat Enterprise Linux Desktop 6 i386

Fixes

• BZ - 1372207 - CVE-2016-5147 chromium-browser: universal xss in blink
• BZ - 1372208 - CVE-2016-5148 chromium-browser: universal xss in blink
• BZ - 1372209 - CVE-2016-5149 chromium-browser: script injection in extensions
• BZ - 1372210 - CVE-2016-5150 chromium-browser: use after free in blink
• BZ - 1372212 - CVE-2016-5151 chromium-browser: use after free in pdfium
• BZ - 1372213 - CVE-2016-5152 chromium-browser: heap overflow in pdfium
• BZ - 1372214 - CVE-2016-5153 chromium-browser: use after destruction in blink
• BZ - 1372215 - CVE-2016-5154 chromium-browser: heap overflow in pdfium
• BZ - 1372216 - CVE-2016-5155 chromium-browser: address bar spoofing
• BZ - 1372217 - CVE-2016-5156 chromium-browser: use after free in event bindings
• BZ - 1372218 - CVE-2016-5157 chromium-browser: heap overflow in pdfium
• BZ - 1372219 - CVE-2016-5158 chromium-browser: heap overflow in pdfium
• BZ - 1372220 - CVE-2016-5159 chromium-browser: heap overflow in pdfium
• BZ - 1372221 - CVE-2016-5161 chromium-browser: type confusion in blink
• BZ - 1372222 - CVE-2016-5162 chromium-browser: extensions web accessible resources bypass
• BZ - 1372223 - CVE-2016-5163 chromium-browser: address bar spoofing
• BZ - 1372224 - CVE-2016-5164 chromium-browser: universal xss using devtools
• BZ - 1372225 - CVE-2016-5165 chromium-browser: script injection in devtools
• BZ - 1372227 - CVE-2016-5166 chromium-browser: smb relay attack via save page as
• BZ - 1372228 - CVE-2016-5160 chromium-browser: extensions web accessible resources bypass
• BZ - 1372229 - CVE-2016-5167 chromium-browser: various fixes from internal audits

CVEs

• CVE-2016-5147
• CVE-2016-5148
• CVE-2016-5149
• CVE-2016-5150
• CVE-2016-5151
• CVE-2016-5152
• CVE-2016-5153
• CVE-2016-5154
• CVE-2016-5155
• CVE-2016-5156
• CVE-2016-5157
• CVE-2016-5158
• CVE-2016-5159
• CVE-2016-5160
• CVE-2016-5161
• CVE-2016-5162
• CVE-2016-5163
• CVE-2016-5164
• CVE-2016-5165
• CVE-2016-5166
• CVE-2016-5167

References

• http://www.redhat.com/security/updates/classification/#normal