Issued:: 2016-10-05
Updated:: 2016-10-05

RHSA-2016:2007 - Security Advisory

Overview
Updated Packages

Synopsis

Important: chromium-browser security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Chromium is an open-source web browser, powered by WebKit (Blink).

This update upgrades Chromium to version 53.0.2785.143.

Security Fix(es):

Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim. (CVE-2016-5177, CVE-2016-5178)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the update, Chromium must be restarted for the changes to take effect.

Affected Products

Red Hat Enterprise Linux Server 6 x86_64
Red Hat Enterprise Linux Server 6 i386
Red Hat Enterprise Linux Workstation 6 x86_64
Red Hat Enterprise Linux Workstation 6 i386

Fixes

BZ - 1380631 - CVE-2016-5177 chromium-browser: use after free in v8
BZ - 1380632 - CVE-2016-5178 chromium-browser: various fixes from internal audits

CVEs

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 6

SRPM
x86_64
chromium-browser-53.0.2785.143-1.el6.x86_64.rpm	SHA-256: d89976531b4f218061acd3d7cb7dd4eba29d75db8775e2088b022ae41bbe6eb9
chromium-browser-debuginfo-53.0.2785.143-1.el6.x86_64.rpm	SHA-256: 56f8a2bb54fc775310f8c06a0a6d34f30cbdb0bcddee63af356bc8be40ce39a5
i386
chromium-browser-53.0.2785.143-1.el6.i686.rpm	SHA-256: 2dfec9760420d244ff00726ba3c36a2c1bec52fb14fca22e1730321e4c3c677b
chromium-browser-debuginfo-53.0.2785.143-1.el6.i686.rpm	SHA-256: 3b0fbf7f7ce59353e57fdc8056beabda0c748e4a45547645f32bbce0b169da18

Red Hat Enterprise Linux Workstation 6

SRPM
x86_64
chromium-browser-53.0.2785.143-1.el6.x86_64.rpm	SHA-256: d89976531b4f218061acd3d7cb7dd4eba29d75db8775e2088b022ae41bbe6eb9
chromium-browser-debuginfo-53.0.2785.143-1.el6.x86_64.rpm	SHA-256: 56f8a2bb54fc775310f8c06a0a6d34f30cbdb0bcddee63af356bc8be40ce39a5
i386
chromium-browser-53.0.2785.143-1.el6.i686.rpm	SHA-256: 2dfec9760420d244ff00726ba3c36a2c1bec52fb14fca22e1730321e4c3c677b
chromium-browser-debuginfo-53.0.2785.143-1.el6.i686.rpm	SHA-256: 3b0fbf7f7ce59353e57fdc8056beabda0c748e4a45547645f32bbce0b169da18

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation