- Issued:
- 2016-07-26
- Updated:
- 2016-07-26
RHSA-2016:1485 - Important: chromium-browser security update
Synopsis
Important: chromium-browser security update
Type/Severity
Security Advisory Important
Topic
An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
Chromium is an open-source web browser, powered by WebKit (Blink).
This update upgrades Chromium to version 52.0.2743.82.
Security Fix(es):
- Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim. (CVE-2016-1706, CVE-2016-1708, CVE-2016-1709, CVE-2016-1710, CVE-2016-1711, CVE-2016-5127, CVE-2016-5128, CVE-2016-5129, CVE-2016-5130, CVE-2016-5131, CVE-2016-5132, CVE-2016-5133, CVE-2016-5134, CVE-2016-5135, CVE-2016-5136, CVE-2016-5137, CVE-2016-1705)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, Chromium must be restarted for the changes to take effect.
Affected Products
| Product | Version | Arch |
|---|---|---|
| Red Hat Enterprise Linux Workstation | 6 | x86_64 |
| Red Hat Enterprise Linux Workstation | 6 | i386 |
| Red Hat Enterprise Linux Server | 6 | x86_64 |
| Red Hat Enterprise Linux Server | 6 | i386 |
| Red Hat Enterprise Linux Desktop | 6 | x86_64 |
| Red Hat Enterprise Linux Desktop | 6 | i386 |
Updated Packages
- chromium-browser-debuginfo-52.0.2743.82-1.el6.i686.rpm
- chromium-browser-52.0.2743.82-1.el6.x86_64.rpm
- chromium-browser-debuginfo-52.0.2743.82-1.el6.x86_64.rpm
- chromium-browser-52.0.2743.82-1.el6.i686.rpm
Fixes
- This content is not included.BZ - 1358630
- This content is not included.BZ - 1358632
- This content is not included.BZ - 1358633
- This content is not included.BZ - 1358634
- This content is not included.BZ - 1358636
- This content is not included.BZ - 1358637
- This content is not included.BZ - 1358638
- This content is not included.BZ - 1358639
- This content is not included.BZ - 1358640
- This content is not included.BZ - 1358641
- This content is not included.BZ - 1358642
- This content is not included.BZ - 1358643
- This content is not included.BZ - 1358645
- This content is not included.BZ - 1358646
- This content is not included.BZ - 1358647
- This content is not included.BZ - 1358648
- This content is not included.BZ - 1358649
CVEs
- CVE-2016-1705
- CVE-2016-1706
- CVE-2016-1708
- CVE-2016-1709
- CVE-2016-1710
- CVE-2016-1711
- CVE-2016-5127
- CVE-2016-5128
- CVE-2016-5129
- CVE-2016-5130
- CVE-2016-5131
- CVE-2016-5132
- CVE-2016-5133
- CVE-2016-5134
- CVE-2016-5135
- CVE-2016-5136
- CVE-2016-5137
References
Additional information
- The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
- Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.