Several vulnerabilities have been discovered in the chromium web browser. CVE-2016-1622 It was discovered that a maliciously crafted extension could bypass the Same Origin Policy. CVE-2016-1623 Mariusz Mlynski discovered a way to bypass the Same Origin Policy. CVE-2016-1624 lukezli discovered a buffer overflow issue in the Brotli library. CVE-2016-1625 Jann Horn discovered a way to cause the Chrome Instant feature to navigate to unintended destinations. CVE-2016-1626 An out-of-bounds read issue was discovered in the openjpeg library. CVE-2016-1627 It was discovered that the Developer Tools did not validate URLs. CVE-2016-1628 An out-of-bounds read issue was discovered in the pdfium library. CVE-2016-1629 A way to bypass the Same Origin Policy was discovered in Blink/WebKit, along with a way to escape the chromium sandbox. For the stable distribution (jessie), these problems have been fixed in version 48.0.2564.116-1~deb8u1. For the testing distribution (stretch), these problems will be fixed soon. For the unstable distribution (sid), these problems have been fixed in version 48.0.2564.116-1. We recommend that you upgrade your chromium-browser packages.
Several vulnerabilities have been discovered in the chromium web browser.
It was discovered that a maliciously crafted extension could bypass the Same Origin Policy.
Mariusz Mlynski discovered a way to bypass the Same Origin Policy.
lukezli discovered a buffer overflow issue in the Brotli library.
Jann Horn discovered a way to cause the Chrome Instant feature to navigate to unintended destinations.
An out-of-bounds read issue was discovered in the openjpeg library.
It was discovered that the Developer Tools did not validate URLs.
An out-of-bounds read issue was discovered in the pdfium library.
A way to bypass the Same Origin Policy was discovered in Blink/WebKit, along with a way to escape the chromium sandbox.
For the stable distribution (jessie), these problems have been fixed in version 48.0.2564.116-1~deb8u1.
For the testing distribution (stretch), these problems will be fixed soon.
For the unstable distribution (sid), these problems have been fixed in version 48.0.2564.116-1.
We recommend that you upgrade your chromium-browser packages.