An update for chromium-browser is now available for Red Hat Enterprise Linux 6Supplementary.Red Hat Product Security has rated this update as having a security impact ofImportant.

A Common Vulnerability Scoring System (CVSS) base score, which givesa detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.
Chromium is an open-source web browser, powered by WebKit (Blink).This update upgrades Chromium to version 50.0.2661.75.Security Fix(es):Several flaws were found in the processing of malformed web content.

A web pagecontaining malicious content could cause Chromium to crash, execute arbitrarycode, or disclose sensitive information when visited by the victim.(CVE-2016-1652, CVE-2016-1653, CVE-2016-1651, CVE-2016-1654, CVE-2016-1655,CVE-2016-1656, CVE-2016-1657, CVE-2016-1658, CVE-2016-1659)
Red Hat Enterprise Linux Desktop Supplementary (v. 6)

IA-32:
chromium-browser-50.0.2661.75-1.el6.i686.rpm
    MD5: 0d3ab612c632fbacdf6940ea92a44263SHA-256: 6b1998e0f7e6371df8fff93de43d5b2f6c5447e04ef9549233cff0e9b3950b6f
chromium-browser-debuginfo-50.0.2661.75-1.el6.i686.rpm
    MD5: 9901a2403478bef347e177aeffcff8beSHA-256: d5ae67770299794e0c8d8779c7d1be67df17c0ba39620be12d5252e1e8967bb3
 
x86_64:
chromium-browser-50.0.2661.75-1.el6.x86_64.rpm
    MD5: 29135336cf613c51e52199d621a06072SHA-256: 68fe5ec87094e6b269e94fc38abdb7bd45c011a1e335a74a9508290b1f3b5d72
chromium-browser-debuginfo-50.0.2661.75-1.el6.x86_64.rpm
    MD5: faff6887e962b5509a05466c0536b4aeSHA-256: 7a708c3bbbb2deefb0939dfff6570d0f6934feb78003e3fe8f2dcb8efb87e15d
 
Red Hat Enterprise Linux Server Supplementary (v. 6)

IA-32:
chromium-browser-50.0.2661.75-1.el6.i686.rpm
    MD5: 0d3ab612c632fbacdf6940ea92a44263SHA-256: 6b1998e0f7e6371df8fff93de43d5b2f6c5447e04ef9549233cff0e9b3950b6f
chromium-browser-debuginfo-50.0.2661.75-1.el6.i686.rpm
    MD5: 9901a2403478bef347e177aeffcff8beSHA-256: d5ae67770299794e0c8d8779c7d1be67df17c0ba39620be12d5252e1e8967bb3
 
x86_64:
chromium-browser-50.0.2661.75-1.el6.x86_64.rpm
    MD5: 29135336cf613c51e52199d621a06072SHA-256: 68fe5ec87094e6b269e94fc38abdb7bd45c011a1e335a74a9508290b1f3b5d72
chromium-browser-debuginfo-50.0.2661.75-1.el6.x86_64.rpm
    MD5: faff6887e962b5509a05466c0536b4aeSHA-256: 7a708c3bbbb2deefb0939dfff6570d0f6934feb78003e3fe8f2dcb8efb87e15d
 
Red Hat Enterprise Linux Server Supplementary EUS (v. 6.7.z)

IA-32:
chromium-browser-50.0.2661.75-1.el6.i686.rpm
    MD5: 0d3ab612c632fbacdf6940ea92a44263SHA-256: 6b1998e0f7e6371df8fff93de43d5b2f6c5447e04ef9549233cff0e9b3950b6f
chromium-browser-debuginfo-50.0.2661.75-1.el6.i686.rpm
    MD5: 9901a2403478bef347e177aeffcff8beSHA-256: d5ae67770299794e0c8d8779c7d1be67df17c0ba39620be12d5252e1e8967bb3
 
x86_64:
chromium-browser-50.0.2661.75-1.el6.x86_64.rpm
    MD5: 29135336cf613c51e52199d621a06072SHA-256: 68fe5ec87094e6b269e94fc38abdb7bd45c011a1e335a74a9508290b1f3b5d72
chromium-browser-debuginfo-50.0.2661.75-1.el6.x86_64.rpm
    MD5: faff6887e962b5509a05466c0536b4aeSHA-256: 7a708c3bbbb2deefb0939dfff6570d0f6934feb78003e3fe8f2dcb8efb87e15d
 
Red Hat Enterprise Linux Workstation Supplementary (v. 6)

IA-32:
chromium-browser-50.0.2661.75-1.el6.i686.rpm
    MD5: 0d3ab612c632fbacdf6940ea92a44263SHA-256: 6b1998e0f7e6371df8fff93de43d5b2f6c5447e04ef9549233cff0e9b3950b6f
chromium-browser-debuginfo-50.0.2661.75-1.el6.i686.rpm
    MD5: 9901a2403478bef347e177aeffcff8beSHA-256: d5ae67770299794e0c8d8779c7d1be67df17c0ba39620be12d5252e1e8967bb3
 
x86_64:
chromium-browser-50.0.2661.75-1.el6.x86_64.rpm
    MD5: 29135336cf613c51e52199d621a06072SHA-256: 68fe5ec87094e6b269e94fc38abdb7bd45c011a1e335a74a9508290b1f3b5d72
chromium-browser-debuginfo-50.0.2661.75-1.el6.x86_64.rpm
    MD5: faff6887e962b5509a05466c0536b4aeSHA-256: 7a708c3bbbb2deefb0939dfff6570d0f6934feb78003e3fe8f2dcb8efb87e15d
 
(The unlinked packages above are only available from the Red Hat Network)

1327109 – CVE-2016-1652 chromium-browser: universal XSS in extension bindings1327110 – CVE-2016-1653 chromium-browser: out-of-bounds write in V81327111 – CVE-2016-1651 chromium-browser: out-of-bounds read in Pdfium JPEG2000 decoding1327112 – CVE-2016-1654 chromium-browser: uninitialized memory read in media1327113 – CVE-2016-1655 chromium-browser: use-after-free related to extensions1327114 – CVE-2016-1656 chromium-browser: android downloaded file path restriction bypass1327115 – CVE-2016-1657 chromium-browser: address bar spoofing1327117 – CVE-2016-1658 chromium-browser: potential leak of sensitive information to malicious extensions1327120 – CVE-2016-1659 chromium-browser: various fixes from internal audits

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from: