An update for chromium-browser is now available for Red Hat Enterprise Linux 6Supplementary.Red Hat Product Security has rated this update as having a security impact ofImportant.

A Common Vulnerability Scoring System (CVSS) base score, which givesa detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.

Chromium is an open-source web browser, powered by WebKit (Blink).This update upgrades Chromium to version 50.0.2661.94.Security Fix(es):* Multiple flaws were found in the processing of malformed web content.

A webpage containing malicious content could cause Chromium to crash, executearbitrary code, or disclose sensitive information when visited by the victim.(CVE-2016-1660, CVE-2016-1661, CVE-2016-1662, CVE-2016-1663, CVE-2016-1666,CVE-2016-1664, CVE-2016-1665)
For details on how to apply this update, which includes the changes described inthis advisory, refer to:https://access.redhat.com/articles/11258After installing the update, Chromium must be restarted for the changes to takeeffect.Red Hat Enterprise Linux Desktop Supplementary (v. 6)

IA-32:
chromium-browser-50.0.2661.94-1.el6.i686.rpm
    MD5: fa3fa949c99bfc8a5264705ce3deb82aSHA-256: b4dfc5ab7e347f3d10b9ad7d70fc50032e70f197c40818f8437ee5a715e11987
chromium-browser-debuginfo-50.0.2661.94-1.el6.i686.rpm
    MD5: 6deebf49318056f45416d630b729c164SHA-256: 41a2693735a87f4d067621378f108e29b4318ee14344f954fa7664eb6b5d2272
 
x86_64:
chromium-browser-50.0.2661.94-1.el6.x86_64.rpm
    MD5: ef543f3a0e37c8da775aa0d8521d11f6SHA-256: 30cf6be1d023854e1d63492f5802e077109a7a251f7650dc0aa20ec7650c2ba6
chromium-browser-debuginfo-50.0.2661.94-1.el6.x86_64.rpm
    MD5: 8b166dad52e096f3f6a431765bfb5a95SHA-256: 58442a8c40a0c5ee2b5f135673b3affa742c4b24aa46e43f1fc63b0bd88f5c3b
 
Red Hat Enterprise Linux Server Supplementary (v. 6)

IA-32:
chromium-browser-50.0.2661.94-1.el6.i686.rpm
    MD5: fa3fa949c99bfc8a5264705ce3deb82aSHA-256: b4dfc5ab7e347f3d10b9ad7d70fc50032e70f197c40818f8437ee5a715e11987
chromium-browser-debuginfo-50.0.2661.94-1.el6.i686.rpm
    MD5: 6deebf49318056f45416d630b729c164SHA-256: 41a2693735a87f4d067621378f108e29b4318ee14344f954fa7664eb6b5d2272
 
x86_64:
chromium-browser-50.0.2661.94-1.el6.x86_64.rpm
    MD5: ef543f3a0e37c8da775aa0d8521d11f6SHA-256: 30cf6be1d023854e1d63492f5802e077109a7a251f7650dc0aa20ec7650c2ba6
chromium-browser-debuginfo-50.0.2661.94-1.el6.x86_64.rpm
    MD5: 8b166dad52e096f3f6a431765bfb5a95SHA-256: 58442a8c40a0c5ee2b5f135673b3affa742c4b24aa46e43f1fc63b0bd88f5c3b
 
Red Hat Enterprise Linux Server Supplementary EUS (v. 6.7.z)

IA-32:
chromium-browser-50.0.2661.94-1.el6.i686.rpm
    MD5: fa3fa949c99bfc8a5264705ce3deb82aSHA-256: b4dfc5ab7e347f3d10b9ad7d70fc50032e70f197c40818f8437ee5a715e11987
chromium-browser-debuginfo-50.0.2661.94-1.el6.i686.rpm
    MD5: 6deebf49318056f45416d630b729c164SHA-256: 41a2693735a87f4d067621378f108e29b4318ee14344f954fa7664eb6b5d2272
 
x86_64:
chromium-browser-50.0.2661.94-1.el6.x86_64.rpm
    MD5: ef543f3a0e37c8da775aa0d8521d11f6SHA-256: 30cf6be1d023854e1d63492f5802e077109a7a251f7650dc0aa20ec7650c2ba6
chromium-browser-debuginfo-50.0.2661.94-1.el6.x86_64.rpm
    MD5: 8b166dad52e096f3f6a431765bfb5a95SHA-256: 58442a8c40a0c5ee2b5f135673b3affa742c4b24aa46e43f1fc63b0bd88f5c3b
 
Red Hat Enterprise Linux Workstation Supplementary (v. 6)

IA-32:
chromium-browser-50.0.2661.94-1.el6.i686.rpm
    MD5: fa3fa949c99bfc8a5264705ce3deb82aSHA-256: b4dfc5ab7e347f3d10b9ad7d70fc50032e70f197c40818f8437ee5a715e11987
chromium-browser-debuginfo-50.0.2661.94-1.el6.i686.rpm
    MD5: 6deebf49318056f45416d630b729c164SHA-256: 41a2693735a87f4d067621378f108e29b4318ee14344f954fa7664eb6b5d2272
 
x86_64:
chromium-browser-50.0.2661.94-1.el6.x86_64.rpm
    MD5: ef543f3a0e37c8da775aa0d8521d11f6SHA-256: 30cf6be1d023854e1d63492f5802e077109a7a251f7650dc0aa20ec7650c2ba6
chromium-browser-debuginfo-50.0.2661.94-1.el6.x86_64.rpm
    MD5: 8b166dad52e096f3f6a431765bfb5a95SHA-256: 58442a8c40a0c5ee2b5f135673b3affa742c4b24aa46e43f1fc63b0bd88f5c3b
 
(The unlinked packages above are only available from the Red Hat Network)
1331635 – CVE-2016-1660 chromium-browser: out-of-bounds write in blink1331636 – CVE-2016-1661 chromium-browser: memory corruption in cross-process frames1331637 – CVE-2016-1662 chromium-browser: use-after-free in extensions1331638 – CVE-2016-1663 chromium-browser: use-after-free in blink’s v8 bindings1331639 – CVE-2016-1664 chromium-browser: address bar spoofing1331640 – CVE-2016-1665 chromium-browser: information leak in v81331642 – CVE-2016-1666 chromium-browser: various fixes from internal audits

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from: