An update for chromium-browser is now available for Red Hat Enterprise Linux 6Supplementary.Red Hat Product Security has rated this update as having a security impact ofImportant.

A Common Vulnerability Scoring System (CVSS) base score, which givesa detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.
Chromium is an open-source web browser, powered by WebKit (Blink).This update upgrades Chromium to version 52.0.2743.116.Security Fix(es):* Multiple flaws were found in the processing of malformed web content.

A webpage containing malicious content could cause Chromium to crash, executearbitrary code, or disclose sensitive information when visited by the victim.(CVE-2016-5139, CVE-2016-5140, CVE-2016-5141, CVE-2016-5142, CVE-2016-5146,CVE-2016-5143, CVE-2016-5144, CVE-2016-5145)
For details on how to apply this update, which includes the changes described inthis advisory, refer to:https://access.redhat.com/articles/11258After installing the update, Chromium must be restarted for the changes to takeeffect.Red Hat Enterprise Linux Desktop Supplementary (v. 6)

IA-32:
chromium-browser-52.0.2743.116-1.el6.i686.rpm
    MD5: e9986205d56d3efb44e9c2cd2c616dfcSHA-256: 1239a50bca4c6f678ad2e050099a23ed9f2b01180017f38e81bfef690dd9467b
chromium-browser-debuginfo-52.0.2743.116-1.el6.i686.rpm
    MD5: ca365eb09a199282b9282130a6e4a882SHA-256: 01cc7759668660d84290d47c1181802921997b355355964888f1ff188195b361
 
x86_64:
chromium-browser-52.0.2743.116-1.el6.x86_64.rpm
    MD5: ee4f77b70a388553b49f878ea914e9f5SHA-256: 5b9c5bd315eb5d97d0b5eb6d927bf56da680e481c8dc98fae0531d5fed9ddc9b
chromium-browser-debuginfo-52.0.2743.116-1.el6.x86_64.rpm
    MD5: 58071f2380e5ddaf10fe9b2869662e74SHA-256: b8fb6c791d6b4fc1c416701693eb501a36ac2dcb265da9f18d2eba529e6e2c8e
 
Red Hat Enterprise Linux Server Supplementary (v. 6)

IA-32:
chromium-browser-52.0.2743.116-1.el6.i686.rpm
    MD5: e9986205d56d3efb44e9c2cd2c616dfcSHA-256: 1239a50bca4c6f678ad2e050099a23ed9f2b01180017f38e81bfef690dd9467b
chromium-browser-debuginfo-52.0.2743.116-1.el6.i686.rpm
    MD5: ca365eb09a199282b9282130a6e4a882SHA-256: 01cc7759668660d84290d47c1181802921997b355355964888f1ff188195b361
 
x86_64:
chromium-browser-52.0.2743.116-1.el6.x86_64.rpm
    MD5: ee4f77b70a388553b49f878ea914e9f5SHA-256: 5b9c5bd315eb5d97d0b5eb6d927bf56da680e481c8dc98fae0531d5fed9ddc9b
chromium-browser-debuginfo-52.0.2743.116-1.el6.x86_64.rpm
    MD5: 58071f2380e5ddaf10fe9b2869662e74SHA-256: b8fb6c791d6b4fc1c416701693eb501a36ac2dcb265da9f18d2eba529e6e2c8e
 
Red Hat Enterprise Linux Workstation Supplementary (v. 6)

IA-32:
chromium-browser-52.0.2743.116-1.el6.i686.rpm
    MD5: e9986205d56d3efb44e9c2cd2c616dfcSHA-256: 1239a50bca4c6f678ad2e050099a23ed9f2b01180017f38e81bfef690dd9467b
chromium-browser-debuginfo-52.0.2743.116-1.el6.i686.rpm
    MD5: ca365eb09a199282b9282130a6e4a882SHA-256: 01cc7759668660d84290d47c1181802921997b355355964888f1ff188195b361
 
x86_64:
chromium-browser-52.0.2743.116-1.el6.x86_64.rpm
    MD5: ee4f77b70a388553b49f878ea914e9f5SHA-256: 5b9c5bd315eb5d97d0b5eb6d927bf56da680e481c8dc98fae0531d5fed9ddc9b
chromium-browser-debuginfo-52.0.2743.116-1.el6.x86_64.rpm
    MD5: 58071f2380e5ddaf10fe9b2869662e74SHA-256: b8fb6c791d6b4fc1c416701693eb501a36ac2dcb265da9f18d2eba529e6e2c8e
 
(The unlinked packages above are only available from the Red Hat Network)

1363980 – CVE-2016-5141 chromium-browser: Address bar spoofing1363981 – CVE-2016-5142 chromium-browser: Use-after-free in Blink1363982 – CVE-2016-5139 chromium-browser: Heap overflow in pdfium1363983 – CVE-2016-5140 chromium-browser: Heap overflow in pdfium1363984 – CVE-2016-5145 chromium-browser: Same origin bypass for images in Blink1363985 – CVE-2016-5143 chromium-browser: Parameter sanitization failure in DevTools1363986 – CVE-2016-5144 chromium-browser: Parameter sanitization failure in DevTools1363987 – CVE-2016-5146 chromium-browser: various fixes from internal audits

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:

Leave a Reply