An update for chromium-browser is now available for Red Hat Enterprise Linux 6Supplementary.Red Hat Product Security has rated this update as having a security impact ofImportant.

A Common Vulnerability Scoring System (CVSS) base score, which givesa detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.
Chromium is an open-source web browser, powered by WebKit (Blink).This update upgrades Chromium to version 53.0.2785.143.Security Fix(es):* Multiple flaws were found in the processing of malformed web content.

A webpage containing malicious content could cause Chromium to crash, executearbitrary code, or disclose sensitive information when visited by the victim.(CVE-2016-5177, CVE-2016-5178)
For details on how to apply this update, which includes the changes described inthis advisory, refer to:https://access.redhat.com/articles/11258After installing the update, Chromium must be restarted for the changes to takeeffect.Red Hat Enterprise Linux Server Supplementary (v. 6)

IA-32:
chromium-browser-53.0.2785.143-1.el6.i686.rpm
    MD5: 5e837a9cceee0485837bdcdf1e9669f9SHA-256: 2dfec9760420d244ff00726ba3c36a2c1bec52fb14fca22e1730321e4c3c677b
chromium-browser-debuginfo-53.0.2785.143-1.el6.i686.rpm
    MD5: e1965ee5e9523f325f951ffb178a14c7SHA-256: 3b0fbf7f7ce59353e57fdc8056beabda0c748e4a45547645f32bbce0b169da18
 
x86_64:
chromium-browser-53.0.2785.143-1.el6.x86_64.rpm
    MD5: 9bb7b9f9092991151dead830dec87992SHA-256: d89976531b4f218061acd3d7cb7dd4eba29d75db8775e2088b022ae41bbe6eb9
chromium-browser-debuginfo-53.0.2785.143-1.el6.x86_64.rpm
    MD5: 4d99bac7db61b7d2111a1860185c065cSHA-256: 56f8a2bb54fc775310f8c06a0a6d34f30cbdb0bcddee63af356bc8be40ce39a5
 
Red Hat Enterprise Linux Workstation Supplementary (v. 6)

IA-32:
chromium-browser-53.0.2785.143-1.el6.i686.rpm
    MD5: 5e837a9cceee0485837bdcdf1e9669f9SHA-256: 2dfec9760420d244ff00726ba3c36a2c1bec52fb14fca22e1730321e4c3c677b
chromium-browser-debuginfo-53.0.2785.143-1.el6.i686.rpm
    MD5: e1965ee5e9523f325f951ffb178a14c7SHA-256: 3b0fbf7f7ce59353e57fdc8056beabda0c748e4a45547645f32bbce0b169da18
 
x86_64:
chromium-browser-53.0.2785.143-1.el6.x86_64.rpm
    MD5: 9bb7b9f9092991151dead830dec87992SHA-256: d89976531b4f218061acd3d7cb7dd4eba29d75db8775e2088b022ae41bbe6eb9
chromium-browser-debuginfo-53.0.2785.143-1.el6.x86_64.rpm
    MD5: 4d99bac7db61b7d2111a1860185c065cSHA-256: 56f8a2bb54fc775310f8c06a0a6d34f30cbdb0bcddee63af356bc8be40ce39a5
 
(The unlinked packages above are only available from the Red Hat Network)

1380631 – CVE-2016-5177 chromium-browser: use after free in v81380632 – CVE-2016-5178 chromium-browser: various fixes from internal audits

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:

Leave a Reply