Package chromium: Information
Default inline alert: Version in the repository: 97.0.4692.99-alt0.p9.1
Source package: chromium
Version: 57.0.2987.110-alt1
Build time: Mar 31, 2017, 03:19 PM in the task #181064
Category: Networking/WWW
Report package bugHome page: http://www.chromium.org
License: BSD-3-Clause and LGPL-2.1+
Summary: An open source web browser developed by Google
Description:
Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all Internet users to experience the web.
List of rpms provided by this srpm:
chromium (x86_64, i586)
chromium-debuginfo (x86_64, i586)
chromium-gnome (x86_64, i586)
chromium-kde (x86_64, i586)
chromium (x86_64, i586)
chromium-debuginfo (x86_64, i586)
chromium-gnome (x86_64, i586)
chromium-kde (x86_64, i586)
Maintainer: Alexey Gladkov
Last changed
March 27, 2017 Alexey Gladkov 57.0.2987.110-alt1
- New version (57.0.2987.110). - Security fixes: - CVE-2017-5030: Memory corruption in V8. Credit to Brendon Tiszka - CVE-2017-5031: Use after free in ANGLE. Credit to Looben Yang - CVE-2017-5032: Out of bounds write in PDFium. Credit to Ashfaq Ansari - Project Srishti - CVE-2017-5029: Integer overflow in libxslt. Credit to Holger Fuhrmannek - CVE-2017-5034: Use after free in PDFium. Credit to Ke Liu of Tencent's Xuanwu LAB - CVE-2017-5035: Incorrect security UI in Omnibox. Credit to Enzo Aguado - CVE-2017-5036: Use after free in PDFium. Credit to Anonymous - CVE-2017-5037: Multiple out of bounds writes in ChunkDemuxer. Credit to Yongke Wang of Tencent's Xuanwu Lab (xlab.tencent.com) - CVE-2017-5039: Use after free in PDFium. Credit to jinmo123 - CVE-2017-5040: Information disclosure in V8. Credit to Choongwoo Han - CVE-2017-5041: Address spoofing in Omnibox. Credit to Jordi Chancel - CVE-2017-5033: Bypass of Content Security Policy in Blink. Credit to Nicolai Grodum - CVE-2017-5042: Incorrect handling of cookies in Cast. Credit to Mike Ruddy - CVE-2017-5038: Use after free in GuestView. Credit to Anonymous - CVE-2017-5043: Use after free in GuestView. Credit to Anonymous - CVE-2017-5044: Heap overflow in Skia. Credit to Kushal Arvind Shah of Fortinet's FortiGuard Labs - CVE-2017-5045: Information disclosure in XSS Auditor. Credit to Dhaval Kapil (vampire) - CVE-2017-5046: Information disclosure in Blink. Credit to Masato Kinugawa
Feb. 8, 2017 Alexey Gladkov 56.0.2924.87-alt1
- New version (56.0.2924.87). - Security fixes: - CVE-2017-5007: Universal XSS in Blink. Credit to Mariusz Mlynski - CVE-2017-5006: Universal XSS in Blink. Credit to Mariusz Mlynski - CVE-2017-5008: Universal XSS in Blink. Credit to Mariusz Mlynski - CVE-2017-5010: Universal XSS in Blink. Credit to Mariusz Mlynski - CVE-2017-5011: Unauthorised file access in Devtools. Credit to Khalil Zhani - CVE-2017-5009: Out of bounds memory access in WebRTC. Credit to Sean Stanek and Chip Bradford - CVE-2017-5012: Heap overflow in V8. Credit to Gergely Nagy (Tresorit) - CVE-2017-5013: Address spoofing in Omnibox. Credit to Haosheng Wang (@gnehsoah) - CVE-2017-5014: Heap overflow in Skia. Credit to sweetchip - CVE-2017-5015: Address spoofing in Omnibox. Credit to Armin Razmdjou - CVE-2017-5019: Use after free in Renderer. Credit to Wadih Matar - CVE-2017-5016: UI spoofing in Blink. Credit to Haosheng Wang (@gnehsoah) - CVE-2017-5017: Uninitialised memory access in webm video. Credit to Dan Berman - CVE-2017-5018: Universal XSS in chrome://apps. Credit to Rob Wu - CVE-2017-5020: Universal XSS in chrome://downloads. Credit to Rob Wu - CVE-2017-5021: Use after free in Extensions. Credit to Rob Wu - CVE-2017-5022: Bypass of Content Security Policy in Blink. Credit to evi1m0#ly.com - CVE-2017-5023: Type confusion in metrics. Credit to the UK's National Cyber Security Centre (NCSC) - CVE-2017-5024: Heap overflow in FFmpeg. Credit to Paul Mehta - CVE-2017-5025: Heap overflow in FFmpeg. Credit to Paul Mehta - CVE-2017-5026: UI spoofing. Credit to Ronni Skansing - CVE-2017-5027: Bypass of Content Security Policy in Blink.
Dec. 8, 2016 Alexey Gladkov 55.0.2883.75-alt1
- New version (55.0.2883.75). - Security fixes: - CVE-2016-9651: Private property access in V8. Credit to Guang Gong of Alpha Team Of Qihoo 360 - CVE-2016-5208: Universal XSS in Blink. Credit to Mariusz Mlynski - CVE-2016-5207: Universal XSS in Blink. Credit to Mariusz Mlynski - CVE-2016-5206: Same-origin bypass in PDFium. Credit to Rob Wu (robwu.nl) - CVE-2016-5205: Universal XSS in Blink. Credit to Anonymous - CVE-2016-5204: Universal XSS in Blink. Credit to Mariusz Mlynski - CVE-2016-5209: Out of bounds write in Blink. Credit to Giwan Go of STEALIEN - CVE-2016-5203: Use after free in PDFium. Credit to Anonymous - CVE-2016-5210: Out of bounds write in PDFium. Credit to Ke Liu of Tencent's Xuanwu LAB - CVE-2016-5212: Local file disclosure in DevTools. Credit to Khalil Zhani - CVE-2016-5211: Use after free in PDFium. Credit to Anonymous - CVE-2016-5213: Use after free in V8. Credit to Khalil Zhani - CVE-2016-5214: File download protection bypass. Credit to Jonathan Birch and MSVR - CVE-2016-5216: Use after free in PDFium. Credit to Anonymous - CVE-2016-5215: Use after free in Webaudio. Credit to Looben Yang - CVE-2016-5217: Use of unvalidated data in PDFium. Credit to Rob Wu (robwu.nl) - CVE-2016-5218: Address spoofing in Omnibox. Credit to Abdulrahman Alqabandi (@qab) - CVE-2016-5219: Use after free in V8. Credit to Rob Wu (robwu.nl) - CVE-2016-5221: Integer overflow in ANGLE. Credit to Tim Becker of ForAllSecure - CVE-2016-5220: Local file access in PDFium. Credit to Rob Wu (robwu.nl) - CVE-2016-5222: Address spoofing in Omnibox. Credit to xisigr of Tencent's Xuanwu Lab - CVE-2016-9650: CSP Referrer disclosure. Credit to Jakub Zoczek - CVE-2016-5223: Integer overflow in PDFium. Credit to Hwiwon Lee - CVE-2016-5226: Limited XSS in Blink. Credit to Jun Kokatsu (@shhnjk) - CVE-2016-5225: CSP bypass in Blink. Credit to Scott Helme (@Scott_Helme, scotthelme.co.uk) - CVE-2016-5224: Same-origin bypass in SVG. Credit to Roeland Krak - CVE-2016-9652: Various fixes from internal audits, fuzzing and other initiatives