{"id":"MGASA-2016-0214","summary":"Updated chromium-browser-stable packages fix security vulnerabilities","details":"Chromium-browser-stable 51.0.2704.63 fixes security issues:\n\ncross-origin bypass problems in extensions bindings (CVE-2016-1672 and \nCVE-2016-1676), blink (CVE-2016-1673 and CVE-2016-1675), and extensions \n(CVE-2016-1674)\n\nheap use-after free bugs in V8 bindings (CVE-2016-1679), Skia (CVE-2016-1680), \nand Autofill (CVE-2016-1690)\n\nheap buffer overflows in V8 (CVE-2016-1678), PDFium (CVE-2016-1681), media \n(CVE-2016-1689), and Skia (CVE-2016-1691)\n\nout-of-bounds read errors in PDFium (CVE-2016-1685 and CVE-2016-1686) and V8 \n(CVE-2016-1688)\n\ntype confusion in V8 (CVE-2016-1677), a CSP bypass for ServiceWorker \n(CVE-2016-1682), an information leak in extensions (CVE-2016-1687), a limited \ncross-origin bypass in ServiceWorker (CVE-2016-1692), and HPKP pins removed on \ncache clearance (CVE-2016-1694)\n\nvarious fixes from upstream's internal audits, fuzzing, and other initiatives \n(CVE-2016-1695)\n","modified":"2026-02-04T04:34:08.005906Z","published":"2016-06-02T21:40:03Z","related":["CVE-2016-1672","CVE-2016-1673","CVE-2016-1674","CVE-2016-1675","CVE-2016-1676","CVE-2016-1677","CVE-2016-1678","CVE-2016-1679","CVE-2016-1680","CVE-2016-1681","CVE-2016-1682","CVE-2016-1685","CVE-2016-1686","CVE-2016-1687","CVE-2016-1688","CVE-2016-1689","CVE-2016-1690","CVE-2016-1691","CVE-2016-1692","CVE-2016-1694","CVE-2016-1695"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2016-0214.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=18546"},{"type":"REPORT","url":"http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html"}],"affected":[{"package":{"name":"chromium-browser-stable","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/chromium-browser-stable?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"51.0.2704.63-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0214.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}