Debian Security Advisory DSA 3645-1 (chromium-browser - security update)

Published: 2016-08-08 22:00:00
CVE Author: NIST National Vulnerability Database (NVD)

CVSS Base Vector:

Solution Type:
Vendor Patch

Detection Type:
Linux Distribution Package

Affected Versions:
chromium-browser on Debian Linux

For the stable distribution (jessie), these problems have been fixed in version 52.0.2743.116-1~deb8u1. For the testing distribution (stretch), these problems will be fixed soon. For the unstable distribution (sid), these problems have been fixed in version 52.0.2743.116-1. We recommend that you upgrade your chromium-browser Linux Distribution Packages.

Several vulnerabilities have been discovered in the chromium web browser. CVE-2016-5139 GiWan Go discovered a use-after-free issue in the pdfium library. CVE-2016-5140 Ke Liu discovered a use-after-free issue in the pdfium library. CVE-2016-5141 Sergey Glazunov discovered a URL spoofing issue. CVE-2016-5142 Sergey Glazunov discovered a use-after-free issue. CVE-2016-5143 Gregory Panakkal discovered an issue in the developer tools. CVE-2016-5144 Gregory Panakkal discovered another issue in the developer tools. CVE-2016-5146 The chrome development team found and fixed various issues during internal auditing.

Detection Method:
This check tests the installed software version using the apt Linux Distribution Package manager.

NIST (National Institute of Standards and Technology) NVD (National Vulnerability Database)


CVSS Score

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities. It is free and always will be.