#8400 closed enhancement (fixed)
chromium-53.0.2785.143 (CVE-2016-5177 CVE-2016-5178)
| Reported by: | Douglas R. Reno | Owned by: | Douglas R. Reno |
|---|---|---|---|
| Priority: | high | Milestone: | 8.0 |
| Component: | BOOK | Version: | SVN |
| Severity: | normal | Keywords: | |
| Cc: |
Description
An Arch Security Advisory came out for two vulnerabilities in Chrome.
Upon discussing it with DJ, since I need to build it tonight anyway, I offered to create a patch for it.
https://lists.archlinux.org/pipermail/arch-security/2016-October/000729.html
Severity: Critical Date : 2016-10-03 CVE-ID : CVE-2016-5177 CVE-2016-5178 Package : chromium Type : arbitrary code execution Remote : Yes Impact ====== A remote attacker could be able to execute arbitrary code. Description =========== - CVE-2016-5177 (arbitrary code execution) Use after free in V8. - CVE-2016-5178 (arbitrary code execution) Various fixes from internal audits, fuzzing and other initiatives.
Change History (3)
comment:1 by , 8 years ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
| Summary: | Generate Chromium security patch (CVE-2016-5177 CVE-2016-5178) → chromium-53.0.2785.143 (CVE-2016-5177 CVE-2016-5178) |
Note:
See TracTickets
for help on using tickets.
DJ found a new version - will just update, not generate a security patch.