ALT-BU-2016-2540-1
Branch sisyphus update bulletin.
Closed vulnerabilities
BDU:2016-00385
Уязвимости браузера Google Chrome, позволяющие нарушителю вызвать отказ в обслуживании или оказать другое воздействие
BDU:2016-00389
Уязвимости браузера Google Chrome и библиотеки форматирования текста HarfBuzz, позволяющие нарушителю вызвать отказ в обслуживании или оказать другое воздействие
BDU:2016-00397
Уязвимость браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании или оказать другое воздействие
BDU:2016-00398
Уязвимости браузера Google Chrome, позволяющие нарушителю вызвать отказ в обслуживании или оказать другое воздействие
BDU:2016-00399
Уязвимость браузера Google Chrome, позволяющая нарушителю получить конфиденциальную информацию
BDU:2016-00400
Уязвимость браузера Google Chrome, позволяющая нарушителю подменить источник документа
BDU:2016-00401
Уязвимость браузера Google Chrome, позволяющая нарушителю подменить URL-адреса
BDU:2016-00402
Уязвимость браузера Google Chrome, позволяющая нарушителю определить, какой веб-сайт был посещен с использованием HSTS-соединения
BDU:2016-00403
Уязвимость браузера Google Chrome, позволяющая нарушителю взломать криптографический механизм защиты
BDU:2016-00404
Уязвимости браузера Google Chrome, позволяющие нарушителю вызвать отказ в обслуживании или оказать другое воздействие
Modified: 2024-11-21
CVE-2016-1612
The LoadIC::UpdateCaches function in ic/ic.cc in Google V8, as used in Google Chrome before 48.0.2564.82, does not ensure receiver compatibility before performing a cast of an unspecified variable, which allows remote attackers to cause a denial of service or possibly have unknown other impact via crafted JavaScript code.
- http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html
- http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html
- openSUSE-SU-2016:0249
- openSUSE-SU-2016:0249
- openSUSE-SU-2016:0250
- openSUSE-SU-2016:0250
- openSUSE-SU-2016:0271
- openSUSE-SU-2016:0271
- RHSA-2016:0072
- RHSA-2016:0072
- DSA-3456
- DSA-3456
- 81431
- 81431
- 1034801
- 1034801
- USN-2877-1
- USN-2877-1
- https://chromium.googlesource.com/v8/v8/+/cfbd16172fa165cc33ce0e2e72f74e5561168a61
- https://chromium.googlesource.com/v8/v8/+/cfbd16172fa165cc33ce0e2e72f74e5561168a61
- https://code.google.com/p/chromium/issues/detail?id=497632
- https://code.google.com/p/chromium/issues/detail?id=497632
- https://codereview.chromium.org/1531583005
- https://codereview.chromium.org/1531583005
- GLSA-201603-09
- GLSA-201603-09
Modified: 2024-11-21
CVE-2016-1613
Multiple use-after-free vulnerabilities in the formfiller implementation in PDFium, as used in Google Chrome before 48.0.2564.82, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document, related to improper tracking of the destruction of (1) IPWL_FocusHandler and (2) IPWL_Provider objects.
- http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html
- http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html
- openSUSE-SU-2016:0249
- openSUSE-SU-2016:0249
- openSUSE-SU-2016:0250
- openSUSE-SU-2016:0250
- openSUSE-SU-2016:0271
- openSUSE-SU-2016:0271
- RHSA-2016:0072
- RHSA-2016:0072
- DSA-3456
- DSA-3456
- 81430
- 81430
- 1034801
- 1034801
- https://code.google.com/p/chromium/issues/detail?id=572871
- https://code.google.com/p/chromium/issues/detail?id=572871
- https://codereview.chromium.org/1564773003
- https://codereview.chromium.org/1564773003
- https://pdfium.googlesource.com/pdfium/+/dcac57bc8b64fdc870d79d11a498ae7021cf8ae7
- https://pdfium.googlesource.com/pdfium/+/dcac57bc8b64fdc870d79d11a498ae7021cf8ae7
- GLSA-201603-09
- GLSA-201603-09
Modified: 2024-11-21
CVE-2016-1614
The UnacceleratedImageBufferSurface class in WebKit/Source/platform/graphics/UnacceleratedImageBufferSurface.cpp in Blink, as used in Google Chrome before 48.0.2564.82, mishandles the initialization mode, which allows remote attackers to obtain sensitive information from process memory via a crafted web site.
- http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html
- http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html
- openSUSE-SU-2016:0249
- openSUSE-SU-2016:0249
- openSUSE-SU-2016:0250
- openSUSE-SU-2016:0250
- openSUSE-SU-2016:0271
- openSUSE-SU-2016:0271
- RHSA-2016:0072
- RHSA-2016:0072
- DSA-3456
- DSA-3456
- 81430
- 81430
- 1034801
- 1034801
- USN-2877-1
- USN-2877-1
- https://code.google.com/p/chromium/issues/detail?id=544691
- https://code.google.com/p/chromium/issues/detail?id=544691
- https://codereview.chromium.org/1407393002/
- https://codereview.chromium.org/1407393002/
- GLSA-201603-09
- GLSA-201603-09
Modified: 2024-11-21
CVE-2016-1615
The Omnibox implementation in Google Chrome before 48.0.2564.82 allows remote attackers to spoof a document's origin via unspecified vectors.
- http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html
- http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html
- openSUSE-SU-2016:0249
- openSUSE-SU-2016:0249
- openSUSE-SU-2016:0250
- openSUSE-SU-2016:0250
- openSUSE-SU-2016:0271
- openSUSE-SU-2016:0271
- RHSA-2016:0072
- RHSA-2016:0072
- DSA-3456
- DSA-3456
- 81430
- 81430
- 1034801
- 1034801
- https://code.google.com/p/chromium/issues/detail?id=468179
- https://code.google.com/p/chromium/issues/detail?id=468179
- GLSA-201603-09
- GLSA-201603-09
Modified: 2024-11-21
CVE-2016-1616
The CustomButton::AcceleratorPressed function in ui/views/controls/button/custom_button.cc in Google Chrome before 48.0.2564.82 allows remote attackers to spoof URLs via vectors involving an unfocused custom button.
- http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html
- http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html
- openSUSE-SU-2016:0249
- openSUSE-SU-2016:0249
- openSUSE-SU-2016:0250
- openSUSE-SU-2016:0250
- openSUSE-SU-2016:0271
- openSUSE-SU-2016:0271
- RHSA-2016:0072
- RHSA-2016:0072
- DSA-3456
- DSA-3456
- 81430
- 81430
- 1034801
- 1034801
- https://code.google.com/p/chromium/issues/detail?id=541415
- https://code.google.com/p/chromium/issues/detail?id=541415
- https://codereview.chromium.org/1437523005
- https://codereview.chromium.org/1437523005
- GLSA-201603-09
- GLSA-201603-09
Modified: 2024-11-21
CVE-2016-1617
The CSPSource::schemeMatches function in WebKit/Source/core/frame/csp/CSPSource.cpp in the Content Security Policy (CSP) implementation in Blink, as used in Google Chrome before 48.0.2564.82, does not apply http policies to https URLs and does not apply ws policies to wss URLs, which makes it easier for remote attackers to determine whether a specific HSTS web site has been visited by reading a CSP report.
- http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html
- http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html
- openSUSE-SU-2016:0249
- openSUSE-SU-2016:0249
- openSUSE-SU-2016:0250
- openSUSE-SU-2016:0250
- openSUSE-SU-2016:0271
- openSUSE-SU-2016:0271
- RHSA-2016:0072
- RHSA-2016:0072
- DSA-3456
- DSA-3456
- 81430
- 81430
- 1034801
- 1034801
- USN-2877-1
- USN-2877-1
- https://code.google.com/p/chromium/issues/detail?id=544765
- https://code.google.com/p/chromium/issues/detail?id=544765
- https://codereview.chromium.org/1455973003
- https://codereview.chromium.org/1455973003
- GLSA-201603-09
- GLSA-201603-09
Modified: 2024-11-21
CVE-2016-1618
Blink, as used in Google Chrome before 48.0.2564.82, does not ensure that a proper cryptographicallyRandomValues random number generator is used, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors.
- http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html
- http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html
- openSUSE-SU-2016:0249
- openSUSE-SU-2016:0249
- openSUSE-SU-2016:0250
- openSUSE-SU-2016:0250
- openSUSE-SU-2016:0271
- openSUSE-SU-2016:0271
- RHSA-2016:0072
- RHSA-2016:0072
- DSA-3456
- DSA-3456
- 81430
- 81430
- 1034801
- 1034801
- USN-2877-1
- USN-2877-1
- https://code.google.com/p/chromium/issues/detail?id=552749
- https://code.google.com/p/chromium/issues/detail?id=552749
- https://codereview.chromium.org/1419293005
- https://codereview.chromium.org/1419293005
- GLSA-201603-09
- GLSA-201603-09
Modified: 2024-11-21
CVE-2016-1619
Multiple integer overflows in the (1) sycc422_to_rgb and (2) sycc444_to_rgb functions in fxcodec/codec/fx_codec_jpx_opj.cpp in PDFium, as used in Google Chrome before 48.0.2564.82, allow remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted PDF document.
- http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html
- http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html
- openSUSE-SU-2016:0249
- openSUSE-SU-2016:0249
- openSUSE-SU-2016:0250
- openSUSE-SU-2016:0250
- openSUSE-SU-2016:0271
- openSUSE-SU-2016:0271
- RHSA-2016:0072
- RHSA-2016:0072
- DSA-3456
- DSA-3456
- 81430
- 81430
- 1034801
- 1034801
- https://code.google.com/p/chromium/issues/detail?id=557223
- https://code.google.com/p/chromium/issues/detail?id=557223
- https://codereview.chromium.org/1521473003
- https://codereview.chromium.org/1521473003
- GLSA-201603-09
- GLSA-201603-09
Modified: 2024-11-21
CVE-2016-1620
Multiple unspecified vulnerabilities in Google Chrome before 48.0.2564.82 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
- http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html
- http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html
- openSUSE-SU-2016:0249
- openSUSE-SU-2016:0249
- openSUSE-SU-2016:0250
- openSUSE-SU-2016:0250
- openSUSE-SU-2016:0271
- openSUSE-SU-2016:0271
- RHSA-2016:0072
- RHSA-2016:0072
- DSA-3456
- DSA-3456
- 81430
- 81430
- 1034801
- 1034801
- USN-2877-1
- USN-2877-1
- https://code.google.com/p/chromium/issues/detail?id=472618
- https://code.google.com/p/chromium/issues/detail?id=472618
- https://code.google.com/p/chromium/issues/detail?id=514080
- https://code.google.com/p/chromium/issues/detail?id=514080
- https://code.google.com/p/chromium/issues/detail?id=531259
- https://code.google.com/p/chromium/issues/detail?id=531259
- https://code.google.com/p/chromium/issues/detail?id=537656
- https://code.google.com/p/chromium/issues/detail?id=537656
- https://code.google.com/p/chromium/issues/detail?id=539563
- https://code.google.com/p/chromium/issues/detail?id=539563
- https://code.google.com/p/chromium/issues/detail?id=545520
- https://code.google.com/p/chromium/issues/detail?id=545520
- https://code.google.com/p/chromium/issues/detail?id=546814
- https://code.google.com/p/chromium/issues/detail?id=546814
- https://code.google.com/p/chromium/issues/detail?id=549155
- https://code.google.com/p/chromium/issues/detail?id=549155
- https://code.google.com/p/chromium/issues/detail?id=551028
- https://code.google.com/p/chromium/issues/detail?id=551028
- https://code.google.com/p/chromium/issues/detail?id=551143
- https://code.google.com/p/chromium/issues/detail?id=551143
- https://code.google.com/p/chromium/issues/detail?id=552681
- https://code.google.com/p/chromium/issues/detail?id=552681
- https://code.google.com/p/chromium/issues/detail?id=553595
- https://code.google.com/p/chromium/issues/detail?id=553595
- https://code.google.com/p/chromium/issues/detail?id=554129
- https://code.google.com/p/chromium/issues/detail?id=554129
- https://code.google.com/p/chromium/issues/detail?id=554172
- https://code.google.com/p/chromium/issues/detail?id=554172
- https://code.google.com/p/chromium/issues/detail?id=561478
- https://code.google.com/p/chromium/issues/detail?id=561478
- https://code.google.com/p/chromium/issues/detail?id=561488
- https://code.google.com/p/chromium/issues/detail?id=561488
- https://code.google.com/p/chromium/issues/detail?id=561497
- https://code.google.com/p/chromium/issues/detail?id=561497
- https://code.google.com/p/chromium/issues/detail?id=562984
- https://code.google.com/p/chromium/issues/detail?id=562984
- https://code.google.com/p/chromium/issues/detail?id=562986
- https://code.google.com/p/chromium/issues/detail?id=562986
- https://code.google.com/p/chromium/issues/detail?id=565049
- https://code.google.com/p/chromium/issues/detail?id=565049
- https://code.google.com/p/chromium/issues/detail?id=565967
- https://code.google.com/p/chromium/issues/detail?id=565967
- https://code.google.com/p/chromium/issues/detail?id=566231
- https://code.google.com/p/chromium/issues/detail?id=566231
- https://code.google.com/p/chromium/issues/detail?id=569170
- https://code.google.com/p/chromium/issues/detail?id=569170
- https://code.google.com/p/chromium/issues/detail?id=570427
- https://code.google.com/p/chromium/issues/detail?id=570427
- https://code.google.com/p/chromium/issues/detail?id=572406
- https://code.google.com/p/chromium/issues/detail?id=572406
- https://code.google.com/p/chromium/issues/detail?id=576383
- https://code.google.com/p/chromium/issues/detail?id=576383
- https://code.google.com/p/chromium/issues/detail?id=579625
- https://code.google.com/p/chromium/issues/detail?id=579625
- GLSA-201603-09
- GLSA-201603-09
Modified: 2024-11-21
CVE-2016-2052
Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via crafted data, as demonstrated by a buffer over-read resulting from an inverted length check in hb-ot-font.cc, a different issue than CVE-2015-8947.
- http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html
- http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html
- openSUSE-SU-2016:2082
- openSUSE-SU-2016:2082
- RHSA-2016:0072
- RHSA-2016:0072
- 81812
- 81812
- 1034801
- 1034801
- USN-2877-1
- USN-2877-1
- USN-3067-1
- USN-3067-1
- https://code.google.com/p/chromium/issues/detail?id=544270
- https://code.google.com/p/chromium/issues/detail?id=544270
- https://code.google.com/p/chromium/issues/detail?id=579625
- https://code.google.com/p/chromium/issues/detail?id=579625
- https://github.com/behdad/harfbuzz/commit/63ef0b41dc48d6112d1918c1b1de9de8ea90adb5
- https://github.com/behdad/harfbuzz/commit/63ef0b41dc48d6112d1918c1b1de9de8ea90adb5
- https://github.com/behdad/harfbuzz/issues/139#issuecomment-148289957
- https://github.com/behdad/harfbuzz/issues/139#issuecomment-148289957
- GLSA-201701-76
- GLSA-201701-76