ALT-PU-2015-1814-1
Package v8-chromium updated to version 4.5.103.35-alt1 for branch sisyphus in task 150519.
Closed vulnerabilities
Published: 2015-10-12
BDU:2015-11683
Уязвимость браузера Google Chrome, позволяющая нарушителю обойти существующие ограничения доступа
Severity: HIGH (7.5)
References:
Published: 2015-10-12
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2015-1304
object-observe.js in Google V8, as used in Google Chrome before 45.0.2454.101, does not properly restrict method calls on access-checked objects, which allows remote attackers to bypass the Same Origin Policy via a (1) observe or (2) getNotifier call.
Severity: HIGH (7.5)
References:
- http://googlechromereleases.blogspot.com/2015/09/stable-channel-update_24.html
- http://googlechromereleases.blogspot.com/2015/09/stable-channel-update_24.html
- openSUSE-SU-2015:1719
- openSUSE-SU-2015:1719
- openSUSE-SU-2015:1876
- openSUSE-SU-2015:1876
- RHSA-2015:1841
- RHSA-2015:1841
- DSA-3376
- DSA-3376
- 76844
- 76844
- 1033683
- 1033683
- USN-2757-1
- USN-2757-1
- https://chromium.googlesource.com/v8/v8/+/9b0fb52b57021473aa813f3fb99ad7384a8b86f1
- https://chromium.googlesource.com/v8/v8/+/9b0fb52b57021473aa813f3fb99ad7384a8b86f1
- https://code.google.com/p/chromium/issues/detail?id=531891
- https://code.google.com/p/chromium/issues/detail?id=531891
- GLSA-201603-09
- GLSA-201603-09