{ "Definition": [ { "ID": "oval:org.altlinux.errata:def:20152054", "Version": "oval:org.altlinux.errata:def:20152054", "Class": "patch", "Metadata": { "Title": "ALT-PU-2015-2054: package `chromium` update to version 47.0.2526.73-alt1", "AffectedList": [ { "Family": "unix", "Platforms": [ "ALT Linux branch c9f2" ], "Products": [ "ALT SPWorkstation", "ALT SPServer" ] } ], "References": [ { "RefID": "ALT-PU-2015-2054", "RefURL": "https://errata.altlinux.org/ALT-PU-2015-2054", "Source": "ALTPU" }, { "RefID": "BDU:2016-00270", "RefURL": "https://bdu.fstec.ru/vul/2016-00270", "Source": "BDU" }, { "RefID": "BDU:2016-00271", "RefURL": "https://bdu.fstec.ru/vul/2016-00271", "Source": "BDU" }, { "RefID": "BDU:2016-00281", "RefURL": "https://bdu.fstec.ru/vul/2016-00281", "Source": "BDU" }, { "RefID": "CVE-2015-6764", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2015-6764", "Source": "CVE" }, { "RefID": "CVE-2015-6765", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2015-6765", "Source": "CVE" }, { "RefID": "CVE-2015-6766", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2015-6766", "Source": "CVE" }, { "RefID": "CVE-2015-6767", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2015-6767", "Source": "CVE" }, { "RefID": "CVE-2015-6768", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2015-6768", "Source": "CVE" }, { "RefID": "CVE-2015-6769", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2015-6769", "Source": "CVE" }, { "RefID": "CVE-2015-6770", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2015-6770", "Source": "CVE" }, { "RefID": "CVE-2015-6771", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2015-6771", "Source": "CVE" }, { "RefID": "CVE-2015-6772", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2015-6772", "Source": "CVE" }, { "RefID": "CVE-2015-6773", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2015-6773", "Source": "CVE" }, { "RefID": "CVE-2015-6774", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2015-6774", "Source": "CVE" }, { "RefID": "CVE-2015-6775", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2015-6775", "Source": "CVE" }, { "RefID": "CVE-2015-6776", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2015-6776", "Source": "CVE" }, { "RefID": "CVE-2015-6777", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2015-6777", "Source": "CVE" }, { "RefID": "CVE-2015-6778", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2015-6778", "Source": "CVE" }, { "RefID": "CVE-2015-6779", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2015-6779", "Source": "CVE" }, { "RefID": "CVE-2015-6780", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2015-6780", "Source": "CVE" }, { "RefID": "CVE-2015-6781", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2015-6781", "Source": "CVE" }, { "RefID": "CVE-2015-6782", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2015-6782", "Source": "CVE" }, { "RefID": "CVE-2015-6784", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2015-6784", "Source": "CVE" }, { "RefID": "CVE-2015-6785", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2015-6785", "Source": "CVE" }, { "RefID": "CVE-2015-6786", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2015-6786", "Source": "CVE" }, { "RefID": "CVE-2015-6787", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2015-6787", "Source": "CVE" }, { "RefID": "CVE-2015-8478", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2015-8478", "Source": "CVE" }, { "RefID": "CVE-2015-8479", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2015-8479", "Source": "CVE" }, { "RefID": "CVE-2015-8480", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2015-8480", "Source": "CVE" } ], "Description": "This update upgrades chromium to version 47.0.2526.73-alt1. \nSecurity Fix(es):\n\n * BDU:2016-00270: Уязвимость браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2016-00271: Уязвимости браузера Google Chrome, позволяющие нарушителю вызвать отказ в обслуживании или оказать другое воздействие\n\n * BDU:2016-00281: Уязвимость браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании или оказать другое неустановленное воздействие\n\n * CVE-2015-6764: The BasicJsonStringifier::SerializeJSArray function in json-stringifier.h in the JSON stringifier in Google V8, as used in Google Chrome before 47.0.2526.73, improperly loads array elements, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via crafted JavaScript code.\n\n * CVE-2015-6765: Use-after-free vulnerability in content/browser/appcache/appcache_update_job.cc in Google Chrome before 47.0.2526.73 allows remote attackers to execute arbitrary code or cause a denial of service by leveraging the mishandling of AppCache update jobs.\n\n * CVE-2015-6766: Use-after-free vulnerability in the AppCache implementation in Google Chrome before 47.0.2526.73 allows remote attackers with renderer access to cause a denial of service or possibly have unspecified other impact by leveraging incorrect AppCacheUpdateJob behavior associated with duplicate cache selection.\n\n * CVE-2015-6767: Use-after-free vulnerability in content/browser/appcache/appcache_dispatcher_host.cc in the AppCache implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect pointer maintenance associated with certain callbacks.\n\n * CVE-2015-6768: The DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2015-6770.\n\n * CVE-2015-6769: The provisional-load commit implementation in WebKit/Source/bindings/core/v8/WindowProxy.cpp in Google Chrome before 47.0.2526.73 allows remote attackers to bypass the Same Origin Policy by leveraging a delay in window proxy clearing.\n\n * CVE-2015-6770: The DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2015-6768.\n\n * CVE-2015-6771: js/array.js in Google V8, as used in Google Chrome before 47.0.2526.73, improperly implements certain map and filter operations for arrays, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via crafted JavaScript code.\n\n * CVE-2015-6772: The DOM implementation in Blink, as used in Google Chrome before 47.0.2526.73, does not prevent javascript: URL navigation while a document is being detached, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code that improperly interacts with a plugin.\n\n * CVE-2015-6773: The convolution implementation in Skia, as used in Google Chrome before 47.0.2526.73, does not properly constrain row lengths, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via crafted graphics data.\n\n * CVE-2015-6774: Use-after-free vulnerability in the GetLoadTimes function in renderer/loadtimes_extension_bindings.cc in the Extensions implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that modifies a pointer used for reporting loadTimes data.\n\n * CVE-2015-6775: fpdfsdk/src/jsapi/fxjs_v8.cpp in PDFium, as used in Google Chrome before 47.0.2526.73, does not use signatures, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage \"type confusion.\"\n\n * CVE-2015-6776: The opj_dwt_decode_1* functions in dwt.c in OpenJPEG, as used in PDFium in Google Chrome before 47.0.2526.73, allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG 2000 data that is mishandled during a discrete wavelet transform.\n\n * CVE-2015-6777: Use-after-free vulnerability in the ContainerNode::notifyNodeInsertedInternal function in WebKit/Source/core/dom/ContainerNode.cpp in the DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOMCharacterDataModified events for certain detached-subtree insertions.\n\n * CVE-2015-6778: The CJBig2_SymbolDict class in fxcodec/jbig2/JBig2_SymbolDict.cpp in PDFium, as used in Google Chrome before 47.0.2526.73, allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via a PDF document containing crafted data with JBIG2 compression.\n\n * CVE-2015-6779: PDFium, as used in Google Chrome before 47.0.2526.73, does not properly restrict use of chrome: URLs, which allows remote attackers to bypass intended scheme restrictions via a crafted PDF document, as demonstrated by a document with a link to a chrome://settings URL.\n\n * CVE-2015-6780: Use-after-free vulnerability in the Infobars implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted web site, related to browser/ui/views/website_settings/website_settings_popup_view.cc.\n\n * CVE-2015-6781: Integer overflow in the FontData::Bound function in data/font_data.cc in Google sfntly, as used in Google Chrome before 47.0.2526.73, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted offset or length value within font data in an SFNT container.\n\n * CVE-2015-6782: The Document::open function in WebKit/Source/core/dom/Document.cpp in Google Chrome before 47.0.2526.73 does not ensure that page-dismissal event handling is compatible with modal-dialog blocking, which makes it easier for remote attackers to spoof Omnibox content via a crafted web site.\n\n * CVE-2015-6784: The page serializer in Google Chrome before 47.0.2526.73 mishandles Mark of the Web (MOTW) comments for URLs containing a \"--\" sequence, which might allow remote attackers to inject HTML via a crafted URL, as demonstrated by an initial http://example.com?-- substring.\n\n * CVE-2015-6785: The CSPSource::hostMatches function in WebKit/Source/core/frame/csp/CSPSource.cpp in the Content Security Policy (CSP) implementation in Google Chrome before 47.0.2526.73 accepts an x.y hostname as a match for a *.x.y pattern, which might allow remote attackers to bypass intended access restrictions in opportunistic circumstances by leveraging a policy that was intended to be specific to subdomains.\n\n * CVE-2015-6786: The CSPSourceList::matches function in WebKit/Source/core/frame/csp/CSPSourceList.cpp in the Content Security Policy (CSP) implementation in Google Chrome before 47.0.2526.73 accepts a blob:, data:, or filesystem: URL as a match for a * pattern, which allows remote attackers to bypass intended scheme restrictions in opportunistic circumstances by leveraging a policy that relies on this pattern.\n\n * CVE-2015-6787: Multiple unspecified vulnerabilities in Google Chrome before 47.0.2526.73 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.\n\n * CVE-2015-8478: Multiple unspecified vulnerabilities in Google V8 before 4.7.80.23, as used in Google Chrome before 47.0.2526.73, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.\n\n * CVE-2015-8479: Use-after-free vulnerability in the AudioOutputDevice::OnDeviceAuthorized function in media/audio/audio_output_device.cc in Google Chrome before 47.0.2526.73 allows attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact by triggering access to an unauthorized audio output device.\n\n * CVE-2015-8480: The VideoFramePool::PoolImpl::CreateFrame function in media/base/video_frame_pool.cc in Google Chrome before 47.0.2526.73 does not initialize memory for a video-frame data structure, which might allow remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact by leveraging improper interaction with the vp3_h_loop_filter_c function in libavcodec/vp3dsp.c in FFmpeg.", "Advisory": { "From": "errata.altlinux.org", "Severity": "Critical", "Rights": "Copyright 2024 BaseALT Ltd.", "Issued": { "Date": "2015-12-03" }, "Updated": { "Date": "2015-12-03" }, "BDUs": [ { "ID": "BDU:2016-00270", "CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "CWE": "CWE-416", "Href": "https://bdu.fstec.ru/vul/2016-00270", "Impact": "Critical", "Public": "20151206" }, { "ID": "BDU:2016-00271", "CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "CWE": "CWE-17", "Href": "https://bdu.fstec.ru/vul/2016-00271", "Impact": "Critical", "Public": "20151206" }, { "ID": "BDU:2016-00281", "CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "CWE": "CWE-119", "Href": "https://bdu.fstec.ru/vul/2016-00281", "Impact": "Critical", "Public": "20151206" } ], "CVEs": [ { "ID": "CVE-2015-6764", "CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "CWE": "CWE-119", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2015-6764", "Impact": "Critical", "Public": "20151206" }, { "ID": "CVE-2015-6765", "CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "CWE": "NVD-CWE-Other", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2015-6765", "Impact": "Critical", "Public": "20151206" }, { "ID": "CVE-2015-6766", "CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "CWE": "NVD-CWE-Other", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2015-6766", "Impact": "High", "Public": "20151206" }, { "ID": "CVE-2015-6767", "CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "CWE": "NVD-CWE-Other", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2015-6767", "Impact": "High", "Public": "20151206" }, { "ID": "CVE-2015-6768", "CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "CWE": "CWE-264", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2015-6768", "Impact": "High", "Public": "20151206" }, { "ID": "CVE-2015-6769", "CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "CWE": "CWE-264", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2015-6769", "Impact": "High", "Public": "20151206" }, { "ID": "CVE-2015-6770", "CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "CWE": "CWE-264", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2015-6770", "Impact": "High", "Public": "20151206" }, { "ID": "CVE-2015-6771", "CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "CWE": "CWE-119", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2015-6771", "Impact": "High", "Public": "20151206" }, { "ID": "CVE-2015-6772", "CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "CWE": "CWE-264", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2015-6772", "Impact": "High", "Public": "20151206" }, { "ID": "CVE-2015-6773", "CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "CWE": "CWE-119", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2015-6773", "Impact": "High", "Public": "20151206" }, { "ID": "CVE-2015-6774", "CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "CWE": "NVD-CWE-Other", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2015-6774", "Impact": "High", "Public": "20151206" }, { "ID": "CVE-2015-6775", "CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "CWE": "NVD-CWE-Other", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2015-6775", "Impact": "High", "Public": "20151206" }, { "ID": "CVE-2015-6776", "CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "CWE": "CWE-119", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2015-6776", "Impact": "Low", "Public": "20151206" }, { "ID": "CVE-2015-6777", "CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "CWE": "NVD-CWE-Other", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2015-6777", "Impact": "High", "Public": "20151206" }, { "ID": "CVE-2015-6778", "CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "CWE": "CWE-119", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2015-6778", "Impact": "High", "Public": "20151206" }, { "ID": "CVE-2015-6779", "CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "CWE": "CWE-264", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2015-6779", "Impact": "Low", "Public": "20151206" }, { "ID": "CVE-2015-6780", "CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "CWE": "NVD-CWE-Other", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2015-6780", "Impact": "Low", "Public": "20151206" }, { "ID": "CVE-2015-6781", "CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "CWE": "CWE-189", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2015-6781", "Impact": "High", "Public": "20151206" }, { "ID": "CVE-2015-6782", "CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "CWE": "CWE-20", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2015-6782", "Impact": "Low", "Public": "20151206" }, { "ID": "CVE-2015-6784", "CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "CWE": "CWE-20", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2015-6784", "Impact": "Low", "Public": "20151206" }, { "ID": "CVE-2015-6785", "CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "CWE": "CWE-264", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2015-6785", "Impact": "Low", "Public": "20151206" }, { "ID": "CVE-2015-6786", "CVSS": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "CWE": "CWE-264", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2015-6786", "Impact": "Low", "Public": "20151206" }, { "ID": "CVE-2015-6787", "CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "CWE": "NVD-CWE-noinfo", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2015-6787", "Impact": "Critical", "Public": "20151206" }, { "ID": "CVE-2015-8478", "CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "CWE": "NVD-CWE-noinfo", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2015-8478", "Impact": "High", "Public": "20151206" }, { "ID": "CVE-2015-8479", "CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "CWE": "CWE-119", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2015-8479", "Impact": "High", "Public": "20151206" }, { "ID": "CVE-2015-8480", "CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "CWE": "CWE-119", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2015-8480", "Impact": "Critical", "Public": "20151206" } ], "AffectedCPEs": { "CPEs": [ "cpe:/o:alt:spworkstation:8.4", "cpe:/o:alt:spserver:8.4" ] } } }, "Criteria": { "Operator": "AND", "Criterions": [ { "TestRef": "oval:org.altlinux.errata:tst:3001", "Comment": "ALT Linux must be installed" } ], "Criterias": [ { "Operator": "OR", "Criterions": [ { "TestRef": "oval:org.altlinux.errata:tst:20152054001", "Comment": "chromium is earlier than 0:47.0.2526.73-alt1" }, { "TestRef": "oval:org.altlinux.errata:tst:20152054002", "Comment": "chromium-gnome is earlier than 0:47.0.2526.73-alt1" }, { "TestRef": "oval:org.altlinux.errata:tst:20152054003", "Comment": "chromium-kde is earlier than 0:47.0.2526.73-alt1" } ] } ] } } ] }