The stable channel has been updated to 51.0.2704.103 for Windows, Mac, and Linux. This update includes 3 security fixes. As usual, our ongoing internal security work was responsible for a wide range of fixes: CVE-2016-1704: Various fixes from internal audits, fuzzing and other initiatives. Including older CVE's for a missed release...
CVE-2016-1703 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1703): Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.79 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. CVE-2016-1702 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1702): The SkRegion::readFromMemory function in core/SkRegion.cpp in Skia, as used in Google Chrome before 51.0.2704.79, does not validate the interval count, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted serialized data. CVE-2016-1701 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1701): The Autofill implementation in Google Chrome before 51.0.2704.79 mishandles the interaction between field updates and JavaScript code that triggers a frame deletion, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site, a different vulnerability than CVE-2016-1690. CVE-2016-1700 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1700): extensions/renderer/runtime_custom_bindings.cc in Google Chrome before 51.0.2704.79 does not consider side effects during creation of an array of extension views, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors related to extensions. CVE-2016-1699 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1699): WebKit/Source/devtools/front_end/devtools.js in the Developer Tools (aka DevTools) subsystem in Blink, as used in Google Chrome before 51.0.2704.79, does not ensure that the remoteFrontendUrl parameter is associated with a chrome-devtools-frontend.appspot.com URL, which allows remote attackers to bypass intended access restrictions via a crafted URL. CVE-2016-1698 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1698): The createCustomType function in extensions/renderer/resources/binding.js in the extension bindings in Google Chrome before 51.0.2704.79 does not validate module types, which might allow attackers to load arbitrary modules or obtain sensitive information by leveraging a poisoned definition. CVE-2016-1697 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1697): The FrameLoader::startLoad function in WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 51.0.2704.79, does not prevent frame navigations during DocumentLoader detach operations, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code.
51.0.2704.103 has been added to the gentoo repo and may be stabilized.
Arches, please test and mark stable: =www-client/chromium-51.0.2704.103 Target Keywords : "amd64 x86" Thank you!
amd64 stable
It appears google-chrome-stable_51.0.2704.103-1_amd64.deb has been removed from the repository and replaced with google-chrome-stable_51.0.2704.106-1_amd64.deb. >>> Downloading 'https://dl.google.com/linux/chrome/deb/pool/main/g/google-chrome-stable/google-chrome-stable_51.0.2704.103-1_amd64.deb' --2016-06-25 16:25:54-- https://dl.google.com/linux/chrome/deb/pool/main/g/google-chrome-stable/google-chrome-stable_51.0.2704.103-1_amd64.deb Resolving dl.google.com... 2a00:1450:4009:811::200e, 216.58.213.174 Connecting to dl.google.com|2a00:1450:4009:811::200e|:443... connected. HTTP request sent, awaiting response... 404 Not Found 2016-06-25 16:25:54 ERROR 404: Not Found.
(In reply to Steven Davies from comment #5) > It appears google-chrome-stable_51.0.2704.103-1_amd64.deb has been removed > from the repository and replaced with > google-chrome-stable_51.0.2704.106-1_amd64.deb. > > >>> Downloading 'https://dl.google.com/linux/chrome/deb/pool/main/g/google-chrome-stable/google-chrome-stable_51.0.2704.103-1_amd64.deb' > --2016-06-25 16:25:54-- > https://dl.google.com/linux/chrome/deb/pool/main/g/google-chrome-stable/ > google-chrome-stable_51.0.2704.103-1_amd64.deb > Resolving dl.google.com... 2a00:1450:4009:811::200e, 216.58.213.174 > Connecting to dl.google.com|2a00:1450:4009:811::200e|:443... connected. > HTTP request sent, awaiting response... 404 Not Found > 2016-06-25 16:25:54 ERROR 404: Not Found. The package should be mirrored on Gentoo mirrors. If this is still not working, please open another non-security bug. Thank you.
(In reply to Steven Davies from comment #5) Chromium and google-chrome are separate packages; please do not hijack chromium bug reports to report fetch issues with google-chrome.
x86 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one.
GLSA request filed.
This issue was resolved and addressed in GLSA 201607-07 at https://security.gentoo.org/glsa/201607-07 by GLSA coordinator Aaron Bauman (b-man).
@maintainer(s), reopening for cleanup. Please clean vulnerable versions.
