RHSA-2016:2919-1: Important: chromium-browser security update

An update for chromium-browser is now to be had for Crimson Hat Undertaking Linux 6Supplementary.Crimson Hat Product Security has rated this update as having a security have an effect on ofImportant.

A Commonplace Vulnerability Scoring Machine (CVSS) base ranking, which givesa detailed severity score, is to be had for every vulnerability from the CVElink(s) within the References segment.
Chromium is an open-source internet browser, powered through WebKit (Blink).This update upgrades Chromium to model 55.0.2883.75.Security Repair(es):* More than one flaws had been discovered within the processing of malformed internet content material.

A webpage containing malicious content material may just trigger Chromium to crash, executearbitrary code, or expose delicate knowledge when visited through the sufferer.(CVE-2016-5203, CVE-2016-5204, CVE-2016-5205, CVE-2016-5206, CVE-2016-5207,CVE-2016-5208, CVE-2016-5209, CVE-2016-5210, CVE-2016-5211, CVE-2016-5212,CVE-2016-5213, CVE-2016-9651, CVE-2016-9652, CVE-2016-5214, CVE-2016-5215,CVE-2016-5216, CVE-2016-5217, CVE-2016-5218, CVE-2016-5219, CVE-2016-5220,CVE-2016-5221, CVE-2016-5222, CVE-2016-5223, CVE-2016-5224, CVE-2016-5225,CVE-2016-5226, CVE-2016-9650)
For main points on how you can follow this update, which incorporates the adjustments described inthis advisory, confer with:https://get entry to.redhat.com/articles/11258After putting in the update, Chromium should be restarted for the adjustments to takeeffect.Crimson Hat Undertaking Linux Desktop Supplementary (v. 6)

IA-32:
chromium-browser-55.0.2883.75-1.el6.i686.rpm
    MD5: 6ce9553417cd7cddbceb04c63109a198SHA-256: 04d12ea75c416b07d194a728a5fb793e9b901fd4c413e63166fc6d701866ace5
chromium-browser-debuginfo-55.0.2883.75-1.el6.i686.rpm
    MD5: 793121303496d82e75eeb3a3c6c0c194SHA-256: c3ea75fa85b82d04ee7688e14d3e3ebb9a9171a7de05c6f3dc1e38650bdf21c7
 
x86_64:
chromium-browser-55.0.2883.75-1.el6.x86_64.rpm
    MD5: 08368e57b39944c03839be6ee4f5adedSHA-256: 93698d3b303edcd46228a6a833813c3a10b07119fae6783874869ff15277cf0b
chromium-browser-debuginfo-55.0.2883.75-1.el6.x86_64.rpm
    MD5: 8720e72acb79d7c1e003e60d43effaa4SHA-256: 57c4adba3beb57a2f160018045f83824cece62facebook74099198fb7b3052dff19b08
 
Crimson Hat Undertaking Linux Server Supplementary (v. 6)

IA-32:
chromium-browser-55.0.2883.75-1.el6.i686.rpm
    MD5: 6ce9553417cd7cddbceb04c63109a198SHA-256: 04d12ea75c416b07d194a728a5fb793e9b901fd4c413e63166fc6d701866ace5
chromium-browser-debuginfo-55.0.2883.75-1.el6.i686.rpm
    MD5: 793121303496d82e75eeb3a3c6c0c194SHA-256: c3ea75fa85b82d04ee7688e14d3e3ebb9a9171a7de05c6f3dc1e38650bdf21c7
 
x86_64:
chromium-browser-55.0.2883.75-1.el6.x86_64.rpm
    MD5: 08368e57b39944c03839be6ee4f5adedSHA-256: 93698d3b303edcd46228a6a833813c3a10b07119fae6783874869ff15277cf0b
chromium-browser-debuginfo-55.0.2883.75-1.el6.x86_64.rpm
    MD5: 8720e72acb79d7c1e003e60d43effaa4SHA-256: 57c4adba3beb57a2f160018045f83824cece62facebook74099198fb7b3052dff19b08
 
Crimson Hat Undertaking Linux Workstation Supplementary (v. 6)

IA-32:
chromium-browser-55.0.2883.75-1.el6.i686.rpm
    MD5: 6ce9553417cd7cddbceb04c63109a198SHA-256: 04d12ea75c416b07d194a728a5fb793e9b901fd4c413e63166fc6d701866ace5
chromium-browser-debuginfo-55.0.2883.75-1.el6.i686.rpm
    MD5: 793121303496d82e75eeb3a3c6c0c194SHA-256: c3ea75fa85b82d04ee7688e14d3e3ebb9a9171a7de05c6f3dc1e38650bdf21c7
 
x86_64:
chromium-browser-55.0.2883.75-1.el6.x86_64.rpm
    MD5: 08368e57b39944c03839be6ee4f5adedSHA-256: 93698d3b303edcd46228a6a833813c3a10b07119fae6783874869ff15277cf0b
chromium-browser-debuginfo-55.0.2883.75-1.el6.x86_64.rpm
    MD5: 8720e72acb79d7c1e003e60d43effaa4SHA-256: 57c4adba3beb57a2f160018045f83824cece62facebook74099198fb7b3052dff19b08
 
(The unlinked applications above are best to be had from the Crimson Hat Community)

1400850 – CVE-2016-9651 chromium-browser: non-public assets get entry to in v81400851 – CVE-2016-5208 chromium-browser: common xss in blink1400852 – CVE-2016-5207 chromium-browser: common xss in blink1400853 – CVE-2016-5206 chromium-browser: same-origin bypass in pdfium1400854 – CVE-2016-5205 chromium-browser: common xss in blink1400855 – CVE-2016-5204 chromium-browser: common xss in blink1400856 – CVE-2016-5209 chromium-browser: out of bounds write in blink1400857 – CVE-2016-5203 chromium-browser: use after unfastened in pdfium1400859 – CVE-2016-5210 chromium-browser: out of bounds write in pdfium1400861 – CVE-2016-5212 chromium-browser: native report disclosure in devtools1400862 – CVE-2016-5211 chromium-browser: use after unfastened in pdfium1400863 – CVE-2016-5213 chromium-browser: use after unfastened in v81400864 – CVE-2016-5214 chromium-browser: report obtain coverage bypass1400865 – CVE-2016-5216 chromium-browser: use after unfastened in pdfium1400866 – CVE-2016-5215 chromium-browser: use after unfastened in webaudio1400867 – CVE-2016-5217 chromium-browser: use of unvalidated information in pdfium1400868 – CVE-2016-5218 chromium-browser: deal with spoofing in omnibox1400869 – CVE-2016-5219 chromium-browser: use after unfastened in v81400870 – CVE-2016-5221 chromium-browser: integer overflow in perspective1400871 – CVE-2016-5220 chromium-browser: native report get entry to in pdfium1400872 – CVE-2016-5222 chromium-browser: deal with spoofing in omnibox1400873 – CVE-2016-9650 chromium-browser: csp referrer disclosure1400875 – CVE-2016-5223 chromium-browser: integer overflow in pdfium1400876 – CVE-2016-5226 chromium-browser: restricted xss in blink1400877 – CVE-2016-5225 chromium-browser: csp bypass in blink1400878 – CVE-2016-5224 chromium-browser: same-origin bypass in svg1400879 – CVE-2016-9652 chromium-browser: quite a lot of fixes from inside audits

Those applications are GPG signed through Crimson Hat for security. Our key and main points on how to ensure the signature are to be had from: