[Desktop-packages] [Bug 1619911] Re: Security - CVE-2016-5267 - not fixed

vsespb Wed, 07 Sep 2016 04:16:28 -0700

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to chromium-browser in Ubuntu.
https://bugs.launchpad.net/bugs/1619911


Title:
  Security - CVE-2016-5267 - not fixed

Status in chromium-browser package in Ubuntu:
  New

Bug description:
  chromium-broswer

  # apt-cache policy chromium-browser
  chromium-browser:
    Installed: 37.0.2062.120-0ubuntu0.12.04.3
    Candidate: 37.0.2062.120-0ubuntu0.12.04.3
    Version table:
   *** 37.0.2062.120-0ubuntu0.12.04.3 0
          500 http://ru.archive.ubuntu.com/ubuntu/ precise-updates/universe 
amd64 Packages
          500 http://security.ubuntu.com/ubuntu/ precise-security/universe 
amd64 Packages
          100 /var/lib/dpkg/status
       18.0.1025.151~r130497-0ubuntu1 0
          500 http://ru.archive.ubuntu.com/ubuntu/ precise/universe amd64 
Packages


  affected by http://www.rafayhackingarticles.net/2016/08/google-chrome-
  firefox-address-bar.html

  i.e. if I go to URL http://127.0.0.1/%EF%B9%B0/http://google.com/test
  I see "google.com" domain in address bar

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1619911/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to     : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1619911] Re: Security - CVE-2016-5267 - not fixed

Reply via email to