{"id":12608,"date":"2016-03-29T14:01:34","date_gmt":"2016-03-29T06:01:34","guid":{"rendered":"https:\/\/www.deepin.org\/?p=9759"},"modified":"2017-01-18T10:07:57","modified_gmt":"2017-01-18T02:07:57","slug":"security-updates-dsa-3531-1-and-dsa-3318-1","status":"publish","type":"post","link":"https:\/\/www.deepin.org.cn\/en\/security-updates-dsa-3531-1-and-dsa-3318-1\/","title":{"rendered":"Security Updates (DSA-3531-1 and DSA-3318-1)"},"content":{"rendered":"<a href=\"https:\/\/www.deepin.org\/wp-content\/uploads\/en8.png\"><img loading=\"lazy\" class=\"aligncenter wp-image-9763\" src=\"https:\/\/www.deepin.org\/wp-content\/uploads\/en8.png\" alt=\"en\" width=\"749\" height=\"321\" \/><\/a><\/p>\n<p>The security vulnerability updates include chromium-browser and expat security updates.<\/p>\n<p>&nbsp;<\/p>\n<h2>Vulnerability Overview<\/h2>\n<p><strong>DSA-3531-1 chromium-browser -- security update<\/strong><\/p>\n<p>Security database\u00a0information:<\/p>\n<ul>\n<li><a href=\"https:\/\/security-tracker.debian.org\/tracker\/CVE-2016-1646\" target=\"_blank\">CVE-2016-1646<\/a>\u00a0: An out-of-bounds read issue was discovered in the v8 library.<\/li>\n<li><a href=\"https:\/\/security-tracker.debian.org\/tracker\/CVE-2016-1647\" target=\"_blank\">CVE-2016-1647<\/a>:\u00a0A use-after-free issue was discovered.<\/li>\n<li><a href=\"https:\/\/security-tracker.debian.org\/tracker\/CVE-2016-1648\" target=\"_blank\">CVE-2016-1648<\/a>:\u00a0A use-after-free issue was discovered in the handling of extensions.<\/li>\n<li><a href=\"https:\/\/security-tracker.debian.org\/tracker\/CVE-2016-1649\" target=\"_blank\">CVE-2016-1649<\/a>:\u00a0lokihardt discovered a buffer overflow issue in the Almost Native Graphics Layer Engine (ANGLE) library.<\/li>\n<li><a href=\"https:\/\/security-tracker.debian.org\/tracker\/CVE-2016-1650\" target=\"_blank\">CVE-2016-1650<\/a>:\u00a0The chrome development team found and fixed various issues during internal auditing. Also multiple issues were fixed in the v8 javascript library, version 4.9.385.33.<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p><strong>DSA-3318-1 expat -- security update<\/strong><\/p>\n<p>Security database\u00a0information:<\/p>\n<ul>\n<li><a href=\"https:\/\/security-tracker.debian.org\/tracker\/CVE-2015-1283\" target=\"_blank\">CVE-2015-1283<\/a>:\u00a0Multiple integer overflows have been discovered in Expat, an XML parsing C library, which may result in denial of service or the execution of arbitrary code if a malformed XML file is processed.<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<h2>Fixing Status<\/h2>\n<p>The problems of chromium-browser have been fixed in version 49.0.2623.108-1; and the problem of expat has been fixed in version 2.1.0-7.<\/p>\n<p>Please update to the latest version of deepin to get these patches.<\/p>\n<p>&nbsp;","protected":false},"excerpt":{"rendered":"<p>The security vulnerability updates include chromium-browser and expat security updates. &nbsp; Vulnerability Overview DSA-3531-1 chromium-browser -- security update Security database\u00a0information: CVE-2016-1646\u00a0: An out-of-bounds read issue was discovered in the v8 library. CVE-2016-1647:\u00a0A use-after-free issue was discovered. CVE-2016-1648:\u00a0A use-after-free issue was discovered in the handling of extensions. CVE-2016-1649:\u00a0lokihardt discovered a buffer overflow issue in the Almost Native Graphics Layer Engine (ANGLE) library. CVE-2016-1650:\u00a0The chrome development team found and fixed various issues during internal auditing. Also multiple issues were fixed in the v8 javascript library, version 4.9.385.33. &nbsp; DSA-3318-1 expat -- security update Security database\u00a0information: CVE-2015-1283:\u00a0Multiple integer overflows have been discovered in ...<a href=https:\/\/www.deepin.org.cn\/en\/security-updates-dsa-3531-1-and-dsa-3318-1\/>Read more<\/a><\/p>\n","protected":false},"author":1,"featured_media":12641,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[75],"tags":[],"_links":{"self":[{"href":"https:\/\/www.deepin.org.cn\/en\/wp-json\/wp\/v2\/posts\/12608"}],"collection":[{"href":"https:\/\/www.deepin.org.cn\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.deepin.org.cn\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.deepin.org.cn\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.deepin.org.cn\/en\/wp-json\/wp\/v2\/comments?post=12608"}],"version-history":[{"count":4,"href":"https:\/\/www.deepin.org.cn\/en\/wp-json\/wp\/v2\/posts\/12608\/revisions"}],"predecessor-version":[{"id":21523,"href":"https:\/\/www.deepin.org.cn\/en\/wp-json\/wp\/v2\/posts\/12608\/revisions\/21523"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.deepin.org.cn\/en\/wp-json\/"}],"wp:attachment":[{"href":"https:\/\/www.deepin.org.cn\/en\/wp-json\/wp\/v2\/media?parent=12608"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.deepin.org.cn\/en\/wp-json\/wp\/v2\/categories?post=12608"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.deepin.org.cn\/en\/wp-json\/wp\/v2\/tags?post=12608"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}