The security vulnerability updates include chromium-browser and expat security updates.
Vulnerability Overview
DSA-3531-1 chromium-browser -- security update
Security database information:
- CVE-2016-1646 : An out-of-bounds read issue was discovered in the v8 library.
- CVE-2016-1647: A use-after-free issue was discovered.
- CVE-2016-1648: A use-after-free issue was discovered in the handling of extensions.
- CVE-2016-1649: lokihardt discovered a buffer overflow issue in the Almost Native Graphics Layer Engine (ANGLE) library.
- CVE-2016-1650: The chrome development team found and fixed various issues during internal auditing. Also multiple issues were fixed in the v8 javascript library, version 4.9.385.33.
DSA-3318-1 expat -- security update
Security database information:
- CVE-2015-1283: Multiple integer overflows have been discovered in Expat, an XML parsing C library, which may result in denial of service or the execution of arbitrary code if a malformed XML file is processed.
Fixing Status
The problems of chromium-browser have been fixed in version 49.0.2623.108-1; and the problem of expat has been fixed in version 2.1.0-7.
Please update to the latest version of deepin to get these patches.