1
Candidate: CVE-2015-6783
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6783
5
http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html
7
The FindStartOffsetOfFileInZipFile function in crazy_linker_zip.cpp in
8
crazy_linker (aka Crazy Linker) in Android 5.x and 6.x, as used in Google
9
Chrome before 47.0.2526.73, improperly searches for an EOCD record, which
10
allows attackers to bypass a signature-validation requirement via a crafted
14
tyhicks> I doubt Ubuntu is affected here but there's not much info available
18
Discovered-by: Michal Bednarski
21
Patches_chromium-browser:
22
upstream_chromium-browser: released (47.0.2526.73)
23
precise_chromium-browser: ignored
24
trusty_chromium-browser: released (47.0.2526.73-0ubuntu0.14.04.1.1106)
25
vivid_chromium-browser: released (47.0.2526.73-0ubuntu0.15.04.1.1190)
26
wily_chromium-browser: released (47.0.2526.73-0ubuntu0.15.10.1.1215)
27
devel_chromium-browser: released (47.0.2526.73-0ubuntu1.1218)
30
upstream_oxide-qt: not-affected
32
trusty_oxide-qt: not-affected
33
vivid_oxide-qt: not-affected
34
wily_oxide-qt: not-affected
35
devel_oxide-qt: not-affected