====================================================================

                           CERT-Renater

               Note d'Information No. 2015/VULN118
_____________________________________________________________________

DATE                : 23/06/2015

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S):  Systems running Google Chrome versions prior to
                                     43.0.2357.130.

======================================================================
http://googlechromereleases.blogspot.fr/2015/06/chrome-stable-update.html
______________________________________________________________________

 Chrome Stable Update


The stable channel has been updated to 43.0.2357.130 for Windows, Mac,
and Linux.  A partial list of changes is available in the log.

Security Fixes and Rewards

Note: Access to bug details and links may be kept restricted until a
majority of users are updated with a fix. We will also retain
restrictions if the bug exists in a third party library that other
projects similarly depend on, but haven’t yet fixed.

Below, we highlight 4 fixes that were contributed by external
researchers. Please see the Chromium security page for more information.

[$5000][464922] High CVE-2015-1266: Scheme validation error in WebUI.
                Credit to anonymous.
[TBD][494640] High CVE-2015-1268: Cross-origin bypass in Blink. Credit
              to Mariusz Mlynski.
[TBD][497507] Medium CVE-2015-1267: Cross-origin bypass in Blink.
              Credit to anonymous.
[TBD][461481] Medium CVE-2015-1269: Normalization error in HSTS/HPKP
              preload list. Credit to Mike Ruddy.

Interested in switching release channels? Find out how. If you find a
new issue, please let us know by filing a bug.

Are you a project manager,  with a technical background, who is
passionate about Chrome and moving the web forward?  We are hiring!

Anthony Laforge
Google Chrome

=========================================================
Serveur de référence du CERT-Renater
https://services.renater.fr/ssi/
==========================================================
+ CERT-RENATER          | tel : 01-53-94-20-44           +
+ 23 - 25 Rue Daviel    | fax : 01-53-94-20-41           +
+ 75013 Paris           | email: cert@support.renater.fr +
==========================================================