Candidate: CVE-2015-1297
PublicDate: 2015-09-03 22:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1297
 http://googlechromereleases.blogspot.ca/2015/09/stable-channel-update.html
Description:
 The WebRequest API implementation in
 extensions/browser/api/web_request/web_request_api.cc in Google Chrome
 before 45.0.2454.85 does not properly consider a request's source before
 accepting the request, which allows remote attackers to bypass intended
 access restrictions via a crafted (1) app or (2) extension.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_chromium-browser:
upstream_chromium-browser: released (45.0.2454.85)
precise_chromium-browser: ignored
trusty_chromium-browser: released (45.0.2454.85-0ubuntu0.14.04.1.1097)
trusty/esm_chromium-browser: DNE (trusty was released [45.0.2454.85-0ubuntu0.14.04.1.1097])
vivid_chromium-browser: released (45.0.2454.85-0ubuntu0.15.04.1.1181)
wily_chromium-browser: released (45.0.2454.85-0ubuntu1.1198)
devel_chromium-browser: released (45.0.2454.85-0ubuntu1.1198)

Patches_oxide-qt:
upstream_oxide-qt: not-affected
precise_oxide-qt: DNE
trusty_oxide-qt: not-affected
trusty/esm_oxide-qt: DNE (trusty was not-affected)
vivid_oxide-qt: not-affected
wily_oxide-qt: not-affected
devel_oxide-qt: not-affected