CVE-2017-5096

Priority
Medium
Description
Insufficient policy enforcement during navigation between different schemes
in Google Chrome prior to 60.0.3112.78 for Android allowed a remote
attacker to perform cross origin content download via a crafted HTML page,
related to intents.
References
Package
Upstream:released (60.0.3112.78)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):released (60.0.3112.78-0ubuntu0.14.04.1190)
Ubuntu 16.04 LTS (Xenial Xerus):released (60.0.3112.78-0ubuntu0.16.04.1293)
Ubuntu 17.04 (Zesty Zapus):released (60.0.3112.78-0ubuntu0.17.04.1363)
Ubuntu 17.10 (Artful Aardvark):released (60.0.3112.78-0ubuntu1.1363)
Ubuntu 18.04 LTS (Bionic Beaver):released (60.0.3112.78-0ubuntu1.1363)
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):needed
Ubuntu 16.04 LTS (Xenial Xerus):needs-triage
Ubuntu 17.04 (Zesty Zapus):ignored (reached end-of-life)
Ubuntu 17.10 (Artful Aardvark):needs-triage
Ubuntu 18.04 LTS (Bionic Beaver):DNE
More Information

Updated: 2018-01-15 13:27:42 UTC (commit 14005)