CVE-2017-5118

Priority
Description
Blink in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux,
and 61.0.3163.81 for Android, failed to correctly propagate CSP
restrictions to javascript scheme pages, which allowed a remote attacker to
bypass content security policy via a crafted HTML page.
Notes
Package
Upstream:released (61.0.3163.79)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was released [61.0.3163.100-0ubuntu0.14.04.1202])
Ubuntu 16.04 LTS (Xenial Xerus):released (61.0.3163.100-0ubuntu0.16.04.1306)
Ubuntu 18.04 LTS (Bionic Beaver):released (61.0.3163.100-0ubuntu1.1378)
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was ignored [Ubuntu touch end-of-life])
Ubuntu 16.04 LTS (Xenial Xerus):ignored (Ubuntu touch end-of-life)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
More Information

Updated: 2020-09-10 05:39:40 UTC (commit 81a23a978c4436cd99e1d040e9e73e9146876281)