The Debian Project announced earlier that an update is available for the Chromium web browser, promising to patch various security vulnerabilities discovered upstream.
According to, the Chromium web browser was updated to version 51.0.2704.79 for Debian Stable, Debian Testing, and Debian Unstable, patching cross-origin bypass issues discovered in both the Blink and WebKit engines, as well as in the bindings to extensions.
Moreover, it would appear that there was an information leak discovered by Rob Wu in the Chromium web browser since version 51.0.2704.63 that has been fixed as well, along with two use-after-free issues in the autofill feature and extensions, also discovered by Rob Wu.
Lastly, the Developer Tools feature of the Chromium web browser was affected by an issue discovered by Gregory Panakkal, which has been documented at, and an out-of-bounds read issue plagued the Skia open-source 2D graphics library used by Chromium to draw text, images, and geometries.
All users who use Chromium are urged to update
The issues have been documented in their respective CVEs mentioned in the security advisory. Debian Project recommends all users who are running the open-source Chromium web browser to update it to the latest version available in the main software repositories of their distribution as soon as possible.
The update is already available there, so all you have to do is to use your favorite package manager and install it. For those running Chromium on Debian GNU/Linux 8 “Jessie,” the security issues mentioned above have been fixed in version 51.0.2704.79-1~deb8u1. On the other hand, if Debian Sid (Unstable) users can update to Chromium 51.0.2704.79-1 as well.
Unfortunately, users of Debian GNU/Linux 9 “Stretch” will receive the new release in the next few days. In related news, the Debian Project announced the other day the availability of theupdates, so if you’re using one of these releases, please update it immediately.