Five days ago, Chromium 50 was announced on the Google Chrome Releases blog. The 64bit package was built soon after, but then I needed my server’s processing power for the new KDE Plasma5 releases that have become available (Frameworks, Plasma) or will soon become available (Applications) and those required an update of the Qt5 package to 5.6.0… timeconsuming to build I can assure you! Especially if the build fails right at the end of 7 hours of compilation and a patch needs to be written…
So reserving time to compile the 32bit package for chromium took a while. And remember, even though I can still provide a 32bit Chromium browser, Google has ceased providing a 32bit version of their own Chrome browser – which means, no more updates to the 32bit PepperFlash and Widevine plugins.
This new release (50.0.2661.75) addresses a couple of security issues – some of these have a CVE number:
- [$7500] High CVE-2016-1652: Universal XSS in extension bindings. Credit to anonymous.
- [$5000] High CVE-2016-1653: Out-of-bounds write in V8. Credit to Choongwoo Han.
-  Medium CVE-2016-1651: Out-of-bounds read in Pdfium JPEG2000 decoding. Credit to kdot working with HP’s Zero Day Initiative.
- [$1500] Medium CVE-2016-1654: Uninitialized memory read in media. Credit to Atte Kettunen of OUSPG.
- [$1500] Medium CVE-2016-1655: Use-after-free related to extensions. Credit to Rob Wu.
- [$500] Medium CVE-2016-1656: Android downloaded file path restriction bypass. Credit to Dzmitry Lukyanenko.
- [$1000] Medium CVE-2016-1657: Address bar spoofing. Credit to Luan Herrera.
- [$500] Low CVE-2016-1658: Potential leak of sensitive information to malicious extensions. Credit to Antonio Sanso (@asanso) of Adobe.
-  CVE-2016-1659: Various fixes from internal audits, fuzzing and other initiatives.
As always, it is strongly advised to upgrade to this new version of Chromium. Get my chromium packages in one of the usual locations:
- http://slackware.com/~alien/slackbuilds/ (primary server)
- http://bear.alienbase.nl/mirrors/people/alien/slackbuilds/ (my own fast mirror)
- http://slackware.uk/people/alien/slackbuilds/ (UK mirror – fast & preferred, also has rsync access)
- http://alien.slackbook.org/slackbuilds/ (US mirror)
The widevine and pepperflash plugin packagess for chromium can be found in the same repository. The 64bit versions of these plugins were both updated with new libraries extracted from the official Google Chrome for Linux.
Have fun! Eric
Thank you, great packages!
Thank you Eric! So far it’s workin OK here.
Installed the latest “chromium-50.0.2661.75-x86_64-1alien.txz” in 0.8.0
Get following error message :
root@darkstar:/home/live /usr/bin/chromium: line 16: /usr/lib64/chromium/chromium: cannot execute binary file: Exec format error
/usr/bin/chromium: line 16: /usr/lib64/chromium/chromium: Success
Anything I can do?
The error “cannot execute binary file: Exec format error” usually means you are trying to run 64bit code on a 32bit OS. Did you per chance download and use the 32bit Slackware Live ISO?
Thank you : you are right.
Should have known. Feeling so stupid …
I highly appreciate binary Chromium packages by Eric. I’ve noticed an issue for the last few releases. When I exit Chromium, the processes keep running in the background. I unchecked one option in the Settings (‘Continue running background apps when Chromium is closed’) but that doesn’t solve the issue. I did find some threads on the Internet but they are without any clear resolution.
Ahmad I have noticed that behaviour here. When I disable “Continue running background apps when Chromium is closed” then after closing Chromium, no remaining chromium processes are seen in “ps ax” output.
It might not belong here, as it’s a specific issue. I ran ‘chromium-browser’ from the command line and after I close the browser, control doesn’t come back to the terminal. I had to to Ctrl+C. Errors/messages it threw out:
Chrome/chromium by default starts a background process which keeps running if you close the browser window. That is the reason why your command prompt does not return.
In that case, you should see an icon in your system tray where you can disable the backgroupd process. Or else you can disable this behaviour in the browser settings before closing all windows.