Issue metadata
Sign in to add a comment
|
ZDI-CAN-3655: Google Chrome PDFium JPEG Out-Of-Bounds Read Information Disclosure Vulnerability
Reported by
zdi-disc...@hp.com,
Apr 9 2016
|
||||||||||||||||||||||
Issue description
ZDI-CAN-3655: Google Chrome PDFium JPEG Out-Of-Bounds Read Information Disclosure Vulnerability
-- CVSS -----------------------------------------
4.3, AV:N/AC:M/Au:N/C:P/I:N/A:N
-- ABSTRACT -------------------------------------
Trend Micro's Zero Day Initiative has identified a vulnerability affecting the following products:
Google Chrome
-- VULNERABILITY DETAILS ------------------------
* Version tested: Google Chrome 49.0.2623.110
* Platform tested: Win8.1 32 bit.
A malformed JPEG file embedded inside a PDF file would trigger an OOB read condition:
```
(df0.b5c): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
eax=0000007b ebx=0850af70 ecx=0770cfff edx=0770cfe0 esi=0000000a edi=07718fee
eip=5b09c1d2 esp=0107eec0 ebp=0107ef3c iopl=0 nv up ei ng nz na pe cy
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00210287
chrome_child!CPDF_DIBSource::TranslateScanline24bpp+0x19a:
5b09c1d2 8a4101 mov al,byte ptr [ecx+1] ds:0023:0770d000=??
8:056> kvb
ChildEBP RetAddr Args to Child
0107ef3c 5b09ad9f 07718fd0 0770cfe0 0847efd8 chrome_child!CPDF_DIBSource::TranslateScanline24bpp+0x19a (FPO: [Non-Fpo]) (CONV: thiscall) [c:\b\build\slave\win\build\src\third_party\pdfium\core\src\fpdfapi\fpdf_render\fpdf_render_loadimage.cpp @ 980]
0107ef6c 5b0f5a68 0770cfe0 00000000 08508fd8 chrome_child!CPDF_DIBSource::GetScanline+0x37d (FPO: [Non-Fpo]) (CONV: thiscall) [c:\b\build\slave\win\build\src\third_party\pdfium\core\src\fpdfapi\fpdf_render\fpdf_render_loadimage.cpp @ 1194]
0107efb0 5b08845d 00000000 0765afe0 08508fd8 chrome_child!CFX_DIBSource::Clone+0x19f (FPO: [Non-Fpo]) (CONV: thiscall) [c:\b\build\slave\win\build\src\third_party\pdfium\core\src\fxge\dib\fx_dib_main.cpp @ 188]
0107efc0 5b088619 0765afe0 0107f004 5b088696 chrome_child!CPDF_ImageCacheEntry::ContinueGetCachedBitmap+0x3c (FPO: [0,0,0]) (CONV: thiscall) [c:\b\build\slave\win\build\src\third_party\pdfium\core\src\fpdfapi\fpdf_render\fpdf_render_cache.cpp @ 303]
0107efcc 5b088696 00000000 08446fe8 00000000 chrome_child!CPDF_ImageCacheEntry::StartGetCachedBitmap+0x83 (FPO: [Non-Fpo]) (CONV: thiscall) [c:\b\build\slave\win\build\src\third_party\pdfium\core\src\fpdfapi\fpdf_render\fpdf_render_cache.cpp @ 292]
0107f004 5b09bbb4 084a6fe0 00000000 00000000 chrome_child!CPDF_PageRenderCache::StartGetCachedBitmap+0x76 (FPO: [Non-Fpo]) (CONV: thiscall) [c:\b\build\slave\win\build\src\third_party\pdfium\core\src\fpdfapi\fpdf_render\fpdf_render_cache.cpp @ 124]
0107f034 5b09bb6b 08480fb8 08137fb0 0765afe0 chrome_child!CPDF_ImageLoaderHandle::Start+0x44 (FPO: [Non-Fpo]) (CONV: thiscall) [c:\b\build\slave\win\build\src\third_party\pdfium\core\src\fpdfapi\fpdf_render\fpdf_render_loadimage.cpp @ 1560]
0107f064 5b08a132 08137fb0 0765afe0 08480ff4 chrome_child!CPDF_ImageLoader::Start+0x51 (FPO: [Non-Fpo]) (CONV: thiscall) [c:\b\build\slave\win\build\src\third_party\pdfium\core\src\fpdfapi\fpdf_render\fpdf_render_loadimage.cpp @ 1619]
0107f0bc 5b089bd4 08137fb0 0810df50 08097fe4 chrome_child!CPDF_ImageRenderer::StartLoadDIBSource+0x70 (FPO: [Non-Fpo]) (CONV: thiscall) [c:\b\build\slave\win\build\src\third_party\pdfium\core\src\fpdfapi\fpdf_render\fpdf_render_image.cpp @ 335]
0107f0d0 5b0626e6 0810df50 08137fb0 08097fe4 chrome_child!CPDF_ImageRenderer::Start+0x63 (FPO: [Non-Fpo]) (CONV: thiscall) [c:\b\build\slave\win\build\src\third_party\pdfium\core\src\fpdfapi\fpdf_render\fpdf_render_image.cpp @ 475]
0107f0f8 5b062575 08137fb0 08097fe4 0107f1c0 chrome_child!CPDF_RenderStatus::ContinueSingleObject+0x8f (FPO: [Non-Fpo]) (CONV: thiscall) [c:\b\build\slave\win\build\src\third_party\pdfium\core\src\fpdfapi\fpdf_render\fpdf_render.cpp @ 317]
8:056> dd ecx
0770cfff ???????? ???????? ???????? ????????
0770d00f ???????? ???????? ???????? ????????
0770d01f ???????? ???????? ???????? ????????
0770d02f ???????? ???????? ???????? ????????
0770d03f ???????? ???????? ???????? ????????
0770d04f ???????? ???????? ???????? ????????
0770d05f ???????? ???????? ???????? ????????
0770d06f ???????? ???????? ???????? ????????
8:056> dd ecx-0x10
0770cfef 807a8085 807f8078 807c8081 807e807b
0770cfff ???????? ???????? ???????? ????????
0770d00f ???????? ???????? ???????? ????????
0770d01f ???????? ???????? ???????? ????????
0770d02f ???????? ???????? ???????? ????????
0770d03f ???????? ???????? ???????? ????????
0770d04f ???????? ???????? ???????? ????????
0770d05f ???????? ???????? ???????? ????????
8:056> !heap -p -a ecx
address 0770cfff found in
_DPH_HEAP_ROOT @ 2081000
in busy allocation ( DPH_HEAP_BLOCK: UserAddr UserSize - VirtAddr VirtSize)
764271c: 770cfe0 20 - 770c000 2000
68ea94ec verifier!AVrfDebugPageHeapAllocate+0x0000023c
7758154b ntdll!RtlDebugAllocateHeap+0x0000003c
77541333 ntdll!RtlpAllocateHeap+0x00065663
774dad2e ntdll!RtlAllocateHeap+0x0000013e
597a1a34 chrome_child!`anonymous namespace'::win_heap_malloc+0x0000001d
597a1a0b chrome_child!malloc+0x00000027
597a19cb chrome_child!calloc+0x00000027
5b044f10 chrome_child!FX_AllocOrDie+0x0000000e
5b0aa4e1 chrome_child!CCodec_JpegDecoder::Create+0x000000ef
5b0aa552 chrome_child!CCodec_JpegModule::CreateDecoder+0x00000045
5b099cce chrome_child!CPDF_DIBSource::CreateDecoder+0x0000018c
5b09bd8d chrome_child!CPDF_DIBSource::StartLoadDIBSource+0x0000014c
5b0885f6 chrome_child!CPDF_ImageCacheEntry::StartGetCachedBitmap+0x00000060
5b088696 chrome_child!CPDF_PageRenderCache::StartGetCachedBitmap+0x00000076
5b09bbb4 chrome_child!CPDF_ImageLoaderHandle::Start+0x00000044
5b09bb6b chrome_child!CPDF_ImageLoader::Start+0x00000051
5b08a132 chrome_child!CPDF_ImageRenderer::StartLoadDIBSource+0x00000070
5b089bd4 chrome_child!CPDF_ImageRenderer::Start+0x00000063
5b0626e6 chrome_child!CPDF_RenderStatus::ContinueSingleObject+0x0000008f
5b062575 chrome_child!CPDF_ProgressiveRenderer::Continue+0x000001d8
5b03dc64 chrome_child!FPDF_RenderPage_Retail+0x00000204
5b03fdfd chrome_child!FPDF_RenderPageBitmap_Start+0x000000c5
5a91054c chrome_child!chrome_pdf::PDFiumEngine::ContinuePaint+0x000000ed
5a91445a chrome_child!chrome_pdf::PDFiumEngine::Paint+0x00000159
5a91ac09 chrome_child!chrome_pdf::OutOfProcessInstance::OnPaint+0x0000018d
5a91fc47 chrome_child!PaintManager::DoPaint+0x0000013d
5a92003f chrome_child!PaintManager::OnFlushComplete+0x00000022
5a920146 chrome_child!pp::CompletionCallbackFactory<PaintManager,pp::ThreadSafeThreadTraits>::CallbackData<pp::CompletionCallbackFactory<PaintManager,pp::ThreadSafeThreadTraits>::Dispatcher0<void (__thiscall PaintManager::*)(int)> >::Thunk+0x00000022
5ad260e5 chrome_child!PP_RunCompletionCallback+0x0000000e
5afa7897 chrome_child!ppapi::CallWhileUnlocked<void,int,unsigned int,int,unsigned int>+0x00000015
5ad26327 chrome_child!ppapi::TrackedCallback::Run+0x000000ba
5af8c500 chrome_child!ppapi::proxy::Graphics2DResource::OnPluginMsgFlushACK+0x00000011
8:056> ub @eip
chrome_child!CPDF_DIBSource::TranslateScanline24bpp+0x17e [c:\b\build\slave\win\build\src\third_party\pdfium\core\src\fpdfapi\fpdf_render\fpdf_render_loadimage.cpp @ 975]:
5b09c1b6 8a41f8 mov al,byte ptr [ecx-8]
5b09c1b9 8847ff mov byte ptr [edi-1],al
5b09c1bc 3b7308 cmp esi,dword ptr [ebx+8]
5b09c1bf 7ce4 jl chrome_child!CPDF_DIBSource::TranslateScanline24bpp+0x16d (5b09c1a5)
5b09c1c1 e93b030000 jmp chrome_child!CPDF_DIBSource::TranslateScanline24bpp+0x4c9 (5b09c501)
5b09c1c6 397308 cmp dword ptr [ebx+8],esi
5b09c1c9 0f8e32030000 jle chrome_child!CPDF_DIBSource::TranslateScanline24bpp+0x4c9 (5b09c501)
5b09c1cf 8d4a01 lea ecx,[edx+1]
8:056> u
chrome_child!CPDF_DIBSource::TranslateScanline24bpp+0x19a [c:\b\build\slave\win\build\src\third_party\pdfium\core\src\fpdfapi\fpdf_render\fpdf_render_loadimage.cpp @ 980]:
5b09c1d2 8a4101 mov al,byte ptr [ecx+1]
5b09c1d5 46 inc esi
5b09c1d6 8807 mov byte ptr [edi],al
5b09c1d8 8d7f03 lea edi,[edi+3]
5b09c1db 8a01 mov al,byte ptr [ecx]
5b09c1dd 8d4903 lea ecx,[ecx+3]
5b09c1e0 8847fe mov byte ptr [edi-2],al
5b09c1e3 8a41fc mov al,byte ptr [ecx-4]
8:056> u
chrome_child!CPDF_DIBSource::TranslateScanline24bpp+0x1ae [c:\b\build\slave\win\build\src\third_party\pdfium\core\src\fpdfapi\fpdf_render\fpdf_render_loadimage.cpp @ 983]:
5b09c1e6 8847ff mov byte ptr [edi-1],al
5b09c1e9 3b7308 cmp esi,dword ptr [ebx+8]
5b09c1ec 7ce4 jl chrome_child!CPDF_DIBSource::TranslateScanline24bpp+0x19a (5b09c1d2)
5b09c1ee e90e030000 jmp chrome_child!CPDF_DIBSource::TranslateScanline24bpp+0x4c9 (5b09c501)
5b09c1f3 ff7360 push dword ptr [ebx+60h]
5b09c1f6 8d4db8 lea ecx,[ebp-48h]
5b09c1f9 e8d047feff call chrome_child!CFX_FixedBufGrow<float,16>::CFX_FixedBufGrow<float,16> (5b0809ce)
5b09c1fe 8b45f8 mov eax,dword ptr [ebp-8]
8:056> kvb
ChildEBP RetAddr Args to Child
0107ef3c 5b09ad9f 07718fd0 0770cfe0 0847efd8 chrome_child!CPDF_DIBSource::TranslateScanline24bpp+0x19a (FPO: [Non-Fpo]) (CONV: thiscall) [c:\b\build\slave\win\build\src\third_party\pdfium\core\src\fpdfapi\fpdf_render\fpdf_render_loadimage.cpp @ 980]
0107ef6c 5b0f5a68 0770cfe0 00000000 08508fd8 chrome_child!CPDF_DIBSource::GetScanline+0x37d (FPO: [Non-Fpo]) (CONV: thiscall) [c:\b\build\slave\win\build\src\third_party\pdfium\core\src\fpdfapi\fpdf_render\fpdf_render_loadimage.cpp @ 1194]
0107efb0 5b08845d 00000000 0765afe0 08508fd8 chrome_child!CFX_DIBSource::Clone+0x19f (FPO: [Non-Fpo]) (CONV: thiscall) [c:\b\build\slave\win\build\src\third_party\pdfium\core\src\fxge\dib\fx_dib_main.cpp @ 188]
0107efc0 5b088619 0765afe0 0107f004 5b088696 chrome_child!CPDF_ImageCacheEntry::ContinueGetCachedBitmap+0x3c (FPO: [0,0,0]) (CONV: thiscall) [c:\b\build\slave\win\build\src\third_party\pdfium\core\src\fpdfapi\fpdf_render\fpdf_render_cache.cpp @ 303]
0107efcc 5b088696 00000000 08446fe8 00000000 chrome_child!CPDF_ImageCacheEntry::StartGetCachedBitmap+0x83 (FPO: [Non-Fpo]) (CONV: thiscall) [c:\b\build\slave\win\build\src\third_party\pdfium\core\src\fpdfapi\fpdf_render\fpdf_render_cache.cpp @ 292]
0107f004 5b09bbb4 084a6fe0 00000000 00000000 chrome_child!CPDF_PageRenderCache::StartGetCachedBitmap+0x76 (FPO: [Non-Fpo]) (CONV: thiscall) [c:\b\build\slave\win\build\src\third_party\pdfium\core\src\fpdfapi\fpdf_render\fpdf_render_cache.cpp @ 124]
0107f034 5b09bb6b 08480fb8 08137fb0 0765afe0 chrome_child!CPDF_ImageLoaderHandle::Start+0x44 (FPO: [Non-Fpo]) (CONV: thiscall) [c:\b\build\slave\win\build\src\third_party\pdfium\core\src\fpdfapi\fpdf_render\fpdf_render_loadimage.cpp @ 1560]
0107f064 5b08a132 08137fb0 0765afe0 08480ff4 chrome_child!CPDF_ImageLoader::Start+0x51 (FPO: [Non-Fpo]) (CONV: thiscall) [c:\b\build\slave\win\build\src\third_party\pdfium\core\src\fpdfapi\fpdf_render\fpdf_render_loadimage.cpp @ 1619]
0107f0bc 5b089bd4 08137fb0 0810df50 08097fe4 chrome_child!CPDF_ImageRenderer::StartLoadDIBSource+0x70 (FPO: [Non-Fpo]) (CONV: thiscall) [c:\b\build\slave\win\build\src\third_party\pdfium\core\src\fpdfapi\fpdf_render\fpdf_render_image.cpp @ 335]
0107f0d0 5b0626e6 0810df50 08137fb0 08097fe4 chrome_child!CPDF_ImageRenderer::Start+0x63 (FPO: [Non-Fpo]) (CONV: thiscall) [c:\b\build\slave\win\build\src\third_party\pdfium\core\src\fpdfapi\fpdf_render\fpdf_render_image.cpp @ 475]
0107f0f8 5b062575 08137fb0 08097fe4 0107f1c0 chrome_child!CPDF_RenderStatus::ContinueSingleObject+0x8f (FPO: [Non-Fpo]) (CONV: thiscall) [c:\b\build\slave\win\build\src\third_party\pdfium\core\src\fpdfapi\fpdf_render\fpdf_render.cpp @ 317]
8:056> lmvm chrome_child
start end module name
597a0000 5c282000 chrome_child (private pdb symbols) c:\code\symbols\chrome_child.dll.pdb\F587A5884CB54B10935706130E5A161C1\chrome_child.dll.pdb
Loaded symbol image file: c:\Program Files\Google\Chrome\Application\49.0.2623.110\chrome_child.dll
Image path: c:\Program Files\Google\Chrome\Application\49.0.2623.110\chrome_child.dll
Image name: chrome_child.dll
Timestamp: Fri Mar 25 17:29:46 2016 (56F5D7FA)
CheckSum: 0298F398
ImageSize: 02AE2000
File version: 49.0.2623.110
Product version: 49.0.2623.110
File flags: 0 (Mask 17)
File OS: 4 Unknown Win32
File type: 1.0 App
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Google Inc.
ProductName: Google Chrome
InternalName: chrome_dll
OriginalFilename: chrome.dll
ProductVersion: 49.0.2623.110
FileVersion: 49.0.2623.110
FileDescription: Google Chrome
LegalCopyright: Copyright 2015 Google Inc. All rights reserved.
8:056> vertarget
Windows 7 Version 9200 UP Free x86 compatible
Product: WinNt, suite: SingleUserTS
kernel32.dll version: 6.3.9600.18217 (winblue_ltsb.160124-0053)
Machine Name:
Debug session time: Wed Apr 6 12:44:49.545 2016 (GMT-7)
System Uptime: 0 days 4:48:41.342
Process Uptime: 0 days 0:00:26.681
Kernel time: 0 days 0:00:00.015
User time: 0 days 0:00:00.015
```
-- CREDIT ---------------------------------------
This vulnerability was discovered by:
kdot working with Trend Micro's Zero Day Initiative
-- FURTHER DETAILS ------------------------------
If supporting files were contained with this report they are provided within a password protected ZIP file. The password is the ZDI candidate number in the form: ZDI-CAN-XXXX where XXXX is the ID number.
Please confirm receipt of this report. We expect all vendors to remediate ZDI vulnerabilities within 120 days of the reported date. If you are ready to release a patch at any point leading up to the deadline, please coordinate with us so that we may release our advisory detailing the issue. If the 120-day deadline is reached and no patch has been made available we will release a limited public advisory with our own mitigations, so that the public can protect themselves in the absence of a patch. Please keep us updated regarding the status of this issue and feel free to contact us at any time:
Zero Day Initiative
zdi-disclosures@trendmicro.com
The PGP key used for all ZDI vendor communications is available from:
http://www.zerodayinitiative.com/documents/disclosures-pgp-key.asc
-- INFORMATION ABOUT THE ZDI ---------------------
Established by TippingPoint and acquired by Trend Micro, the Zero Day Initiative (ZDI) neither re-sells vulnerability details nor exploit code. Instead, upon notifying the affected product vendor, the ZDI provides its Trend Micro TippingPoint customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available.
Please contact us for further details or refer to:
http://www.zerodayinitiative.com
-- DISCLOSURE POLICY ----------------------------
Our vulnerability disclosure policy is available online at:
http://www.zerodayinitiative.com/advisories/disclosure_policy/
,
Apr 11 2016
ClusterFuzz is analyzing your testcase. Developers can follow the progress at https://cluster-fuzz.appspot.com/testcase?key=5751108923817984
,
Apr 11 2016
Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5751108923817984 Uploader: ochang@google.com Job Type: linux_asan_pdfium Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash Address: 0x611000008a86 Crash State: CPDF_DIBSource::TranslateScanline24bpp CPDF_DIBSource::GetScanline CFX_DIBSource::Clone Recommended Security Severity: Medium Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_asan_pdfium&range=358529:358530 Minimized Testcase (0.78 Kb): https://cluster-fuzz.appspot.com/download/AMIfv95wmXJOWR-J-EukRYzsQ_mw3sLJoNQ725AVrpv8zhhuVJyaXUXx-BzGap4DavBgUlCl7bu8MhCzdC8tpn6ZEHl73YdsZRfYNiXLYTg2yMhHGpNEtOI3Yd-GVhO4b3u9yMOX2iOw5YCgpL2slYz1NzxHg7KCFA See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.
,
Apr 12 2016
The following revision refers to this bug: https://pdfium.googlesource.com/pdfium.git/+/6a3521f049b35c801f124f1573718021a785ff6b commit 6a3521f049b35c801f124f1573718021a785ff6b Author: ochang <ochang@chromium.org> Date: Tue Apr 12 20:31:34 2016 Prevent an OOB access in CPDF_DIBSource::TranslateScanline24bpp if |m_Family| was RGB, the code assumed there were 3 components, which may not be the case. BUG= chromium:602046 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1877033003 [modify] https://crrev.com/6a3521f049b35c801f124f1573718021a785ff6b/core/fpdfapi/fpdf_render/fpdf_render_loadimage.cpp
,
Apr 12 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/96b1d62776fbe12940581493cb8537f2ba926bec commit 96b1d62776fbe12940581493cb8537f2ba926bec Author: ochang <ochang@chromium.org> Date: Tue Apr 12 23:12:38 2016 Roll PDFium e5984e9..461129e https://pdfium.googlesource.com/pdfium.git/+log/e5984e9..461129e BUG= 401189 , 601362 , 602046 TBR=tsepez@chromium.org Review URL: https://codereview.chromium.org/1878943005 Cr-Commit-Position: refs/heads/master@{#386844} [modify] https://crrev.com/96b1d62776fbe12940581493cb8537f2ba926bec/DEPS
,
Apr 12 2016
Let's start with M-51.
,
Apr 12 2016
,
Apr 12 2016
[Automated comment] DEPS changes referenced in bugdroid comments, needs manual review.
,
Apr 13 2016
,
Apr 13 2016
ClusterFuzz has detected this issue as fixed in range 386714:386879. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5751108923817984 Uploader: ochang@google.com Job Type: linux_asan_pdfium Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash Address: 0x611000008a86 Crash State: CPDF_DIBSource::TranslateScanline24bpp CPDF_DIBSource::GetScanline CFX_DIBSource::Clone Recommended Security Severity: Medium Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_asan_pdfium&range=358529:358530 Fixed: https://cluster-fuzz.appspot.com/revisions?job=linux_asan_pdfium&range=386714:386879 Minimized Testcase (0.78 Kb): https://cluster-fuzz.appspot.com/download/AMIfv95wmXJOWR-J-EukRYzsQ_mw3sLJoNQ725AVrpv8zhhuVJyaXUXx-BzGap4DavBgUlCl7bu8MhCzdC8tpn6ZEHl73YdsZRfYNiXLYTg2yMhHGpNEtOI3Yd-GVhO4b3u9yMOX2iOw5YCgpL2slYz1NzxHg7KCFA See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Apr 18 2016
Merge approved for M51 (branch 2704)
,
Apr 18 2016
Please merge your change to M51 branch 2704 ASAP (before 6:00 PM PST, today) so we can take it in for M51 last Dev release tomorrow.
,
Apr 18 2016
The following revision refers to this bug: http://goto.ext.google.com/viewvc/chrome-internal?view=rev&revision=86732 ------------------------------------------------------------------ r86732 | ochang@google.com | 2016-04-18T19:53:43.499907Z -----------------------------------------------------------------
,
May 24 2016
,
Jul 20 2016
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Oct 1 2016
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Oct 2 2016
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Oct 2 2016
,
Aug 11 2017
,
Apr 25 2018
,
Jan 4
|
|||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||
Comment 1 by kenrb@chromium.org
, Apr 10 2016Labels: Security_Severity-Medium Security_Impact-Stable M-50 OS-All Pri-1
Owner: och...@chromium.org
Status: Assigned (was: Unconfirmed)