ASA-201712-8 log generated external raw

[ASA-201712-8] chromium: cross-site scripting
Arch Linux Security Advisory ASA-201712-8 ========================================= Severity: High Date : 2017-12-16 CVE-ID : CVE-2017-15429 Package : chromium Type : cross-site scripting Remote : Yes Link : Summary ======= The package chromium before version 63.0.3239.108-1 is vulnerable to cross-site scripting. Resolution ========== Upgrade to 63.0.3239.108-1. # pacman -Syu "chromium>=63.0.3239.108-1" The problem has been fixed upstream in version 63.0.3239.108. Workaround ========== None. Description =========== A universal XSS has been found in the V8 component of the Chromium browser before 63.0.3239.108. Impact ====== A remote attacker can inject Javascript code via a universal cross-site scripting flaw. References ==========