Cross-origin bypass in Extension bindings. Credit to anonymous.
Cross-origin bypass in Blink. Credit to Mariusz Mlynski.
Information leak in Extension bindings. Credit to Rob Wu.
Parameter sanitization failure in DevTools. Credit to Gregory Panakkal.
Use-after-free in Extensions. Credit to Rob Wu.
Use-after-free in Autofill. Credit to Rob Wu.
Out-of-bounds read in Skia. Credit to cloudfuzzer.
Various fixes from internal audits, fuzzing and other initiatives.
googlechromereleases.blogspot.fr/2016/06/stable-channel-update.html
access.redhat.com/security/cve/CVE-2016-1696
access.redhat.com/security/cve/CVE-2016-1697
access.redhat.com/security/cve/CVE-2016-1698
access.redhat.com/security/cve/CVE-2016-1699
access.redhat.com/security/cve/CVE-2016-1700
access.redhat.com/security/cve/CVE-2016-1701
access.redhat.com/security/cve/CVE-2016-1702
access.redhat.com/security/cve/CVE-2016-1703