chromium: multiple issues

• CVE-2016-1696 (cross-origin bypass):

Cross-origin bypass in Extension bindings. Credit to anonymous.

• CVE-2016-1697 (cross-origin bypass):

Cross-origin bypass in Blink. Credit to Mariusz Mlynski.

• CVE-2016-1698 (information leakage):

Information leak in Extension bindings. Credit to Rob Wu.

• CVE-2016-1699 (parameter sanitization failure):

Parameter sanitization failure in DevTools. Credit to Gregory Panakkal.

• CVE-2016-1700 (use-after-free):

Use-after-free in Extensions. Credit to Rob Wu.

• CVE-2016-1701 (use-after-free):

Use-after-free in Autofill. Credit to Rob Wu.

• CVE-2016-1702 (out-of-bounds read):

Out-of-bounds read in Skia. Credit to cloudfuzzer.

• CVE-2016-1703:

Various fixes from internal audits, fuzzing and other initiatives.