Universal XSS in Blink.
Script injection in extensions.
Use after free in Blink.
Use after free in PDFium.
Heap overflow in PDFium.
Use after destruction in Blink.
Address bar spoofing.
Use after free in event bindings.
Extensions web accessible resources bypass.
Type confusion in Blink.
Universal XSS using DevTools.
Script injection in DevTools.
SMB Relay Attack via Save Page As.
Various fixes from internal audits, fuzzing and other initiatives.
access.redhat.com/security/cve/CVE-2016-5147
access.redhat.com/security/cve/CVE-2016-5148
access.redhat.com/security/cve/CVE-2016-5149
access.redhat.com/security/cve/CVE-2016-5150
access.redhat.com/security/cve/CVE-2016-5151
access.redhat.com/security/cve/CVE-2016-5152
access.redhat.com/security/cve/CVE-2016-5153
access.redhat.com/security/cve/CVE-2016-5154
access.redhat.com/security/cve/CVE-2016-5155
access.redhat.com/security/cve/CVE-2016-5156
access.redhat.com/security/cve/CVE-2016-5157
access.redhat.com/security/cve/CVE-2016-5158
access.redhat.com/security/cve/CVE-2016-5159
access.redhat.com/security/cve/CVE-2016-5160
access.redhat.com/security/cve/CVE-2016-5161
access.redhat.com/security/cve/CVE-2016-5162
access.redhat.com/security/cve/CVE-2016-5163
access.redhat.com/security/cve/CVE-2016-5164
access.redhat.com/security/cve/CVE-2016-5165
access.redhat.com/security/cve/CVE-2016-5166
access.redhat.com/security/cve/CVE-2016-5167
googlechromereleases.blogspot.fr/2016/08/stable-channel-update-for-