Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 338204 - <www-client/chromium-6.0.472.62 multiple vulnerabilities (CVE-2010-{1822,3729,3730})
Summary: <www-client/chromium-6.0.472.62 multiple vulnerabilities (CVE-2010-{1822,3729...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
URL: http://googlechromereleases.blogspot....
Whiteboard: B2 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2010-09-20 16:27 UTC by Paweł Hajdan, Jr. (RETIRED)
Modified: 2012-09-11 00:01 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2010-09-20 16:27:19 UTC
See the release notes at http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_17.html

Some details:

[$500] [55114] High Bad cast with malformed SVG. Credit to wushi of team 509.
[55119] Critical Buffer mismanagement in the SPDY protocol. Credit to Ron Ten-Hove of Google.
[$1000] [55350] High Cross-origin property pollution. Credit to Stefano Di Paola of MindedSecurity.

You can read more about the severity ratings at
http://sites.google.com/a/chromium.org/dev/developers/severity-guidelines . I
suggest to rate it B2 on the Gentoo scale.

Security, this bug sort of obsoletes bug #335750 (you now have 6
www-client/chromium bugs in the queue).

Arches, please test and stabilize. I'm sorry for a very short period since the last stabilization, but I just follow the upstream releases. Fortunately, the number of changes is very small.
Comment 1 Richard Freeman gentoo-dev 2010-09-22 12:27:23 UTC
amd64 stable

(a very small number of changes, and several hours of compiling, later...)
Comment 2 Andreas Schürch gentoo-dev 2010-09-23 05:40:38 UTC
I tested it on x86, it looks good to go over here!
Comment 3 David Abbott (RETIRED) gentoo-dev 2010-09-24 22:28:26 UTC
+1 x86
Comment 4 Markus Meier gentoo-dev 2010-09-26 09:15:37 UTC
x86 stable, all arches done.
Comment 5 Tim Sammut (RETIRED) gentoo-dev 2010-10-02 15:22:58 UTC
GLSA with bug 326717.
Comment 6 Tobias Heinlein (RETIRED) gentoo-dev 2010-12-18 00:06:50 UTC
GLSA 201012-01, thanks everyone.
Comment 7 GLSAMaker/CVETool Bot gentoo-dev 2012-09-11 00:01:53 UTC
CVE-2010-3730 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3730):
  Google Chrome before 6.0.472.62 does not properly use information about the
  origin of a document to manage properties, which allows remote attackers to
  have an unspecified impact via a crafted web site, related to a "property
  pollution" issue.

CVE-2010-3729 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3729):
  The SPDY protocol implementation in Google Chrome before 6.0.472.62 does not
  properly manage buffers, which might allow remote attackers to execute
  arbitrary code via unspecified vectors.

CVE-2010-1822 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1822):
  WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3 and
  Google Chrome before 6.0.472.62, does not properly perform a cast of an
  unspecified variable, which allows remote attackers to execute arbitrary
  code or cause a denial of service (application crash) via an SVG element in
  a non-SVG document.