Release notes: http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html At this moment we have no CVE numbers for the vulnerabilities described here. Synopsis: Multiple vulnerabilities have been reported in Chromium, some of which may allow user-assisted execution of arbitrary code within the confines of the sandbox. Impact: A remote attacker could entice a user to visit a specially-crafted web page that would trigger one of the vulnerabilities, leading to execution of arbitrary code within confines of the sandbox, or a Denial of Service. This release also fixes a URL bar spoofing attack (unspecified details). There are some more vulnerabilities of unspecified impact, but none of them is critical: [$500] [63732] High Crash with javascript dialogs. [64-bit Linux only] [70376] Medium Out-of-bounds read in pickle deserialization. [72214] High Accidental exposure of internal extension functions. Arches, please test and mark stable: =www-client/chromium-9.0.597.107
amd64 done
x86 done. Closing.
Thanks, folks. Would it be possible bump chromium-bin too?
(In reply to comment #3) > Thanks, folks. Would it be possible bump chromium-bin too? chromium-bin is masked for removal. I think we should proceed with the GLSA request.
(In reply to comment #4) > (In reply to comment #3) > > Thanks, folks. Would it be possible bump chromium-bin too? > > chromium-bin is masked for removal. I think we should proceed with the GLSA > request. > Sounds good, thank you. Added to existing GLSA request.
This issue was resolved and addressed in GLSA 201111-01 at http://security.gentoo.org/glsa/glsa-201111-01.xml by GLSA coordinator Alex Legler (a3li).
CVE-2011-1125 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1125): Google Chrome before 9.0.597.107 does not properly perform layout, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." CVE-2011-1124 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1124): Use-after-free vulnerability in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to blocked plug-ins. CVE-2011-1123 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1123): Google Chrome before 9.0.597.107 does not properly restrict access to internal extension functions, which has unspecified impact and remote attack vectors. CVE-2011-1122 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1122): The WebGL implementation in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, aka Issue 71960. CVE-2011-1121 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1121): Integer overflow in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a TEXTAREA element. CVE-2011-1120 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1120): The WebGL implementation in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, aka Issue 71717. CVE-2011-1119 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1119): Google Chrome before 9.0.597.107 does not properly determine device orientation, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." CVE-2011-1118 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1118): Google Chrome before 9.0.597.107 does not properly handle TEXTAREA elements, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted HTML document. CVE-2011-1117 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1117): Google Chrome before 9.0.597.107 does not properly handle XHTML documents, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale nodes." CVE-2011-1116 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1116): Google Chrome before 9.0.597.107 does not properly handle SVG animations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." CVE-2011-1115 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1115): Google Chrome before 9.0.597.107 does not properly render tables, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." CVE-2011-1114 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1114): Google Chrome before 9.0.597.107 does not properly handle tables, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node." CVE-2011-1113 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1113): Google Chrome before 9.0.597.107 on 64-bit Linux platforms does not properly perform pickle deserialization, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2011-1112 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1112): Google Chrome before 9.0.597.107 does not properly perform SVG rendering, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors. CVE-2011-1111 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1111): Google Chrome before 9.0.597.107 does not properly implement forms controls, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors. CVE-2011-1110 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1110): Google Chrome before 9.0.597.107 does not properly implement key frame rules, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." CVE-2011-1109 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1109): Google Chrome before 9.0.597.107 does not properly process nodes in Cascading Style Sheets (CSS) stylesheets, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." CVE-2011-1108 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1108): Google Chrome before 9.0.597.107 does not properly implement JavaScript dialogs, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted HTML document. CVE-2011-1107 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1107): Unspecified vulnerability in Google Chrome before 9.0.597.107 allows remote attackers to spoof the URL bar via unknown vectors.