Release notes in URL.
Please stabilize on amd64 and x86. =www-client/chromium-31.0.1650.48
Adding amd64 to arches list (not added originally)
x86 stable
amd64 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one.
(In reply to Yury German from comment #2) > Adding amd64 to arches list (not added originally) You don't need to do that for chromium bugs. Check the stable liaison instead: http://www.gentoo.org/proj/en/desktop/chromium/#doc_chap3
CVE-2013-6628 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6628): net/socket/ssl_client_socket_nss.cc in the TLS implementation in Google Chrome before 31.0.1650.48 does not ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotiation, which might allow remote web servers to interfere with trust relationships by renegotiating a session. CVE-2013-6627 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6627): net/http/http_stream_parser.cc in Google Chrome before 31.0.1650.48 does not properly process HTTP Informational (aka 1xx) status codes, which allows remote web servers to cause a denial of service (out-of-bounds read) via a crafted response. CVE-2013-6626 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6626): The WebContentsImpl::AttachInterstitialPage function in content/browser/web_contents/web_contents_impl.cc in Google Chrome before 31.0.1650.48 does not cancel JavaScript dialogs upon generating an interstitial warning, which allows remote attackers to spoof the address bar via a crafted web site. CVE-2013-6625 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6625): Use-after-free vulnerability in core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 31.0.1650.48, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of DOM range objects in circumstances that require child node removal after a (1) mutation or (2) blur event. CVE-2013-6624 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6624): Use-after-free vulnerability in Google Chrome before 31.0.1650.48 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving the string values of id attributes. CVE-2013-6623 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6623): The SVG implementation in Blink, as used in Google Chrome before 31.0.1650.48, allows remote attackers to cause a denial of service (out-of-bounds read) by leveraging the use of tree order, rather than transitive dependency order, for layout. CVE-2013-6622 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6622): Use-after-free vulnerability in the HTMLMediaElement::didMoveToNewDocument function in core/html/HTMLMediaElement.cpp in Blink, as used in Google Chrome before 31.0.1650.48, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving the movement of a media element between documents. CVE-2013-6621 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6621): Use-after-free vulnerability in Google Chrome before 31.0.1650.48 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the x-webkit-speech attribute in a text INPUT element. CVE-2013-2931 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2931): Multiple unspecified vulnerabilities in Google Chrome before 31.0.1650.48 allow attackers to execute arbitrary code or possibly have other impact via unknown vectors.
Thank you for all for cleanup. GLSA Request Filed
CVE-2013-6631 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6631): Use-after-free vulnerability in the Channel::SendRTCPPacket function in voice_engine/channel.cc in libjingle in WebRTC, as used in Google Chrome before 31.0.1650.48 and other products, allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via vectors that trigger the absence of certain statistics initialization, leading to the skipping of a required DeRegisterExternalTransport call. CVE-2013-6630 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6630): The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48 and other products, does not set all elements of a certain Huffman value array during the reading of segments that follow Define Huffman Table (DHT) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image. CVE-2013-6629 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6629): The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image.
This issue was resolved and addressed in GLSA 201403-01 at http://security.gentoo.org/glsa/glsa-201403-01.xml by GLSA coordinator Mikle Kolyada (Zlogene).
