From ${URL} : Description Multiple vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system. 1) The application bundles a vulnerable version of the Adobe Flash Player. For more information: SA58074 2) A use-after-free error exists in WebSockets. 3) An integer overflow error exists in DOM ranges. 4) A use-after-free error exists in editing. Successful exploitation of the vulnerabilities #2 through #4 may allow execution of arbitrary code. The vulnerabilities are reported in versions prior to 34.0.1847.137. Solution: Update to version 34.0.1847.137. Provided and/or discovered by: The vendor credits: 2) Collin Payne. 3) John Butler. 4) cloudfuzzer. Original Advisory: http://googlechromereleases.blogspot.com/2014/05/stable-channel-update.html @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
www-client/chromium-34.0.1847.137 is in the tree. Please stabilize.
Arches, please test and mark stable: =www-client/chromium-34.0.1847.137 Target Keywords : "amd64 x86" Thank you!
amd64 stable
CVE-2014-1742 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1742): Use-after-free vulnerability in the FrameSelection::updateAppearance function in core/editing/FrameSelection.cpp in Blink, as used in Google Chrome before 34.0.1847.137, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper RenderObject handling. CVE-2014-1741 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1741): Multiple integer overflows in the replace-data functionality in the CharacterData interface implementation in core/dom/CharacterData.cpp in Blink, as used in Google Chrome before 34.0.1847.137, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to ranges. CVE-2014-1740 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1740): Multiple use-after-free vulnerabilities in net/websockets/websocket_job.cc in the WebSockets implementation in Google Chrome before 34.0.1847.137 allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to WebSocketJob deletion.
x86 stable. Added to existing glsa draft. @maintainers, cleanup, please.
Cleanup for this bug done.
This issue was resolved and addressed in GLSA 201408-16 at http://security.gentoo.org/glsa/glsa-201408-16.xml by GLSA coordinator Kristian Fiskerstrand (K_F).
